The Double-Dash Font Exploit:
*M$'s Newest Dash UPDATE was an attempt at killing this exploit.(An update just for us, don't we feel special) Don't run Live with this exploit unless you want a pretty ERROR 21 on boot.*OVERVIEW:
Up till now all font exploits suffered from the clock-loop problem. In short, the font hacks try to take control of the xbox on boot by having the dashboard load hacked fonts. Problem comes if the xbox has lost power and therefore lost the time. The xbox will see this on boot and try to reach the clock-setting screen. This requires the fonts to be loaded -> these have been hacked to not let xboxdash load normally -> this will in some cases cause a reboot -> clock loop! See the official clock loop thread for more information.
The audio exploit doesn't have this problem since it boots to an unmodded state and therefore can access the clock setting screen if needed. The double-dash fonts exploit tries to do the same - boot to an unmodded state. This exploit takes advantage of the fact that live-enabled xbox dashes have the 'live tab', that when pressed will launch xonlinedash.xbe from C:\xodash. Moreover, it exploits the fact that live-enabled dashboards loads its fonts from the C:\fonts folder while older dash version loaded the fonts from the root of C: Thanks MS!
By replacing xonlinedash.xbe with an old 'pre-live' dashboard's xboxdash.xbe we can therefore boot to an unmodded state by having the original fonts in C:\fonts.We then launch the font exploit by launching the old dashboard via the 'live-tab' and having hacked fonts in the root of C. If the clock needs setting we will reach the clock-setting screen, just like with the audio exploit.
The hacked fonts needed are not the same as the usual hacked fonts, since these were designed to work on boot. New fonts were needed for this new scenario, and such fonts have now cleverly been designed by rmenhal. On occasion, some users have reported that around 1 out of 10 tries they will have their xbox reboot. This is caused by thier individual kernel/dash setups and can easily be solved by following the readme file included in the package below. The tuning of the bert/ernie files is not necessary if you do not experience this however. For those of you having trouble extracting:
1. Copy the code into a .txt file.
2. Rename to "doubledash.b64".
3. Install ICEOWS.
4. Open "doubledash.b64" within ICEOWS.
5. You should see "Unknown.001".
6. Open this file with WinRar.
7. You should now see a file named "Unknown".
8. Once again, open this file with WinRar, just as before.
9. You should now see your files.Complete Package Available in Usual Places thanks to devz3ro!
(Please Read Above before attempting to Install)
(All Files Needed for Install Are Located Within devz3ro's Package)WORKING KERNEL AND DASHBOARDS.K:
This exploit will not work if your kernel version is higher than 5713. The reason for this is because this kernel will not allow for your old dash to be booted.D:
4920 is recommended for this exploit, it MAY
work with your current dash as long as it supports the 'Live Tab' and is not the newest dash supplied by MS. The very newest Dash versions will not work. If you are having problems or are unsure if your dash is compatible please downgrade to 4920.(Tons of downgrading information throughout the forums, use the Search
Button.)You are going to need a way to access your XBOX's HD. Use your preferred method or just boot a gamesave exploit of your liking. I recommend leaving it saved to your HD for future use in case you screw something up.1.
First off, when you click on the live tab it will boot xonlinedash.xbe within the c:\xodash\ directory. So let's replace it with the default.xbe from a Pre-Live dash. (already named xonlinedash within the package.) Just delete or rename the current xonlinedash.xbe and copy over your new one.2.
Next, in order for this dash to boot when the 'Live Tab' is selected it's gonna need a few support files; mainly, default.xip and mainmenu5.xip. These are needed from a pre-live dash. Again, look in the 'c' folder within the package or grab from your pre-live dash backup. Place them within c:\ on your XBOX. (NOTE: These files will only allow the dash to load far enough to boot the font files. Do not try and load the dash currently for it will give you an error 21. )3.
Enough of the dash has been copied to your HD now to boot far enough in that it will load the hacked font files. (NOTE: Pre-live dashes boot font files from c:\ - All other's boot from c:\fonts ) Your hacked font files will need to be placed within the c:\ directory within your XBOX. They are called bert.xtf and ernie.xtf. Original font hack files will not work for this. You must get them from the above mentioned package or CODE below. If XBOX.xtf and XBOX BOOK.xtf currently exist in c:\ on your XBOX, remove them or rename them to something else for backup purposes.4.
Okay, the files copied so far will Boot the old dash, load the hacked fonts, which will in turn try and boot default.xbe from e:\. The default.xbe needs to be signed with the HABIBI Key so you may sign whatever .xbe you like and have it launched or use the PBL Files within the package (Already Signed). Just copy over the files, double checking they have correct signature and are named accordingly. The ones you are looking for are located with the E\ Directory in the package. If you have a newer XBOX that incorporates the Focus chip you must use PBL 1.4.1 located in the directory of the package of the same name. Insure you have a folder named 'Bioses' in the same DIR of your PBL files (E:\) and it has a file named xboxrom.bin within.(BFM Bios of your choice.)5.
Now, if you have used PBL before you know that it boots whichever file your bios is pointing towards. In the packages case, it boots a file within 'c:\'. (evoxdash.xbe, mxmdash.xbe, xboxdash.xbe etc....) Insure the XBE is named something of this nature. Don't forget to include the support files for whatever you are launching after PBL. (XML's, INI's, SKINS etc....). This is not included in the package for it's your choice on which dash you would like to run. 6.
You are finished copying the necessary hack files to your XBOX. You may power down your XBOX and turn it back on. When you boot up you should see the 'LIVE' tab just waiting to be clicked. Go ahead and select it. You should no see PBL booting, then your dash of your choice. If you do not see any of this and just recieve an error screen or blank screen review the steps and insure you copied all the necessary files to your XBOX. If it does work correctly congratulations, exploit style without the clock loop or corrupted ST.DB. Don't forget the Reset-On-Eject is still enabled so if you want to play a game or use your DVD drive at all; open the drive at the original xbox dash screen, select the 'Live' tab and after the hack boots place your disc into the drive and then play away.
Thanks to RMENHAL once again for his excellant files and devz3ro for the package!
=============================================RMENHAL's Original POST: