Jump to content


Photo

Changing The Cpu And Nand Chip


  • Please log in to reply
13 replies to this topic

#1 Furiuzz

Furiuzz

    X-S Enthusiast

  • Members
  • 5 posts

Posted 07 January 2009 - 05:12 PM

Hello i'm new in this scene and I have a theory.

I'v read somewhere that it would be possible to change the CPU and NAND chip, and the cpukey is in the cpu. Would it be possible to replace the cpu from the xbox with a prepaired one where you edit the cpukey in a key you choose? Or to read it out in something different than your xbox?

I'm asking this because some of the xboxes have not the right dvdkey and when I know the cpukey I can change the dvdkey.

With kind regards

Furiuzz


#2 ILikeMeat

ILikeMeat

    X-S Member

  • Members
  • Pip
  • 149 posts

Posted 10 January 2009 - 04:16 AM

Yes it is possible. If you know the CPU key of a CPU, and you have a matching NAND chip (or I think you only need the CPU key you can use a NAND image and encrypt it using the C PU key) then you can swap chips, have fun though, the CPU is BGA package.

#3 Nexi

Nexi

    X-S Senior Member

  • Members
  • PipPip
  • 159 posts
  • Location:Eastern PA | NYC
  • Xbox Version:v1.1
  • 360 version:v1 (xenon)

Posted 02 March 2009 - 01:24 AM

QUOTE(ILikeMeat @ Jan 9 2009, 10:52 PM) View Post

have fun though, the CPU is BGA package.


Easily accomplished with a BGA rework station with the right know how.

#4 Gir489

Gir489

    X-S Senior Member

  • Members
  • PipPip
  • 166 posts
  • Location:Baltimore, MD
  • Interests:XBOX 0wning.
  • Xbox Version:v1.0
  • 360 version:v1 (xenon)

Posted 19 March 2009 - 04:09 PM

What purpose would that serve if the CPU is functioning properly?

#5 torne

torne

    X-S Expert

  • Members
  • PipPipPip
  • 684 posts
  • Location:London, UK
  • Interests:Reverse engineering, Linux, crazy operating systems voodoo, embedded development
  • Xbox Version:v1.1
  • 360 version:v1 (xenon)

Posted 20 March 2009 - 01:39 PM

The OP is assuming there's something you can do to the CPU to find out the key, or that there's an actual chance of having a CPU with a known key that isn't already part of a perfectly good working 360. The replies kinda missed the point: yes it is possible to switch CPU+NAND between boards as a pair if you have the required tools and skills to do the BGA rework, but you are right, there's unlikely to be much actual use for this wink.gif

#6 HvxHcC

HvxHcC

    X-S Enthusiast

  • Members
  • 10 posts

Posted 25 May 2009 - 05:23 PM

There's also the fact that you would need to generate a valid keyvault for this new cpu and nand. That includes needing to change the real console id and serial to match the one generated using the mac address of the ethernet controller, which you can't do without breaking the signature of the cert in the keyvault which is privately signed by ms, so in order to stay unbanned with this new cpu/nand you will need the cert from the current nand. It gets complicated. I'd say you're wasting your time.

#7 Joka Macer

Joka Macer

    X-S Enthusiast

  • Members
  • 17 posts

Posted 12 January 2010 - 03:18 AM

QUOTE(HvxHcC @ May 25 2009, 05:23 PM) View Post

There's also the fact that you would need to generate a valid keyvault for this new cpu and nand. That includes needing to change the real console id and serial to match the one generated using the mac address of the ethernet controller, which you can't do without breaking the signature of the cert in the keyvault which is privately signed by ms, so in order to stay unbanned with this new cpu/nand you will need the cert from the current nand. It gets complicated. I'd say you're wasting your time.



so,
you guys tell if I change the nand and CPU, with the cpu key, a can get back on even in a jasper whith a dash 8XXX ????
muhaha.gif


#8 firebuddie

firebuddie

    X-S Young Member

  • Members
  • Pip
  • 58 posts

Posted 12 February 2010 - 11:32 PM

joka@ go for it...thats the theory since it is only the CPU with the CB revoke on its die which is blocking the explotable kernel from running. So replace with a non revoked cpu and should work.

Good luck and let us know how you get on.

