Jump to content


Photo

Xbox Live Packet Capture


  • Please log in to reply
10 replies to this topic

#1 jhan

jhan

    X-S Enthusiast

  • Members
  • 7 posts

Posted 16 February 2003 - 04:54 AM

Forgive me if this has already been talked about. I did a search and did not find anything.

After finding out one of my Xbox was banned (I've yet to figure out how), I decided to do some test to see what Xbox sends out through the network, and here is what I found:

Banned Xbox:
1. Booting to xboxdash
- DHCP requests

2. Goto Xbox Live section
- DHCP requests again
- DNS query for MACS.XBOXLIVE.COM
- sends a few kerberos packets to MACS.XBOXLIVE.COM (207.46.247.48)
-- name: [my serial number]
-- realm: MACS.XBOXLIVE.COM
- message popup about problem with my network connection

Unbanned Xbox:
1. Booting to xboxdash
- DHCP requests
2. Goto Xbox Live section
- DHCP requests again

That was the end of it! Until I click on Network Setup, Connect, then I get:

- DNS query for AS.XBOXLIVE.COM (207.46.247.6)
- sends a few kerberos packets to AS.XBOXLIVE.COM
-- name: SN. [my serial number]@xbox.com
-- realm: PASSPORT.NET
- DNS query for TGS.XBOXLIVE.COM
- sends a few more kerberos packets to AS.XBOXLIVE.COM (CNAME for TGS.XBOXLIVE.COM)
- initiates bunch UDP@PORT3074 packets from my XBOX to AS.XBOXLIVE.COM

I then replaced the BANNED EEPROM with a friend's, and here is the result:
1. Booting to xboxdash
- DHCP requests
2. Goto Xbox Live section
- DHCP requests again
- DNS query for AS.XBOXLIVE.COM (207.46.247.6) (Instead of MACS.XBOXLIVE.COM)
- sends a few kerberos packets to AS.XBOXLIVE.COM
-- name: SN. [my serial number]@xbox.com
-- realm: PASSPORT.NET
- DNS query for TGS.XBOXLIVE.COM
- sends a few more kerberose packets to AS.XBOXLIVE.COM (CNAME for TGS.XBOXLIVE.COM)
- initiates bunch UDP@PORT3074 packets from my XBOX to AS.XBOXLIVE.COM

Rebooted the ex-BANNED xbox, I got the same results as UNBANNED xbox. This lead me to believe something is written to the hard drive when you are banned. Since the behavior is different between the banned, and unbanned. After I replaced the EEPROM, my BANNED xbox immediately went to AS.XBOXLIVE.COM instead of MACS.XBOXLIVE.COM which tells me the code is on the client side, not server side. Xboxdash knows the EEPROM information is new or different, and changed the authentication/login procedure, then 'UNBANNED' my xbox.

I would really like to hear someone else's comment on this. Thanks.



#2 shanafan

shanafan

    He Who Posts Alot...

  • Members
  • PipPipPipPipPipPipPipPipPipPipPipPipPipPipPip
  • 11,527 posts
  • Location:Michigan, USA
  • Xbox Version:v1.0
  • 360 version:v1 (xenon)

Posted 16 February 2003 - 05:01 AM

Good work, but nothing is written to your HD saying you are un/banned. Putting a new HD in an already banned Xbox will not get you unbanned. Your on-board EEPROM is what is banned.

#3 jhan

jhan

    X-S Enthusiast

  • Members
  • 7 posts

Posted 16 February 2003 - 05:04 AM

QUOTE (shanafan @ Feb 16 2003, 06:01 AM)
Good work, but nothing is written to your HD saying you are un/banned. Putting a new HD in an already banned Xbox will not get you unbanned. Your on-board EEPROM is what is banned.


Sorry. I mean something is written to your xbox, not hard drive. The EEPROM, perhaps?

#4 xMonoxide187x

xMonoxide187x

    X-S X-perience

  • Members
  • PipPip
  • 328 posts

Posted 16 February 2003 - 05:38 AM

Maybe the Xbox Live initiation checks the last known XYZ Code, and if its a banned one, it does the banned routine for a checkup...or something.

If that makes no sense, Sorry, I'm tired.

