Xbox 360 DVD Firmware Hack - Follow-up
-- Posted by XanTium on March 19 20:39 EST
A bit more news about the Xbox 360 DVD Firmware Hack we talked about yesterday.
If you missed the news yesterday, I posted lots of info there already, check it out here so you can catch up and understand what's below.
* SeventhSon on the xboxhacker.net forums has been working on getting the Hitachi-LG GDR-3120L DVD drive working on Linux and Windows the last few weeks. Yesterday I said it was required to open your DVD drive and remove the firmware chip to read the Hitachi-LG DVD firmware and/or to get the unique 16 byte key, but on SeventhSon's page he explains how you can get this drive connected and recognized by Linux and Windows. He even programmed a few cmd-line tools (also available for windows and linux) that will allow you to dump the memory (incl. 'forbidden ranges'), firmware and unique key of the DVD drive on your PC and also tools to write (peek/poke single bytes) to the DVD memory (not firmware) and execute arbitrary MN103 code (this drives used the MN103 DVD chipset) from a PC on the drive.
Now, to flash your firmware you will still need to open your dvd drive and flash the firmware with a chip programmer (for now atleast, people are searching how to make it flashable via PC) (also note that chip is epoxied, so it's probably best to removed it to flash it), but with these tools you can already dump the firmware without chip programmer. So people out there with enough asm/assembly knowlegde that would like to take a look at the firmware themself but don't have a chip programmer can use this method.
Very technical details about his research are available on this page[kev.nu], but end-users will do just fine with this 'summary' page[kev.nu].
* Team xecuter also posted a bit about the hack:
[QUOTE]
Well done from Xecuter(info)!
(Pretty much) all the information you need is in these threads [note x-s: keep in mind these are threads in the XBH technical forum - technical/serious posts only please].
* The Challenge Response Protocol
* Hacking DVD firmware AGAIN
* Dumping Security Sector with H-943A
* Getting XBOX drives to work in windows
From what we can tell so far is that the game image will have to be patched too - We can smell a new feature for Qwix(info) 2 ;)
The scene can expect a hack for all drives very soon (It's currently only Hitachi) - you can be assured that it will be released although I don't think modchips will be any kind of business as its a pure piracy mod - no homebrew at all.
[/QUOTE]
*UPDATE* Team Xecuter posted more about the hack, find it in our new post here.
* Xlife.nl posted an nice interview with TheSpecialist (in dutch - translated to english by me):
[QUOTE]
Xlife: Tell us a bit about yourself for the visitors of Xlife.nl (who are you?, what's your job in real-life?, age?, ...)
TheSpecialist: Usually asking the age is indiscreet, but in this case it's the only one I want to answer, hehe, I'm 30.
Xlife: How many people worked on the project?
TheSpecialist: 6 hackers were in the team. Although I think you can't say that only these 6 people made the hack: without the contributions from other people on XBH this would never have succeeded, it would have taken much more time anyway.
Xlife: How long did you actually work on this hack?
TheSpecialist: It's hard to say how many hours were put into this hack. We started last year analysing the original Xbox DVD firmware security because very few was known about it. We were expecting that the Xbox 360 security was based on this one and good knowledge into the security of the original Xbox would probably give useful insight for the protection in the Xbox 360 (and it looks like we were right). The reason we started with the original Xbox is because the kernel was easy to rip which helped us to find out when the original Xbox kernel went 'OK' with a DVD.
Xlife: Did you have contact with Microsoft about this hack?
TheSpecialist: No
Xlife: Why did you decide not to release the hack publicly?
TheSpecialist: The Xbox 360 was announced by Microsoft as the best protected console on earth and that hackers would be surprized by the unseen high level of security. This type of statements makes most hackers excited/interested. For me personally it looked like a great challenge to find out if the security was really so good. I think this motivation applies for pretty much all hackers on XBH. To look for security bugs was thus the real goal. Distribute a hack like this has nothing do to with 'hacking' and has also never been my goal.
Xlife: Aren't you concerned/worried that you gave ideas to people and that these will duplicate your hack and release it publicly?
TheSpecialist: To start with I think the hack isn't interesting for the average end-user in it's current status, because you need specific hardware and knowlegde to flash the drive. The current hack is also easy to patch for Microsoft because a backup differs on several points from the original and Microsoft could easily check for this. A 'perfect' emulator, that reports a backup in ALL possible ways exactly the same way to the Xbox 360 as an original disc is outside our scope and this would also require a lot of work/time. There's a possibility that this would start a cat&mouse game, where Microsoft comes with new patches and hackers will hack this again, ... So this means that as long as there's no 'perfect emulator' Xbox LIVE users will always risk getting banned and if they don't want to take this risk they will still have to buy original games.
Xlife: Did you directly start hacking the DVD firmware or did you first try hacking other parts of the Xbox 360?
TheSpecialist: No, we started directly with the firmware. The DVD firmware project on XBH is totally separated from, for example, the guys at free60.org
Xlife: Is it possible to play games on Xbox LIVE with your hack?
TheSpecialist: At this moment yes, but that's till Microsoft comes with a patch.
Xlife: What's your opinion about the fact that people doubt the authenticity of the small video you released?
TheSpecialist: The proof is in the hardware details on the XBH forums, not in the video. I released the original video now [see here[rapidshare.de - 100MB high quality version of first movie and with original sound]], that will already crush the speculation of a 2nd Xbox 360 in the reflection of the TV. I also think that if you carefully watch the movements of the laser you can no longer say this is fake. If you'd put a backup in a normal Xbox 360 the laser would not move the same way (see for example the movements to the outer edge of the disc, where it reads the security placeholder data). Only with very expensive hardware and lots of work and money a video like this could be faked.
Xlife: Do you plan to try hacking other parts of the Xbox 360?
TheSpecialist: There are no plans for that at this moment.
Xlife: Is there something else you'd like to say to people reading this interview?
TheSpecialist: Like amiga release groups said in the 'old days':'A game worth playing is a game worth buying'. I don't want to sound 'moralistic', but I always agreed with this 'ideology' and I hope others do too. I also thought it was great to see The Netherlands was well represented on XBH and I hope to welcome more interested dutch people in this little world.
[/QUOTE]
Interview courtesy Xlife.nl.
Please don't use the discussion thread below to start another (pointless) real/fake fight (these posts will be deleted) ... if you really want to discuss that keep it in this thread.
Xbox 360 DVD Firmware Hack - Follow-up
Mar 20 2006, 02:39 AM