#9 wang_chung

wang_chung

    X-S Member

  • Members
  • Pip
  • 80 posts

Posted 14 February 2010 - 02:06 PM

as long as the cpu is the correct version 90nm vs. 65nm? i was under the impression that the two were not interchangable.

#10 T3XA5360R3B3L

T3XA5360R3B3L

    X-S Member

  • XS-BANNED
  • Pip
  • 92 posts
  • Xbox Version:unk
  • 360 version:unknown

Posted 01 March 2010 - 05:22 AM

is the CPU key programmed in by IBM or is it programmed in at the time of the XBOX360 assembly?

suppose you got a CPU from a chip supplier from China and it didn't have a key programmed into it, then theoretically you could install it on the board and use any NAND you wanted without any need of a KV.

just a thought..

#11 collions

collions

    X-S Enthusiast

  • Members
  • 3 posts

Posted 11 May 2010 - 11:52 AM

So, if I remove CPU+NAND (dash 7371) from a RRODded Falcon board, can I replace them into a GOOD falcon board (dash 8955) with MISSED DVD-KEY?

So, theorically, I can retrieve the correct DVD-KEY trough JTAG hack

Is it right?

Thank you!


#12 onlyXMan

onlyXMan

    X-S Member

  • Members
  • Pip
  • 142 posts

Posted 28 May 2010 - 10:56 AM

QUOTE(collions @ May 11 2010, 12:52 PM) View Post

So, if I remove CPU+NAND (dash 7371) from a RRODded Falcon board, can I replace them into a GOOD falcon board (dash 8955) with MISSED DVD-KEY?

So, theorically, I can retrieve the correct DVD-KEY trough JTAG hack

Is it right?

Thank you!


You could swap to CPU+NAND with dash 7371 and get CPUKEY, new DVD KEY, but it won't help You with retriving old DVD KEY which is encrypted with old CPUKEY in old NAND.


#13 Me777

Me777

    X-S Young Member

  • Members
  • Pip
  • 58 posts
  • Location:Cambridge, ON
  • Xbox Version:none
  • 360 version:v4.0 (jasper)

Posted 01 June 2010 - 03:18 PM

QUOTE(Joka Macer @ Jan 11 2010, 10:18 PM) View Post

so,
you guys tell if I change the nand and CPU, with the cpu key, a can get back on even in a jasper whith a dash 8XXX ????
muhaha.gif


If what you are saying is

Can I swap the CPU from a jtaggable board to a non jtaggable
the answer is yes

as long as the nm size matches

QUOTE(wang_chung @ Feb 14 2010, 09:06 AM) View Post

as long as the cpu is the correct version 90nm vs. 65nm? i was under the impression that the two were not interchangable.


Falcon, Jasper, Opus have matching CPU 65nm
Xenon and Zeyphr have matching CPU 90nm

Don't bother desoldering the nands its a waste of time, just dump the jtaggable consoles nand by soldering the wires up to the board before removing the cpu

then open nandpro and type

nandpro dev: -r16 nand1.bin
nandpro dev: -r16 nand2.bin
nandpro dev: -r16 nand3.bin
nandpro dev: -r16 rawkv1.bin 1 1
nandpro dev: -r16 rawkv2.bin 1 1
nandpro dev: -r16 rawkv3.bin 1 1

this backs up your nand 3 times and raw kv 3 times

Then transplant your cpu (I hope you know how to do that lol)

compile a xellous image (my preference, use the raw kv you extracted and the free60 xell from the usual places)
there's plenty of guides on that, name it free60.bin

after that run nandpro with the wires soldered to the console you transplanted the cpu into.

type
nandpro dev: -e16 *erases the unexploitable nand data*

then

nandpro dev: +w16 free60.bin

boot up the console with the eject button with dvd power cable connected

write down your cpu key

build an image in ibuild with this key

rename the image.bin to updflash.bin
copy this to a fat32 formatted flash drive
plug it into your 360's usb
power on using the eject button, xellous will find the image and flash it.

Have a beer

I've done this plenty of times with broken falcons and banned jaspers, I've had a few stubborn ones that I've tried to find other people to do but so far im 8 for 10.

#14 wernbfe

wernbfe

    X-S Enthusiast

  • Members
  • 7 posts

Posted 22 September 2010 - 02:45 AM

Is it possible to fix an e-71 by doing this as well? i have a board that every 3rd or 4th time being turned on I get this e-71 error Which I am assuming its a bad flash to the nand?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users