Jump to content


Photo

Live 2.0 Compatible Exploit


  • Please log in to reply
145 replies to this topic

#1 devz3ro

devz3ro

    X-S X-perience

  • Moderator
  • PipPip
  • 348 posts
  • Xbox Version:unk

Posted 19 May 2004 - 05:31 AM

First dashboard exploit that is Live 2.0 compatible

I found out how to use the dvd drive with the "Easter-egg" exploit smile.gif

Using the ST.DB track below

QUOTE

Copy this ST.DB like always to your /E/TDATA/fffe0000/music/ directory


Once you obtain my Double-dash package from "the usual places", there is only a small change you need to make while following my readme after upgrading your dashboard to the latest available.

That is:

QUOTE

Leave your /C/xodash/xonlinedash.xbe alone, do not rename or replace it. Instead go into your Xbox's /C/xboxdashdata.185ead00/ directory and rename your settings_adoc.xip to settings_adoc.bak, and transfer over the xonlinedash.xbe from the xodash directory in my package on your computer to the /C/xboxdashdata.185ead00/ directory on your Xbox and rename that to settings_adoc.xip



ST.DB

CODE

UmFyIRoHAM+QcwAADQAAAAAAAABMd3QggCUAXQIAAADMAAACAffrSwCIojAdNQUAIAAAAFNULkRC
CBlRVMy9HBH7Ja1UL+KVdLRGWui6qpCVCq2hFpJdFIHvX8mUqDWthHwoNLPCggh4R0Qhd6OhHQ6F
JsRCCDfwKg2bHTVBdNUaxYNUbRoVW+T7tpLJLT3ra0RHc3TndHenDvMzmfwn38jwzne94dzvecw+
+DM0ZhgZm/LR9BUwdz+HmR2t6jmykNVzJdVb8e86S+D0L68d13Gr76vRTNc87XxS6TT9dwhwzA+s
y+zK/xZ31c6m9SL7VJnl4T6oWeqLfmL71nC1Dc3UPVMnXbTxPUq1JOOd/CUuWXk4O6lZebD9OSpi
2dCtVrUGuxT4qZxJq1B3JVh50mctvDo3Oo3VyrMG2qOqSctZEXKkNrRdCV4Wppa/gyM7TEK+Pp0j
b7K7jSkhGmwfZLn1jcVvDZyex5XUbgd9qw7PqibxjkWttyXa+7Y6zWPzGJZQmMtH0hRqKFY3cCJS
6jAu4m6YzNYrVEl/CM/sLFmmmnqZjFhRKPpoX90XNstm1Z4vmNI+SptO8k0KZ1jKsZTLOjPrV4zD
zJjeitgtefveu8WHW+KgRjq60qlr+9delqMx0f/awKhzr9uEaX/AAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATx5Vw/f7IT52An6reffwr1foxOH1edfo/wE
/PWm2akz2V5aYW38F3i4l5254c2O9j+azzsCoc7QUJ4KdeInKsTV6mWwnphXHzlYf9hPZKj7QTz+
Rt4E9ayLeZLOYeRWN67oFMPwXG4ajyXou5Ku2oT9/wE+f0jEPXsAQAcA


I currently have this installed on the latest Xbox Live dashboard: "5960" and it works flawlessly.
NOTE: On a Halo SE Xbox with kernel 5101

Power up your Xbox & have the dvd drive open, then go to / perform the following:

1. MUSIC
2. Soundtrack (below AUDIO CD)
3. COPY
4. COPY
5. NEW SOUNDTRACK
6. Erase "Soundtrack 1" and type out: <<Eggsox>>

NOTE: from PedrosPad (Originally his idea)
Make sure you include the (less than, less than) symbols before and the (greater than, greater than) after. Also note the 'beta' character that is used for the B can be found under 'Accents'

After PBL starts loading, you may close the tray.

Edit #1: It will load the exploit, and corruption should not occur with this track. A bad keypress should not matter (possibly creating more of the same tracks if done wrong).

Edit #2: Replaced current ST.DB with rmenhal's. This didnt cause an extra track to be written when performing the exploit incorrectly smile.gif

-devz3ro

http://sh0x.tk/

Edited by devz3ro, 03 July 2004 - 10:12 PM.


