Idea For Simple Exploit. Options

[Cyahnidde]

I have a new(?) idea for an exploit to load homebrew on an xbox360.
Think about this:
A homebrew loader. Built into an Xbox live indie game, secretly. Yeah.

Well, ya know those shitty Xbox live indie games, that makes you wonder how the hell it made it into the marketplace? Well, one of us should make a basic run and jump platform game. Butt, we'd have a secret weapon hidden in it. This secret weapon would be a homebrew loader. Here's how it would work.
Say go to level 2-4, Then we'd make a code for it. Say the code is Y,X,B,A,RB,RB,LB. Then when you enter that you go to a secret level. In the level we have another code. Once you enter the code and complete the secret level, a homebrew loader would come up. Then we could load any homebrew we want.

Please, pitch in ideas and leave you name and experience if you want to help.

[Takashi]

This is breaking a few rules in and of itself.
Not possible mate, msoft would find the code submitted before putting it live.

This post has been edited by Takashi: Jan 25 2011, 09:35 AM

[No_Name]

You do know that all code that you can get on the 360 is screened by Microsoft?
Anyone who pull a stunt like would find themselves never working for another game company again.

[Cyahnidde]

Ah well. I thought it was a good idea.

[Misfit111]

This idea was brought up at 7s, a couple people are claiming that they are able to run homebrew on stock 360's this way.

[NIR Brail XD]

i would think this could be aimed better at a game save exploit like back in the box1 days

[Povo]

But you can debug your application on your developing Xbox right? Without submitting the code to MS?

If so, anyone could run a project file and debug

[No_Name]

But you can debug your application on your developing Xbox right? Without submitting the code to MS?

If so, anyone could run a project file and debug

No, you hit the huge wall thats called the signature.
No retail box will run unsigned code.

[juggahax0r]

No, you hit the huge wall thats called the signature.
No retail box will run unsigned code.

The original concept is very flawed , MS would know what it is in your XNA coded app , they would see that it is a backdoor and it wouldn't get on the market. On another note , i doubt XNA can really be used to code anything like that , it's like .NET for the 360 , and only works on a small set of the real SDK code base. You can't for instance do HV/Kernel calls with it , as far I know. Just having a loader built on XNA would not be enough , as the third-party stuff you want to run still has no signature and would not even be read as valid.

I run my own code on my retail box all the time. XNA requires you too pay before you can run the code , that is how it gets away with not being "signed" , or it is just signed with a local key derived from your 25 digit access code. I haven't tried my XNA game on anything but the retail box I built it on , but i would be willing to bet it will only run on that one, just like XDK software will only run on the console it was built for , until you Xextool it.

If you want find an exploit in the 360 reverse the kernel/HV and look for a bug , gamesave exploits , modifying system updates , anything simple is already covered in the HV unless you find another bug in it. These threads are always funny though ... bahahahaha. Even if you could exploit the 360 with XNA , you are breaking a lot of laws in the process , the whole point of the hacks is to do them with as little law breaking as possible. That isn't even really an exploit , more like the "ole switcharoo", if whatever it is didn't get put on the market place , then no one else would be able to run it anyway except whoever built it.

[Adam_Smith]

Ten out of ten for thinking though guys,

c4eva et al while brilliant hackers, often will not see these type of ways in - not due to lack of brilliance, it's just that some ideas come from a "yeah, that may work but..." and then getting around the but.

Let's face it, since the efuses blew there's been little in the way of new ideas on getting inside; even if M$ have made such a perfect system there's no other ways in, they have had a huge success with the updates to hold the homebrew crowd at bay. Ideas like this will open minds!

[No_Name]

Little do you know.

Have you any idea how difficult it was to find the one and only hole in the security of the 360?

Modding a firmware has nothing to do with the discovery of the flaw in the hypervision that allowed homebrew to run. It was a factor in running the disk with the modified shader sure but the know how to make the 360 think a disk was valid came from someone else, not c4eva in the first place.

[hobosrock696]

Although this would not work.... if a few people got together and figured out how to write some easy to exploit code and submitted that as part of a game and then exploited it by modding files on a 360s hdd we could be in business. Just saying.... I mean it never said your not allowed to write vulnerable code right?

EDIT: ahahaha stupid me didn't think about the hypervisor. Wish we could just get Geohot to automagically get us the key for the 360.

This post has been edited by hobosrock696: Jun 20 2011, 09:08 PM