Jump to content


Photo

Reintroducing Kernel Patching - Nkpatcher


  • Please log in to reply
447 replies to this topic

#1 rmenhal

rmenhal

    X-S Senior Member

  • Members
  • PipPip
  • 254 posts
  • Xbox Version:unk
  • 360 version:unknown

Posted 20 June 2004 - 05:36 PM

Nkpatcher can be used as an alternative to Phoenix Bios Loader in connection with exploits such as UXE or one of the game save exploits. PBL loads a completely new bios into memory while nkpatcher merely patches the existing kernel. The existing kernel must be one of the MS Xbox retail kernels, unpatched except possibly for having a slightly modified RSA public key which is used to verify signatures in Xbox executables.

Summary of nkpatcher 8.1 features:

* Works with retail kernels 3944 - 5838

* Run unsigned code

* Partition 6 / F drive (up to 137 GB)

* Eject trick/fix with options:
- no reset on eject for hard drive loaded XBEs, with options:
* reset on eject CD/DVD loaded XBEs based on a flag in the XBE header
* always reset on eject CD/DVD loaded XBEs
- never reset on eject for either of hard drive or CD/DVD loaded XBEs

* In-Game Reset, with options:
- Boot to dashboard instead of the usual DVD-first-then-dashboard -sequence
- Full reboot mode resets to the X logo screen, works better with
e.g. Soul Calibur 2, but getting back to dashboard takes longer
- Selectable master port, only allow IGR from the game pad attached to the
user configured port number

* Xbox Live blocking, prevents Live aware games from connecting to the Live
service which would result in a ban

* Automatic or user selectable game region set

* Virtual C drive, use a 500 MB file, for example e:\shadowc\shadowc.img, as
a C drive instead of the real C drive

* Virtual CD/DVD drive, play games directly from ISO images on the hard drive.


Summary of those features mentioned in http://www.xbox-scen...ios_retail.html

* originals
* original imports
* unsigned code
* debug xbe
* backups
* disable Xlive, optional
* macrovision off
* no-patch hack
* no-patch hack2
* eject trick, optional
* eject fix, optional
* HDD swap
* F/E boot v1, optional
* change bootfile v1, optional
* IGR to dash b, optional
* IGR to game, optional
* disable IGR, optional
* Xbox v1.0 - v1.6b


Below is the original post (at the time of nkpatcher 4):

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Replacing the running kernel on Xboxes with kernel 5530 or higher doesn't work through the regular Phoenix BIOS Loader (PBL) and Bootable From Media (BFM) BIOS images - a fact of which owners of such boxes are painfully aware. Nkpatcher is proposed as a simple and temporary solution to the problem. The feature set is very limited and inferior to BIOSes such as Xecuter X2.

Currently nkpatcher has the following features:
* Runs unsigned code - no more signing everything with xbedump
* Support for F drive (hard disk size limited to about 137 GB = 2^37 bytes)
* Eject fix

The code section below contains the source code and a habibi-signed XBE for nkpatcher. Running this XBE patches the kernel in memory to make the aforementioned features come to life. After that nkpatcher executes C:\evoxdash.xbe which is the executable of your favorite dashboard. Where users of pre-5530 Xboxes would run PBL, nkpatcher can be used instead.

Although nkpatcher can be used with any dashboard/game-save exploit (remember to font-sign nkpatcher.xbe if you still use some of the old font exploits!), it is best used in conjunction with the Ultimate Dashboard Exploit (UDE). You should get the latest fonts and preferably use the specific font for 5530 (bert_ate_ernie-5530-01.xtf). Install UDE following the instructions in the UDE thread and then copy nkpatcher.xbe from the tarball below to E:\default.xbe. Remember to place the executable of your favorite dashboard to C:\evoxdash.xbe.

Nkpatcher actually supports also kernels 5101, 5530, 5713 and 5838. The code is based on the kernel 4034 patches used in Complex !Loader. Kernel 5713+ users won't be able to use any dashboard exploit such as UDE, but could use a game-save exploit if they wish.