#2 PedrosPad

PedrosPad

    X-S Freak

  • Moderator
  • PipPipPipPipPip
  • 1,859 posts
  • Location:UK
  • Xbox Version:v1.1
  • 360 version:v1 (xenon)

Posted 19 May 2004 - 06:03 AM

Glad you managed to make something from the idea.
Congrats. beerchug.gif

#3 PedrosPad

PedrosPad

    X-S Freak

  • Moderator
  • PipPipPipPipPip
  • 1,859 posts
  • Location:UK
  • Xbox Version:v1.1
  • 360 version:v1 (xenon)

Posted 19 May 2004 - 06:24 AM

QUOTE (devz3ro @ May 19 2004, 07:31 AM)
Also odd but interesting, the sountrack is named "<<Eggsox>>" but it shows up on a few of the screens as "<<EGGSSSOX>>". Could this be M$ thinking ahead of time?

More likely to be a localization flaw. The German '' character is pronounced and treated as 'SS'.

#4 Australian Rat

Australian Rat

    X-S X-perience

  • Members
  • PipPip
  • 308 posts
  • Xbox Version:v1.0
  • 360 version:v3.0 (falcon)

Posted 19 May 2004 - 06:29 AM

Maybe we should have waited until Live 3.0 was released biggrin.gif They probably would've overlooked this one then laugh.gif

Ah well nm, it would take all the fun out of finding new exploits.

Also, just a thought. Would it be possible to load the Live 2.0 dash using this exploit? It's just I'd rather have the 'Xbox Live' link on the dashboard go to the exploit but still be able to access the live dash with retail bios.

Then again, once the live dash was updated again, it would stuff up DD anyway... just a thought.

Edited by Australian Rat, 19 May 2004 - 06:32 AM.


#5 PedrosPad

PedrosPad

    X-S Freak

  • Moderator
  • PipPipPipPipPip
  • 1,859 posts
  • Location:UK
  • Xbox Version:v1.1
  • 360 version:v1 (xenon)

Posted 19 May 2004 - 06:33 AM

QUOTE (Australian Rat @ May 19 2004, 08:29 AM)
Maybe we should have waited until Live 3.0 was released biggrin.gif They probably would've overlooked this one then laugh.gif

Ah well nm, it would take all the fun out of finding new exploits.

True. I'm stunned. I was curious, but very pessmistic that this actually would fly on new XBOXs.

#6 rmenhal

rmenhal

    X-S Senior Member

  • Members
  • PipPip
  • 254 posts
  • Xbox Version:unk
  • 360 version:unknown

Posted 19 May 2004 - 07:17 AM

QUOTE (PedrosPad @ May 19 2004, 08:33 AM)
True. I'm stunned. I was curious, but very pessmistic that this actually would fly on new XBOXs.

While this discovery is very nice, I don't think it goes quite that far. Note that the easter egg executable is replaced with a pre 4920/live xboxdash.xbe. And we know that kernels 5713 or higher won't allow dash downgrades.

Actually - while I didn't bother to trace out the logic exactly - there's a new check in 5713's XBE loader. It checks the XBE certificate structure. If the title ID is 0xFFFE0000 (dash's ID), the kernel then checks the time and date field and anything prior to about Aug 5 2003 causes it to bail out. So dash 4920 and prior versions are out.


#7 PedrosPad

PedrosPad

    X-S Freak

  • Moderator
  • PipPipPipPipPip
  • 1,859 posts
  • Location:UK
  • Xbox Version:v1.1
  • 360 version:v1 (xenon)

Posted 19 May 2004 - 07:25 AM

QUOTE (rmenhal @ May 19 2004, 09:17 AM)
While this discovery is very nice, I don't think it goes quite that far. Note that the easter egg executable is replaced with a pre 4920/live xboxdash.xbe. And we know that kernels 5713 or higher won't allow dash downgrades.

QUOTE (devz3ro @ May 19 2004, 07:31 AM)
I currently have this installed on the latest Xbox Live dashboard: "5960" and it works flawlessly.
NOTE: On a Halo SE Xbox with kernel 5101
Thought this was one of the non-downgradable XBOXes. If not, you may be right - we'll have to wait for someone the the newest Kernel and Dashboard to try it.
QUOTE (rmenhal @ May 19 2004, 09:17 AM)
Actually - while I didn't bother to trace out the logic exactly - there's a new check in 5713's XBE loader. It checks the XBE certificate structure. If the title ID is 0xFFFE0000 (dash's ID), the kernel then checks the time and date field and anything prior to about Aug 5 2003 causes it to bail out. So dash 4920 and prior versions are out.