#5 Xenosis0

Xenosis0

    X-S Enthusiast

  • Members
  • 13 posts
  • Location:USA
  • Xbox Version:v1.3
  • 360 version:v5.0 (360S - trinity)

Posted 10 November 2009 - 07:02 PM

Good find and I think your onto something, except that if you were to revert the EEPROM in the previously banned console back to what it was originally storing, it will most likely be banned once again, but you should verify that first if you haven't already.

In the case that it remains corrected, congrats, you found the solution, but i doubt it is that simple to just swap the EEPROM to reset the ban flag.

It is interesting that it communicates differently just propagating from the xbox itself, but unless someone has a breakthrough and is able to edit the EEPROM of the banned console to communicate with the regular server, i don't think this is anything more than a temporary fix. Permanent should you choose to leave the EEPROM as the one cloned from your friends, but it has not yet been verified whether or not two identical xbox's can be played safely online. And it most likely is not.

#6 haqtiq

haqtiq

    X-S Enthusiast

  • Members
  • 25 posts

Posted 14 November 2009 - 01:59 AM

From my understanding.. you are basially saying that..

BANNED 360 "Remembers it was banned" in the EEPROM, and the UNBANNED 360 "Remembers that it can connect to live" thus bypassing the ban.

If this is correct then this is a huge find, more so for people with 6-7 mobo's like myself.

Either way, i'd like to see more results to see exactly what we can do with it.

Good Work.

#7 lordvader129

lordvader129

    He Who Posts Alot...

  • Head Moderators
  • PipPipPipPipPipPipPipPipPipPipPipPipPipPipPip
  • 17,743 posts
  • Gender:Male
  • Location:Chicago, USA
  • Xbox Version:v1.1
  • 360 version:v5.0 (360S - trinity)

Posted 14 November 2009 - 03:17 AM

QUOTE(haqtiq @ Nov 13 2009, 06:59 PM) View Post

From my understanding.. you are basially saying that..

BANNED 360 "Remembers it was banned" in the EEPROM, and the UNBANNED 360 "Remembers that it can connect to live" thus bypassing the ban.

If this is correct then this is a huge find, more so for people with 6-7 mobo's like myself.

Either way, i'd like to see more results to see exactly what we can do with it.

Good Work.

you do realize this thread is from over 6 years ago and refers to xbox1, right?

#8 wyldstallions

wyldstallions

    X-S Senior Member

  • Members
  • PipPip
  • 200 posts

Posted 14 November 2009 - 03:38 PM

would it not be possible to put a modifed static route or intenal dns entry into a router to redirect querys or packets inteded for macs..xboxlive.com to as.xboxlive.com.

I wouldn't think it will work tho.



#9 koffieleut

koffieleut

    X-S Enthusiast

  • Members
  • 2 posts

Posted 22 February 2010 - 02:28 AM

so from the point i'm seeing this,
If you are able to reed the rom which is needed to log in to xbox live, wou need to change some parameters like changing the host for xbox live which in this case is:
DNS MACS.XBOXLIVE.COM
IP 207.46.247.48 (isn't this your ip?)
realm: PASSPORT.NET
DNS query for TGS.XBOXLIVE.COM
sends a few more kerberose packets to AS.XBOXLIVE.COM (CNAME for TGS.XBOXLIVE.COM)
initiates bunch UDP@PORT3074 packets from my XBOX to AS.XBOXLIVE.COM

Ok there might be some way to change this code to an emulator.
but if you're doing this you will need a hell of a server.
And a hell of lawyer.

But if my college ended I will give it a go as a project like enb emulator and fuzziqer pso server.
But can anybody try to get the logging info completely from where you started, downloading and playing games on live?

I think a pc, a crossover cable and dr.DNS will make a great team.
Please PM the file, because I don't know if microsoft comes to this forum.
PS: is there anyway to get the latest firmware for xbox1 as a decrypted version?

I didn't do anything on xbox1 like writing homebrew or something so maybe its allready there, so please remind me if there is allready some kind of same project running.






