I noticed that the exploit scene is relying very and maybe too much on automated installing software lately. I know nothing is easier then just load up a gamesave and let that do all the work for you but very basic questions keep coming up cuz people just don't know anything anymore on what a softmod exactly does.
So I made this little basic description/explanation for those wanting to know more about and get more insight in softmods. I will try to keep it as accessible as possible so even and maybe especially the supern00bz can pick up some info here.
Basicaly a complete softmod is built out of 3 things:
- the exploit
- the bios loader or kernel patcher
- a dashboard
A little more info on each of them.
The exploit: (AKA hack)
This is the most important part of the whole softmod. It allows you to run software that isn't signed with the M$ private key. (non official software)
3 known exploits are available at the moment. the audio hack, the font hack and the gamesave hack.
The audio hack can run non-official software by putting in some key combo in the msdash music player. The audio hack itself is considered obsolete since it only works on older dashes and newer/easier/more reliable exploits are found.
The font hack runs the non official software straight from bootup (except the mechinstaller fonts). The most used font exploits nowadays are the UDE, UDE2 and the UXE. All three of them exploit an update.xbe file renamed as xboxdash.xbe (this is the first file the xbox looks for when turned on without dvd).
The difference in the three of them lie in the compatabilaty.
UDE works on all xboxes with exception of kernels 5713 or higher
UDE2 works on all region 2 (USA/Canada) xboxes
UXE works on all xboxes (no limitations)
The gamesave exploit runs non official software that is put into a specially designed/hacked gamesave. Only three games can make use of those special gamesave at the moment. mechassault, 007 Agent under fire and splinter cell.
Most automatic installers (for example ltools) make use of these exploited gamesaves to get their software running. Gamesave exploits only run out of the game and stop working as soon as the game is stopped, therefore gamesave exploits are mostly used to install a permanent hack like UXE.
Bios loaders/kernel patchers:
So exploits allow us to run non official software but that doesn't mean we can just play everything we want. The exploit only allows software that is prepared in a particular way (signed with a special key). Now we don't like to do that with all our stuff so what if we take one program, prepare it with that special signature and let that program kick out or patch the existing bios to a bios that we like (without any checks for signatures, region numbers and what more). That is what bios loaders and kernel patchers do.
A bios loader kicks the M$ bios out of the xbox memory and puts in a hacked one. Most used bios loaders nowadays are PBL metoo, FBL and PBL-lite. Since a bios loader "loads" a bios it will need a bios file it can use to put in the memory.
A newer bios loader is usually allready prepared (signed with habibi) for use with the UDE/UDE2/UXE. The bios that gets loaded looks for a dashboard file to boot succesfully.
A kernel patcher doesn't kick out the m$ bios but it just alters it (again only in memory) so all the security checks are removed and some stuff is inserted. Since it only "patches" the bios the kernel doesn't need a bios file. The kernel(bios) is patched so it will also look for a new dashboard file.
Now we have an xbox with a complete new or adjusted bios but it would be nice if we now have a menu like structure that takes advantage of all the neat possibilities we now have with our new bios. So there is where the dashboard takes place. This is the screen with all the options like play games, emus and stuff.
Most used/popular dashboards are: evolution-x, MXM, avalaunch and unleashx
So to sum up in short for the people that didn't continue reading all my stuff (which I can totally understand if I read back).
Xbox is turned on
exploit kicks in (or is triggered in case of audio hack)
exploit boots to bios loader or kernel patcher
new or patched bios looks for dashboard
dashboard boots up and voila a softmodded xbox
When the xbox has loaded succesfully and the bios is adjusted there is no difference with a hardmodded (chipped or tsopped) xbox at that point and it will allow you everything any other modded would let you. This is all possible without opening the case and within 5 minutes of time.
I will probably add a FAQ later on since I see a lot of repeated questions lately.
feedback is ofcourse welcome.
Edited by RiceCake, 12 December 2004 - 02:22 AM.