EDIT: updated to nkpatcher4. Just a minor bug-fix (the kernel patches weren't changed and there are no new features.)

EDIT2: update to nkpatcher5. Added more patching. Now it also runs debug xbes. Games that didn't work with previous versions, may work now. The Complex !Loader patches for < 5101 kernels were scrapped and re-made similar to the >=5101 patches. Nkpatcher should now behave similarly with all kernels (3944, 4034, 4627, 4817, 5101, 5530, 5713, 5838). Nkpatcher4 (to be removed) is still included below, because I altered the patching code a lot and may have introduced silly bugs.

EDIT3: update to nkpatcher6 and removed nkpatcher4. No new features, only a minor fix to 5713 and 5838. Added a new compile-time option: by default, nkpatcher boots C:\evoxdash.xbe. If you compile nkpatcher with the command-line option -dNORMAL_BOOT_SEQ, nkpatcher boots D:\default.xbe first then the dash. Remember to sign the xbe after compiling.

EDIT4: nkpatcher7 is a rather big feature upgrade; nicer eject-trick, IGR and Live blocking.

EDIT 13/12/2004:
I proudly present nkpatcher 8. smile.gif It has these two novel features in addition to nkpatcher 7:
* Virtual/shadow C drive. No hassle with fonts or trouble with dashboard updates as long as you loaded nkpatcher.
* Virtual CD/DVD drive. You can attach .iso files on the hard drive as game discs.
(I wanted to do this interesting stuff first. smile.gif Oz_paulb's LBA48 code will appear in nkpatcher 9.)

Now too large to post here - see xbins!

Edited by rmenhal, 21 December 2004 - 07:59 PM.


#2 mkjones

mkjones

    X-S Freak

  • Members
  • PipPipPipPipPip
  • 1,427 posts

Posted 20 June 2004 - 09:01 PM

This looks pretty dam good man wink.gif well done...

#3 devz3ro

devz3ro

    X-S X-perience

  • Moderator
  • PipPip
  • 348 posts
  • Xbox Version:unk

Posted 21 June 2004 - 03:56 AM

After reading rmenhal's post I decided to give Crimson Skies a try. Didn't work on PBL, so why not try it on this. After crossing fingers and hoping, to my suprise it actually does. Now I have not tried any missions or anything to see if it would freeze in the game or not so you guys will have to figure that out. Post more about counterstrike and other games that did not work on PBL if anyone gets the chance to test it out.

I also found with this the nkpatcher, Top spin starts to work, but when it starts to load the main menu, the xbox reboots (after TSOP up to 5530 + newest fonts without scraps.xtf <--- should it matter?) sad.gif.

P.S. rmenhal, this does not boot DVDRs directly, (using K:5101 PBL does boot directly for some reason, possibly a jump / rest needed?) the xbox keeps rebooting with a backup inside. I guess you would need a backup to do any development on this issue sad.gif. This is not that important as you can just boot with the tray open then close once your desired Dashboard is completely loaded.

Oh yes, forgot to add that this *does* work with the s-video cable, another plus over PBL 1.4.1 smile.gif.

-devz3ro

http://sh0x.tk/

Edited by devz3ro, 21 June 2004 - 04:51 AM.


#4 anjilslaire

anjilslaire

    X-S Freak

  • Members
  • PipPipPipPipPip
  • 1,176 posts
  • Location:/home/laire
  • Interests:duh...I'm here, aren't I?
  • Xbox Version:v1.0
  • 360 version:v5.0 (360S - trinity)

Posted 21 June 2004 - 04:06 AM

QUOTE (devz3ro @ Jun 20 2004, 09:56 PM)
Post more about counterstrike and other games that did not work on PBL if anyone gets the chance to test it out.


Strange. I've never had a problem running Counter-Strike with pbl. Morden's v3 worked perfectly with it. Granted, I haven't tried it with UDE, yet...