#10 Hyper_Eye

Hyper_Eye

    X-S Expert

  • Members
  • PipPipPip
  • 595 posts
  • Gender:Male
  • Location:Huntsvegas, AL.
  • Xbox Version:v1.0
  • 360 version:v5.0 (360S - trinity)

Posted 23 February 2010 - 05:06 PM

If someone wants to reverse engineer the packet data for Xbox Live communication they had better intercept as much as they can before April while they can get a complete and accurate picture of what is needed to make the original Xbox work. I honestly don't think that the core of what is required would take an unreasonable amount of work. It is not a terribly complex service. You have a central login component, some bits about the user that are stored at the server including some account information and a friends list, a pretty simplistic messaging system, an equally simplistic voip component, for most games an also very simple master list feature, for some games a matchmaking component much of which may be library side, you have the p2p protocol that is used for a lot of games, and some other common stuff. The most complicated aspects of it are going to be replicating the handshaking between the Xbox and the service which can be potentially minimized since the consoles are all modded ones anyway (although it could be considered that there might be a way to do this so that name resolution changes are done apart from the console so that an unmodded console could participate but that would create a lot more pain.) So there will be some difficulty in cracking encryption and bypassing security (although MS has shown that they were pretty inept at developing reliable security or encryption schemes for the original Xbox) but the core of the service is made up of common components that are implemented in open-source applications up and down the internet lane.

The greater risk here is the potential for legal action on the part of MS. But I think that there could be a potential argument that MS stopped providing a core service for the original Xbox that was a large part of the products appeal and that the defendant simply stepped in to provide a replacement service. This sort of thing has happened a million times in the past. There are online games going way back that are playable online using something other than the original service provided. It has even been done with consoles as you can play PSO on the Dreamcast to this very day and that is because people in the community stepped up and replaced the discontinued service. Of course the best way to be immune from any legal issues is to have the service running in a country that isn't likely to entertain any legal disputes... a safe haven of sorts.

The alternative is that Live on the original Xbox goes the way of Sega Channel. How many of you remember that? I do. It was awesome. It is forever gone.

#11 Brooshop

Brooshop

    X-S Enthusiast

  • Members
  • 24 posts

Posted 02 March 2010 - 05:09 AM

QUOTE(Hyper_Eye @ Feb 23 2010, 06:06 PM) View Post

If someone wants to reverse engineer the packet data for Xbox Live communication they had better intercept as much as they can before April while they can get a complete and accurate picture of what is needed to make the original Xbox work. I honestly don't think that the core of what is required would take an unreasonable amount of work. It is not a terribly complex service. You have a central login component, some bits about the user that are stored at the server including some account information and a friends list, a pretty simplistic messaging system, an equally simplistic voip component, for most games an also very simple master list feature, for some games a matchmaking component much of which may be library side, you have the p2p protocol that is used for a lot of games, and some other common stuff. The most complicated aspects of it are going to be replicating the handshaking between the Xbox and the service which can be potentially minimized since the consoles are all modded ones anyway (although it could be considered that there might be a way to do this so that name resolution changes are done apart from the console so that an unmodded console could participate but that would create a lot more pain.) So there will be some difficulty in cracking encryption and bypassing security (although MS has shown that they were pretty inept at developing reliable security or encryption schemes for the original Xbox) but the core of the service is made up of common components that are implemented in open-source applications up and down the internet lane.

The greater risk here is the potential for legal action on the part of MS. But I think that there could be a potential argument that MS stopped providing a core service for the original Xbox that was a large part of the products appeal and that the defendant simply stepped in to provide a replacement service. This sort of thing has happened a million times in the past. There are online games going way back that are playable online using something other than the original service provided. It has even been done with consoles as you can play PSO on the Dreamcast to this very day and that is because people in the community stepped up and replaced the discontinued service. Of course the best way to be immune from any legal issues is to have the service running in a country that isn't likely to entertain any legal disputes... a safe haven of sorts.

The alternative is that Live on the original Xbox goes the way of Sega Channel. How many of you remember that? I do. It was awesome. It is forever gone.

pso days i help make that possible... "broomop" the best way to make this work is maybe removing the encryption totally for now or dumping it unencrypted so that you can at least make it easier to dump and make the server and then add your own crypt after.

Edited by Brooshop, 02 March 2010 - 05:10 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users