Jump to content


Photo

My Find For Xbox Originals!


  • Please log in to reply
15 replies to this topic

#1 Anubis-MG

Anubis-MG

    X-S Young Member

  • Members
  • Pip
  • 39 posts

Posted 18 December 2005 - 07:39 PM

Ok so I seen the hot swap method being done for ripping 360 games so I jumped on this testing for the

possibility of playing original xbox games on the 360 drive but swaping with a backup.

I opened the 360 dvd drive for this so if your considering this will void your warrentie go for it.

I started by popping in my original Xbox game and started playing for a few mins then I stopped playing

but kept the game going after a few mins the screen turns dark and the disc stops spinning this is when I

popped in the back up of the same game mind you,also you cannot press eject or this will not work you

have to take the top off your dvd drive any ways after swapping I moved the thumb stick on the controller

and the game went from dark to light and I was able to start playing again only till I got to the next area

and the 360 had to read off the disc then I got this message that says disc maybe dirty or damaged ect bla

bla bla.

So I thought I would post this info as not sure if others have found this out for them selves and if not they

can use this info for farther testing ect..

Hope I am onto something here!!

Oh and to let you know I tested like 3 or 4 games and they all resulted in the same they all played for a

short period of time then the error screen occurs after reading.

There has to be a way arround this..

Also a quick quesrtion was I playing off the game back up or was the game just in the memory??

Edited by Anubis-MG, 18 December 2005 - 07:50 PM.


#2 lordvader129

lordvader129

    He Who Posts Alot...

  • Head Moderator
  • PipPipPipPipPipPipPipPipPipPipPipPipPipPipPip
  • 17,735 posts
  • Location:Chicago, USA
  • Interests:#lordvader129
  • Xbox Version:v1.1
  • 360 version:v5.0 (360S - trinity)

Posted 18 December 2005 - 08:21 PM

QUOTE
Also a quick quesrtion was I playing off the game back up or was the game just in the memory??

you were just playing off the harddrive cache, youd get the same results if you took the game out and left the drive empty, or put a different game in its place

#3 crosseye

crosseye

    X-S X-perience

  • Members
  • PipPip
  • 362 posts
  • Xbox Version:unk
  • 360 version:unknown

Posted 18 December 2005 - 08:38 PM

yep, just playing off the cache.

#4 Anubis-MG

Anubis-MG

    X-S Young Member

  • Members
  • Pip
  • 39 posts

Posted 18 December 2005 - 09:11 PM

Shit yeah your right I just tried and was able to play for the same amount of time with out a game in and the same

thing happens with the error code when going to the next area.

Oh well I thought I was on to something good sad.gif

Edited by Anubis-MG, 18 December 2005 - 09:12 PM.


#5 crosseye

crosseye

    X-S X-perience

  • Members
  • PipPip
  • 362 posts
  • Xbox Version:unk
  • 360 version:unknown

Posted 18 December 2005 - 11:29 PM

no problem. At least you tested what we said and found out for yourself. Other people lately just want to argue a point they know nothing about. Keep searching for stuff, you may accidentally stumble across something. After all, most of mans great discoveries are just accidents.

#6 Monoxboogie

Monoxboogie

    X-S Young Member

  • Members
  • Pip
  • 49 posts

Posted 19 December 2005 - 12:27 AM

QUOTE(Anubis-MG @ Dec 18 2005, 09:18 PM) View Post

Shit yeah your right I just tried and was able to play for the same amount of time with out a game in and the same

thing happens with the error code when going to the next area.

Oh well I thought I was on to something good sad.gif


How were these dumps created? If the backups you used were created using a method that doesn't yield an exact copy of the disc, then that could be the problem. If, for example, the backup didn't include the track that has the "This DVD must be played in an Xbox 360" movie, then when it tries to seek to the proper section, it will fail.

Also, for shits and giggles, have you tried doing so in an area prior to a media load. Play the game, find a place where an FMV loads. Get to that spot again. Let the screen dark. Switch. Play more; load media. Perhaps upon removal of the disk, you're killing the alignment of the laser. And perhaps the "seek" needed to get to the media would realign it, and allow you to play the backup.

Keep us posted. It's a long shot, but you have got guts; removing the top of the drive and all. I admire your bravery.