#5 chimpanzee

chimpanzee

    X-S Freak

  • Members
  • PipPipPipPipPip
  • 1,020 posts

Posted 21 June 2004 - 04:20 AM

If it is launched from game hack, will the eject fix still work ? I read over the xbox-linux thread that once it is set(by the game), there is no way to revert it.

#6 devz3ro

devz3ro

    X-S X-perience

  • Moderator
  • PipPip
  • 348 posts
  • Xbox Version:unk

Posted 21 June 2004 - 04:21 AM

anjilslaire,

Sorry, maybe it was another game. For some reason I recall reading that crimson skies and counterstrike did not work with PBL 1.4.1. Maybe it was another game, I'm way too tried to find out which one is correct. Please correct me if you do find out / know.

Thanks

-devz3ro

http://sh0x.tk/

Edited by devz3ro, 21 June 2004 - 04:25 AM.


#7 devz3ro

devz3ro

    X-S X-perience

  • Moderator
  • PipPip
  • 348 posts
  • Xbox Version:unk

Posted 21 June 2004 - 04:23 AM

QUOTE (chimpanzee @ Jun 21 2004, 06:20 AM)
If it is launched from game hack, will the eject fix still work ? I read over the xbox-linux thread that once it is set(by the game), there is no way to revert it.

ROE will be enabled, there is a bunch of threads explaining how and why. Our search is down, please stand by while we try and do our best to fix smile.gif.

-devz3ro

http://sh0x.tk/

#8 rmenhal

rmenhal

    X-S Senior Member

  • Members
  • PipPip
  • 254 posts
  • Xbox Version:unk
  • 360 version:unknown

Posted 21 June 2004 - 05:26 AM

QUOTE (devz3ro @ Jun 21 2004, 05:56 AM)
I also found with this the nkpatcher, Top spin starts to work, but when it starts to load the main menu, the xbox reboots (after TSOP up to 5530 + newest fonts without scraps.xtf <--- should it matter?) sad.gif.

Scraps.xtf doesn't matter if you use the 1974272-byte update.xbe. It doesn't matter with the 1914880-byte version either if UDE boots without it (but using it with that is advisable).

Currently nkpatcher doesn't do much more than skip the signature setting. Can you try signing your dashboard and the game and running without nkpatcher? If it works that way, then there's definately something wrong with nkpatcher.

QUOTE
P.S. rmenhal, this does not boot DVDRs directly, (using K:5101 PBL does boot directly for some reason, possibly a jump / rest needed?) the xbox keeps rebooting with a backup inside. I guess you would need a backup to do any development on this issue sad.gif. This is not that important as you can just boot with the tray open then close once your desired Dashboard is completely loaded.


The kernel is patched while it's running - some clash with that, I guess.

QUOTE
Oh yes, forgot to add that this *does* work with the s-video cable, another plus over PBL 1.4.1


Such problems could be fixed by commenting out all video output code from PBL and recompiling, though. If video code was added to nkpatcher, there might be similar problems.


#9 devz3ro

devz3ro

    X-S X-perience

  • Moderator
  • PipPip
  • 348 posts
  • Xbox Version:unk

Posted 21 June 2004 - 05:40 AM

QUOTE (rmenhal @ Jun 21 2004, 07:26 AM)
Such problems could be fixed by commenting out all video output code from PBL and recompiling, though. If video code was added to nkpatcher, there might be similar problems.

PBL 1.3.5i does support s-video, just the focus support isn't there (flicker until bios is loaded). Is it possible that Yoshi messed something up when adding the focus support? Or does s-video have to die in order for focus to live?

-devz3ro

http://sh0x.tk/

#10 SeanicTheHedgehog

SeanicTheHedgehog

    X-S Member

  • Members
  • Pip
  • 86 posts

Posted 21 June 2004 - 05:57 AM

I'd love to see more development on the nkpatcher, but I dont think anyone wants to pick up this project...

