Default.xex Editing?, Incription stopping us? Options

[teknogeek1300]

I noticed that MS gives thes updates out freely, and are bootable via CD-R etc. Is there a specific reason why we're not using it to launch homebrew/cracks?

[krayzie]

altering invalidates the signature making it unlaunchable

[whereisevox]

how does it notice if changes are made? there must be parameters set telling it what to look for...and see if it has changed...well we could change those?

[jizmo]

Top 5 'fresh' ideas and replys afterwards that we see posted here ten times a day:

1) Has anyone tried to rename .xbx to .xbe to fool the x360? Could it work? What do you mean of course not?

2) Has anyone tried to remove media checks from signed files? What do you mean that corrupts the signature?

3) Has anyone tried to play Xbox backups on x360? What do you mean, 'MS has actually thought of that *too*'?

4) Has anyone tried to program a utility to run on x360 that would remove media check? What do you mean the utility wouldn't run in the first place?

5) Has anyone tried a Xbox modchip with x360? What do you mean 'go and try it yourself, chump'?

This post has been edited by jizmo: Jan 4 2006, 04:46 PM

[yngwie001]

I think i am right in saying that you cannot simply change it because of the signiture key within the .xex.
It checks for the key, and it will take a million lifetimes and more before that is cracked.

Krazie correct me if i am wrong.

Its nice that everyone is bouncing these ideas around

[InterestedHacker]

I think i am right in saying that you cannot simply change it because of the signiture key within the .xex.
It checks for the key, and it will take a million lifetimes and more before that is cracked.

Krazie correct me if i am wrong.

Its nice that everyone is bouncing these ideas around

Yes, you are completely correct.

You can't disable the media check it's in the executable file and ANY changes to that file means the 360 will not run it and give you a DDE. You cannot sign the file once you have changed it, because the encryption private key is currently uncrackable and is so highly secure that millions of the fastest PCs working on it would take trillions and trillions of years. That's why the experts are looking at much more complex ways into the 360. Nothing simple will get anyone in there! Even the original XBOX wasn't so easy to get into, unless your name was Bunnie

[teknogeek1300]

Thanks guys!

[ipn0r0spo]

i'm not that much into cryptography, i don't think it's possible but i waana know why.. i compared the hex of the .xex of cod2 kiosk demo and cod2 retail. there are a lot of similarities exept for some code ad the beginning of the file.. now modifing it according to the demo one (admitting that we know what we have to change) will still break the hash?

[SCVirus]

Making any change any signed XEX will break the signature. (unless you have the private key to generate a new sig, which we will never, ever have.)

I'll dumb it down for you (even though this is the technical forum), XEX files can be expressed as numbers, lets say an XEX file was 4 numbers, 1348, the final byte of this file is the signature, in this case the signature is generated by adding the numbers of the rest of the file. Changing ANY number would invalidate the signature. (and of cource the real signature is not generated by adding rather then by a 2000+ bit key that would take forever on all of todays computers to break)

This post has been edited by SCVirus: Jan 16 2006, 02:21 AM

[ymgve]

There is one theoretical attack, however - attacking the SHA-1 digest algorithm. If (when) somebody manages to break it, we could possibly create a carefully crafted xex file with modified content that still has the same fingerprint as an original xex.

Note that this attack is not practical today, but in a few years SHA-1 might be broken enough for us to exploit this weakness.

[scrupul0us]

Note that this attack is not practical today, but in a few years SHA-1 might be broken enough for us to exploit this weakness.

And by then, well be trying to "hack" a nudey patch to our favorite game for the latest VR console

This post has been edited by scrupul0us: Jan 16 2006, 11:31 PM

[ymgve]

And by then, well be trying to "hack" a nudey patch to our favorite game for the latest VR console

Hopefully sooner. It's already possible to create a MD5 collision in just a few hours, and it is possible to create a SHA-1 collision in 2^63 operations (http://www.schneier.com/blog/archives/2005...ryptanalyt.html). Of course, these are collision attacks and not preimage attacks, but we're getting there.

This post has been edited by ymgve: Jan 16 2006, 11:48 PM

[scrupul0us]

i think im just gunna and watch this whoel thing unfold over the next year or so and see where "we" get with this console... i definately wont buy one unless it can be hacked since im more of a multimedia person than a gamer... XBMC and the playstation EMU are really all i use my XBOX -360 for... although i wouldnt mind playing some of the newer games ::shrugs::

This post has been edited by scrupul0us: Jan 16 2006, 11:54 PM

[rooter75]

XBMC and the playstation EMU are really all i use my XBOX -360 for... although i wouldnt mind playing some of the newer games ::shrugs::

Are you sure that is all you use your XBOX-360 For? hehehe

I would GMLN (or the right one for that matter) for XBMC on the 360!

[SkateorDie]

I think the only way we will be able to crack it anytime soon will for us to have an inside at M$ give us the signature. Maybe in a year or so we will have some media hacks.