#7 lordvader129

lordvader129

    He Who Posts Alot...

  • Head Moderator
  • PipPipPipPipPipPipPipPipPipPipPipPipPipPipPip
  • 17,735 posts
  • Location:Chicago, USA
  • Interests:#lordvader129
  • Xbox Version:v1.1
  • 360 version:v5.0 (360S - trinity)

Posted 19 December 2005 - 02:08 AM

QUOTE(Anubis-MG @ Dec 18 2005, 02:18 PM) View Post

Shit yeah your right I just tried and was able to play for the same amount of time with out a game in and the same

thing happens with the error code when going to the next area.

Oh well I thought I was on to something good sad.gif

yeah, this may not have worked, but at least when you had an idea you gave it a try yourself and posted results, thats what we need in this forum, less talkers more doers

QUOTE
How were these dumps created? If the backups you used were created using a method that doesn't yield an exact copy of the disc, then that could be the problem. If, for example, the backup didn't include the track that has the "This DVD must be played in an Xbox 360" movie, then when it tries to seek to the proper section, it will fail.

Also, for shits and giggles, have you tried doing so in an area prior to a media load. Play the game, find a place where an FMV loads. Get to that spot again. Let the screen dark. Switch. Play more; load media. Perhaps upon removal of the disk, you're killing the alignment of the laser. And perhaps the "seek" needed to get to the media would realign it, and allow you to play the backup.

Keep us posted. It's a long shot, but you have got guts; removing the top of the drive and all. I admire your bravery.

hmm, its possible, but i dont think it would be worth much on the topic of playing backups (having to swap with your orignal each time would cause more handling of the discs and probably more scratches, defeating the purpose of the backup, lol)

also, for games that use multiple xbes (liek 007:EON) when it switches from one xbe to the other the media check would fail

either way its worth giving a try, might lead to soemthing else

#8 CattyKid

CattyKid

    X-S Messiah

  • Head Moderator
  • PipPipPipPipPipPipPip
  • 3,617 posts
  • Location:The Great Continental 48
  • Interests:Everything
  • Xbox Version:v1.0
  • 360 version:v1 (xenon)

Posted 19 December 2005 - 03:46 AM

Man, I can at least say that I respect you. Way to get your hands dirty.
Trying never hurt anybody.

#9 Monoxboogie

Monoxboogie

    X-S Young Member

  • Members
  • Pip
  • 49 posts

Posted 19 December 2005 - 05:34 AM

QUOTE(lordvader129 @ Dec 19 2005, 02:15 AM) View Post

yeah, this may not have worked, but at least when you had an idea you gave it a try yourself and posted results, thats what we need in this forum, less talkers more doers
hmm, its possible, but i dont think it would be worth much on the topic of playing backups (having to swap with your orignal each time would cause more handling of the discs and probably more scratches, defeating the purpose of the backup, lol)

also, for games that use multiple xbes (liek 007:EON) when it switches from one xbe to the other the media check would fail

either way its worth giving a try, might lead to soemthing else


My thought is currently that if we can make it do this switch, we won't play backups, but perhaps create a dummy DVD with a VERY similar TOC and file structure...but a malformed media file. When it loads, buffer overflow, or some other nasty thing, and code execution. I'm aware that MS has stepped up buffer overflow protection, but my hope is that MS let its guard down on media within a game (not save files). I mean, how is a user to make the information on a legitimate DVD bad? ;-)

Of course, I lack a 360 as of yet. If anybody would like to sell me one at cost...(Yes; I suppose I'm a comedian), then I'll gladly take my hand at it.

#10 edit_text

edit_text

    X-S Enthusiast

  • Members
  • 6 posts

Posted 23 December 2005 - 09:17 PM

I was also thinking along these lines. I think that a raw backup may be required. Then again, the xbox may well be checking the media type again. If a swap trick of this nature could be executed, that would give us a solid means of attack. If we can gain full access to the emulations virtual machine, we maybe able to find other holes from there. This, of course, is assuming that the emulation has some low level access to the underlying operating system. It may well not. A swap trick like this is very diffrent from those performed on Sony sytems to boot backups. Keep in mind, when a swap is performed on a playstation, that there is a piece of software stoping the drive. At that point it is expecting to have to read something diffrent. With what you have tried so far, the xbox is not expecting any changes. It want to pick up reading where it left off. This again is assuming that it is not performing a media check everytime it reads the disk. Many people view this as fruitless, I know. The ponit of this is not so much playing backups. What the goal here should be is finding a means to execute our own code.