Let's hope the easter egg XBE doesn't have a title ID of 0xFFFE0000 (dash's ID). smile.gif

Edited by PedrosPad, 19 May 2004 - 07:29 AM.


#8 mkjones

mkjones

    X-S Freak

  • Members
  • PipPipPipPipPip
  • 1,427 posts

Posted 19 May 2004 - 09:02 AM

Finally! A way into the Live 2! dash

I can now work on a new package!

#9 PedrosPad

PedrosPad

    X-S Freak

  • Moderator
  • PipPipPipPipPip
  • 1,859 posts
  • Location:UK
  • Xbox Version:v1.1
  • 360 version:v1 (xenon)

Posted 19 May 2004 - 09:02 AM

From X-S news page: MS Dashboard Updated
QUOTE
Today (5/18/04) we are pushing a small update to the Xbox Dashboard. This update addresses a couple of backend issues (that I can't outline for security reasons.) There are no new features or enhancements that members will see as a result of this update. This is a a VERY small update...so small that many folks won't notice, but I know this group will. Thanks.


I wonder......

#10 digisatman

digisatman

    X-S Senior Member

  • XS-BANNED
  • PipPip
  • 225 posts
  • Xbox Version:unk

Posted 19 May 2004 - 09:56 AM

QUOTE (devz3ro @ May 19 2004, 07:31 AM)
First dashboard exploit that is Live 2.0 compatible

I found out how to use the dvd drive with the "Easter-egg" exploit smile.gif

Using the ST.DB track below



Once you obtain my Double-dash package from "the usual places", there is only a small change you need to make while following my readme after upgrading your dashboard to the latest available.

That is:



<<Eggsox>>

CODE

UmFyIRoHAM+QcwAADQAAAAAAAABMd3QggCUAXQIAAADMAAACAffrSwCIojAdNQUAIAAAAFNULkRC
CBlRVMy9HBH7Ja1UL+KVdLRGWui6qpCVCq2hFpJdFIHvX8mUqDWthHwoNLPCggh4R0Qhd6OhHQ6F
JsRCCDfwKg2bHTVBdNUaxYNUbRoVW+T7tpLJLT3ra0RHc3TndHenDvMzmfwn38jwzne94dzvecw+
+DM0ZhgZm/LR9BUwdz+HmR2t6jmykNVzJdVb8e86S+D0L68d13Gr76vRTNc87XxS6TT9dwhwzA+s
y+zK/xZ31c6m9SL7VJnl4T6oWeqLfmL71nC1Dc3UPVMnXbTxPUq1JOOd/CUuWXk4O6lZebD9OSpi
2dCtVrUGuxT4qZxJq1B3JVh50mctvDo3Oo3VyrMG2qOqSctZEXKkNrRdCV4Wppa/gyM7TEK+Pp0j
b7K7jSkhGmwfZLn1jcVvDZyex5XUbgd9qw7PqibxjkWttyXa+7Y6zWPzGJZQmMtH0hRqKFY3cCJS
6jAu4m6YzNYrVEl/CM/sLFmmmnqZjFhRKPpoX90XNstm1Z4vmNI+SptO8k0KZ1jKsZTLOjPrV4zD
zJjeitgtefveu8WHW+KgRjq60qlr+9delqMx0f/awKhzr9uEaX/AAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATx5Vw/f7IT52An6reffwr1foxOH1edfo/wE
/PWm2akz2V5aYW38F3i4l5254c2O9j+azzsCoc7QUJ4KdeInKsTV6mWwnphXHzlYf9hPZKj7QTz+
Rt4E9ayLeZLOYeRWN67oFMPwXG4ajyXou5Ku2oT9/wE+f0jEPXsAQAcA


I currently have this installed on the latest Xbox Live dashboard: "5960" and it works flawlessly.
NOTE: On a Halo SE Xbox with kernel 5101

Power up your Xbox & have the dvd drive open, then go to / perform the following:

1. MUSIC
2. Soundtrack (below AUDIO CD)
3. COPY
4. COPY
5. NEW SOUNDTRACK
6. Erase "Soundtrack 1" and type out: <<Eggsox>>

NOTE: from PedrosPad (Originally his idea)
Make sure you include the (less than, less than) symbols before and the (greater than, greater than) after. Also note the 'beta' character that is used for the B can be found under 'Accents'

After PBL starts loading, you may close the tray.

