Jump to content


Photo

Firmware Hack For Piracy Only?


  • Please log in to reply
4 replies to this topic

#1 spook727

spook727

    X-S Enthusiast

  • Members
  • 9 posts

Posted 18 May 2006 - 05:28 PM

Reading through the thread that announced the release of the Xtreme firmware, it seems that everyone agrees that the hack is useful only for pirating games but at least proves that the XBox 360 can be hacked.

I see this hack as another big step to opening up the 360 completely. While I don't have the skills necessary to exploit potential security holes, I've been around long enough to see the possiblities that this new hack holds.

As we've seen in the past, injecting specific data into saved games can cause an overflow that allows custom code to be executed. Examples in-clude 007 and Mech Assault softmod methods and more recently, GTA on the PSP.

The problem with trying this same technique on the 360 is that most developers realize this security hole and have probably taken steps to cover it up. What they may not have planned for would be that someone can inject data into files that reside on the dvd.

With the release of the Xtreme firmware, it's now possible to inject data into other files that would be loaded by the main executable. While we know that the main xex is signed, checksumed, etc. Other files on the DVD may not. We were able to see this from the Kiosk disc where flash files could be injected into the DVD image and run from the 360.

I believe this ability is extremely valuable. We saw that it was possible to execute custom code by injecting specific data into a PNG file on the PSP 2.00 firmware. With luck something similar can be achieved by injecting data into a level map, movie file, or even an image file.

The more games that there are out there, the more possiblities that one of them may have a hole that can be exploited.

#2 brywalker

brywalker

    X-S X-perience

  • Members
  • PipPip
  • 366 posts

Posted 18 May 2006 - 05:33 PM

QUOTE(spook727 @ May 18 2006, 05:35 PM) View Post

Reading through the thread that announced the release of the Xtreme firmware, it seems that everyone agrees that the hack is useful only for pirating games but at least proves that the XBox 360 can be hacked.

I see this hack as another big step to opening up the 360 completely. While I don't have the skills necessary to exploit potential security holes, I've been around long enough to see the possiblities that this new hack holds.

As we've seen in the past, injecting specific data into saved games can cause an overflow that allows custom code to be executed. Examples in-clude 007 and Mech Assault softmod methods and more recently, GTA on the PSP.

The problem with trying this same technique on the 360 is that most developers realize this security hole and have probably taken steps to cover it up. What they may not have planned for would be that someone can inject data into files that reside on the dvd.

With the release of the Xtreme firmware, it's now possible to inject data into other files that would be loaded by the main executable. While we know that the main xex is signed, checksumed, etc. Other files on the DVD may not. We were able to see this from the Kiosk disc where flash files could be injected into the DVD image and run from the 360.

I believe this ability is extremely valuable. We saw that it was possible to execute custom code by injecting specific data into a PNG file on the PSP 2.00 firmware. With luck something similar can be achieved by injecting data into a level map, movie file, or even an image file.

The more games that there are out there, the more possiblities that one of them may have a hole that can be exploited.


FINALLY! Someone with some sense in their freaking head.

I CONCUR! This is a doorway to the real hack, not just for pirate kiddies.


#3 cerealkillajme

cerealkillajme

    X-S Messiah

  • Head Moderators
  • PipPipPipPipPipPipPip
  • 3,241 posts
  • Gender:Male
  • Location:The Den
  • Xbox Version:v1.6
  • 360 version:v1 (xenon)

Posted 18 May 2006 - 05:34 PM

QUOTE
As we've seen in the past, injecting specific data into saved games can cause an overflow that allows custom code to be executed. Examples in-clude 007 and Mech Assault softmod methods and more recently, GTA on the PSP.


Hypervisor on the 360 is supposed to make a buffer overflow impossible. I also believe that we could possibly find an exploit and use it, don't know how we could beat the hypervisor, but who knows.

#4 tom_mandory

tom_mandory

    X-S Member

  • Members
  • Pip
  • 144 posts

Posted 19 May 2006 - 09:51 PM

I've mentioned this a few times in a few different places, but what about a multi region player. That's all I've been waiting for.
As I understand it, this can be done with a firmware hack, but it has not, so at the moment it is pure piracy when it could have been more.


#5 82ross

82ross

    X-S Freak

  • Members
  • PipPipPipPipPip
  • 1,159 posts
  • Location:Living 360ville
  • Xbox Version:v1.0
  • 360 version:v4.0 (jasper)

Posted 20 May 2006 - 12:11 AM

Multi region dvd player or games player? Games multi region just from a firmware hack is a no go the xex and region info on the 360 itself would confilct.

As a dvd player it probably could by patching the region info in the css protection on the fly, but in the greater scheme of things its probably not at the top of everyones todo list.

I think backups are quite handy for most people, dvds are/can be fragile. The prospect of finding further bugs to exploit is great smile.gif

Edited by 82ross, 20 May 2006 - 12:14 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users