e_t

#11 bowser22

bowser22

    X-S Young Member

  • XS-BANNED
  • Pip
  • 56 posts
  • Xbox Version:v1.6
  • 360 version:v1 (xenon)

Posted 23 December 2005 - 09:44 PM

You cannot do a buffer overflow on the 360 it is nearly impossible because satck memory is non-executable

#12 InterestedHacker

InterestedHacker

    X-S Member

  • Members
  • Pip
  • 95 posts

Posted 23 December 2005 - 11:58 PM

Sounds like a good idea, until you read the hundreds of posts explaining how the boot process works.

Here are my results:-

Inserted original disk, once game started I swapped it with a copy, which doesn't contain the original media check, and doesn't have any of the security place holders, and the XBOX then told me to STFU and read the bloody forums posts first.

Edited by InterestedHacker, 23 December 2005 - 11:58 PM.


#13 Monoxboogie

Monoxboogie

    X-S Young Member

  • Members
  • Pip
  • 49 posts

Posted 24 December 2005 - 04:09 AM

QUOTE(bowser22 @ Dec 23 2005, 09:51 PM) View Post

You cannot do a buffer overflow on the 360 it is nearly impossible because satck memory is non-executable


As we all know, MS has had a large amount of success in thwarting these attacks.

http://www.securitea...5OP0W00EKW.html

Even with the NX bit on the processors, and DEP, computers are still vulnerable to the same old style exploits. It's very likely that some exploits like this may be able to be found.

And Mr. InterestedHacker needs to read the fucking post. I didn't suggest doing this *AT* boot. I suggested doing this after the boot process has taken place. A hot swap is the removal media without allowing the device to know that the media has been switched. This means that the power stays on, and the host device is not made aware of the fact that the drive tray has been ejected, or the media has been removed.

#14 DaBiscuit

DaBiscuit

    X-S Senior Member

  • Members
  • PipPip
  • 243 posts
  • Location:Derby, England.
  • Interests:Videogames, Anime, VGM, Console modding
  • Xbox Version:v1.4

Posted 24 December 2005 - 04:48 AM

Is there any point to trying this with an old XBox1 backup? If any kind of non-original media can be played, it's a start, and we do at least know how to reproduce working copies of the XBox1 disks. I can't try it myself, since the XBox360 aren't in stock in my area, and I can't get one. Still, it's something to try.

EDIT: Oh, nevermind, you were using XBox1 Backups. If the game was continuing from the HDD cache, how about removing the HDD first? How about trying it with a backup copy of a 360 game, now that the dumps are out there? I really wish I could get my hands dirty right now, this is the fun part, even if there are no results.

Edited by DaBiscuit, 24 December 2005 - 04:52 AM.


#15 InterestedHacker

InterestedHacker

    X-S Member

  • Members
  • Pip
  • 95 posts

Posted 24 December 2005 - 11:57 AM

QUOTE(Monoxboogie @ Dec 24 2005, 05:16 AM) View Post

As we all know, MS has had a large amount of success in thwarting these attacks.

http://www.securitea...5OP0W00EKW.html

Even with the NX bit on the processors, and DEP, computers are still vulnerable to the same old style exploits. It's very likely that some exploits like this may be able to be found.

And Mr. InterestedHacker needs to read the fucking post. I didn't suggest doing this *AT* boot. I suggested doing this after the boot process has taken place. A hot swap is the removal media without allowing the device to know that the media has been switched. This means that the power stays on, and the host device is not made aware of the fact that the drive tray has been ejected, or the media has been removed.


It's FACT that the media checks happen more than once! Due to the way in which the security works, you would likely need the original disk (for that game) to boot from every time, so that kinda makes the whole thing pointless! Sorry for being sharp, just fed up of reading the same posts over and over.

It rotates like this:-

1) Why can't we use a buffer over flow.
2) Why can't we hot swap the discs.
3) Why can't we FTP. (This one REALLY winds me up no end)
4) Why can't someone hack MCE so I can watch DivX movies.


It's good to suggest things, but this has been suggested before, and before, and before.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users