#11 Australian Rat

Australian Rat

    X-S X-perience

  • Members
  • PipPip
  • 308 posts
  • Xbox Version:v1.0
  • 360 version:v3.0 (falcon)

Posted 21 June 2004 - 07:45 AM

This should be announced on the main xbox-scene page shouldn't it? I mean, this is big news for anyone who doesn't already know.

I don't think the UDE was ever formally announced either... shouldn't that be mentioned so people using dangerous fonts know to switch?

#12 brianforever

brianforever

    X-S Member

  • Members
  • Pip
  • 98 posts

Posted 21 June 2004 - 08:12 AM

QUOTE (devz3ro @ Jun 21 2004, 05:56 AM)
After reading rmenhal's post I decided to give Crimson Skies a try. Didn't work on PBL, so why not try it on this. After crossing fingers and hoping, to my suprise it actually does. Now I have not tried any missions or anything to see if it would freeze in the game or not so you guys will have to figure that out. Post more about counterstrike and other games that did not work on PBL if anyone gets the chance to test it out.

I also found with this the nkpatcher, Top spin starts to work, but when it starts to load the main menu, the xbox reboots (after TSOP up to 5530 + newest fonts without scraps.xtf <--- should it matter?) sad.gif.

P.S. rmenhal, this does not boot DVDRs directly, (using K:5101 PBL does boot directly for some reason, possibly a jump / rest needed?) the xbox keeps rebooting with a backup inside. I guess you would need a backup to do any development on this issue sad.gif. This is not that important as you can just boot with the tray open then close once your desired Dashboard is completely loaded.

Oh yes, forgot to add that this *does* work with the s-video cable, another plus over PBL 1.4.1 smile.gif.

-devz3ro

http://sh0x.tk/

Strange that you had probs using s-video with PBL 1.4.1 I m running 2 of my softmodded xboxes with the s-video & all my other friends have np with it too

& Also I ve Completed the 2 CSs with no problems at all & So far had never had a Problem with any Games running on PBL 1.4.1



#13 devz3ro

devz3ro

    X-S X-perience

  • Moderator
  • PipPip
  • 348 posts
  • Xbox Version:unk

Posted 21 June 2004 - 08:28 AM

QUOTE (brianforever @ Jun 21 2004, 10:12 AM)
Strange that you had probs using s-video with PBL 1.4.1 I m running 2 of my softmodded xboxes with the s-video & all my other friends have np with it too

& Also I ve Completed the 2 CSs with no problems at all & So far had never had a Problem with any Games running on PBL 1.4.1

Are you sure it was PBL 1.4.1 and not PBL 1.3.5i? There are lots of people on this board that have the same problem with s-video not being compatible with PBL 1.4.1 and crimson skies not working with it also.

Ex. http://forums.xbox-s...howtopic=184082
Ex. http://forums.xbox-s...howtopic=186277

Just like krayzie I did not encounter any problems without the s-video. I am using the Monster s-video btw.

-devz3ro

http://sh0x.tk/

#14 krayzie

krayzie

    X-S Elysian

  • Head Moderators
  • PipPipPipPipPipPipPipPipPipPipPipPipPip
  • 9,340 posts
  • Gender:Male
  • Xbox Version:unk
  • 360 version:unknown

Posted 21 June 2004 - 03:50 PM

I also heard that PAL xboxes have less problems using s-video as long as they are M$ cables. I have a PAL box but i don't use s-video so I cannot verify.

#15 Angerwound

Angerwound

    X-S Freak

  • Members
  • PipPipPipPipPip
  • 1,719 posts
  • Location:Hell
  • Xbox Version:v1.0
  • 360 version:none

Posted 21 June 2004 - 03:55 PM

Excellant job rmenhal, thought this might get it's own thread sooner or later, anyhow, you might include a history of nkpatcher. IE: that way people with nkpatcher1 or 2 will know to upgrade to 3 and what new features were added etc...




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users