Edit #1: It will load the exploit, and corruption should not occur with this track. A bad keypress should not matter (possibly creating more of the same tracks if done wrong).

Edit #2: Replaced current ST.DB with rmenhal's. This didnt cause an extra track to be written when performing the exploit incorrectly smile.gif

-devz3ro

http://sh0x.tk/

so basically, its an audio exploit for people wanting to use live 2.0?

regards

Edited by devz3ro, 30 May 2004 - 04:47 AM.


#11 ldots

ldots

    X-S Freak

  • Members
  • PipPipPipPipPip
  • 1,496 posts

Posted 19 May 2004 - 10:35 AM

It's actually still a font exploit. It's just the audio copy function that is used to launch the easter egg which in this case is a pre-live dash that loads rmenhals fonts.
The new ST.DB just makes it unnessecary to insert an audio CD to tricker the easter egg - and it displays the <<Eggsox>> name in the "no-cd" soundtrack.

Edited by ldots, 19 May 2004 - 10:39 AM.


#12 digisatman

digisatman

    X-S Senior Member

  • XS-BANNED
  • PipPip
  • 225 posts
  • Xbox Version:unk

Posted 19 May 2004 - 10:38 AM

QUOTE (ldots @ May 19 2004, 12:35 PM)
It's actually still a font exploit. It's just the audio copy function that is used to launch the easter egg which in this case is a pre-live dash that loads rmenhals fonts.

is it for peeps who wanna use live 2.0?

I dont wanna use live, so should i stick double-dash exploit?

Or, is there a ROJ problem with this exploit?

Regards

thanks idots

#13 PedrosPad

PedrosPad

    X-S Freak

  • Moderator
  • PipPipPipPipPip
  • 1,859 posts
  • Location:UK
  • Xbox Version:v1.1
  • 360 version:v1 (xenon)

Posted 19 May 2004 - 11:09 AM

QUOTE (digisatman @ May 19 2004, 12:38 PM)
I dont wanna use live, so should i stick double-dash exploit?

Or, is there a ROJ problem with this exploit?


Both the easter egg and double-dash exploits suffer the ROJ issue.
Both the easter egg and double-dash exploits now have workarounds that allow the disks to be swapped (thx to devz3ro - see first post in this thread).

The audio, font, and double-dash exploits can't be used by people with the very latest Kernels that prevent dashboard downgrading. Tests are underway to see if they can now use this new easter egg exploit.

Edited by PedrosPad, 19 May 2004 - 11:18 AM.


#14 digisatman

digisatman

    X-S Senior Member

  • XS-BANNED
  • PipPip
  • 225 posts
  • Xbox Version:unk

Posted 19 May 2004 - 11:43 AM

QUOTE (PedrosPad @ May 19 2004, 01:09 PM)

Both the easter egg and double-dash exploits suffer the ROJ issue.
Both the easter egg and double-dash exploits now have workarounds that allow the disks to be swapped (thx to devz3ro - see first post in this thread).

The audio, font, and double-dash exploits can't be used by people with the very latest Kernels that prevent dashboard downgrading. Tests are underway to see if they can now use this new easter egg exploit.

QUOTE
double-dash exploits now have workarounds that allow the disks to be swapped


explain please

#15 rmenhal

rmenhal

    X-S Senior Member

  • Members
  • PipPip
  • 254 posts
  • Xbox Version:unk
  • 360 version:unknown

Posted 19 May 2004 - 12:12 PM

QUOTE (PedrosPad @ May 19 2004, 09:25 AM)
Let's hope the easter egg XBE doesn't have a title ID of 0xFFFE0000 (dash's ID). smile.gif

It doesn't matter what the title ID of the easter egg XBE is. It's the title ID and time/date of the XBE getting loaded that counts. And that's certainly dash's ID. So I don't think this will work on kernel 5713 or higher any better than dd does. (btw, all executables that come with dash seem to have that same ID.)





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users