Firmware Hack For Piracy Only?, I say otherwise Options

[spook727]

Reading through the thread that announced the release of the Xtreme firmware, it seems that everyone agrees that the hack is useful only for pirating games but at least proves that the XBox 360 can be hacked.

I see this hack as another big step to opening up the 360 completely. While I don't have the skills necessary to exploit potential security holes, I've been around long enough to see the possiblities that this new hack holds.

As we've seen in the past, injecting specific data into saved games can cause an overflow that allows custom code to be executed. Examples in-clude 007 and Mech Assault softmod methods and more recently, GTA on the PSP.

The problem with trying this same technique on the 360 is that most developers realize this security hole and have probably taken steps to cover it up. What they may not have planned for would be that someone can inject data into files that reside on the dvd.

With the release of the Xtreme firmware, it's now possible to inject data into other files that would be loaded by the main executable. While we know that the main xex is signed, checksumed, etc. Other files on the DVD may not. We were able to see this from the Kiosk disc where flash files could be injected into the DVD image and run from the 360.

I believe this ability is extremely valuable. We saw that it was possible to execute custom code by injecting specific data into a PNG file on the PSP 2.00 firmware. With luck something similar can be achieved by injecting data into a level map, movie file, or even an image file.

The more games that there are out there, the more possiblities that one of them may have a hole that can be exploited.

[brywalker]

Reading through the thread that announced the release of the Xtreme firmware, it seems that everyone agrees that the hack is useful only for pirating games but at least proves that the XBox 360 can be hacked.

I see this hack as another big step to opening up the 360 completely. While I don't have the skills necessary to exploit potential security holes, I've been around long enough to see the possiblities that this new hack holds.

As we've seen in the past, injecting specific data into saved games can cause an overflow that allows custom code to be executed. Examples in-clude 007 and Mech Assault softmod methods and more recently, GTA on the PSP.

The problem with trying this same technique on the 360 is that most developers realize this security hole and have probably taken steps to cover it up. What they may not have planned for would be that someone can inject data into files that reside on the dvd.

With the release of the Xtreme firmware, it's now possible to inject data into other files that would be loaded by the main executable. While we know that the main xex is signed, checksumed, etc. Other files on the DVD may not. We were able to see this from the Kiosk disc where flash files could be injected into the DVD image and run from the 360.

I believe this ability is extremely valuable. We saw that it was possible to execute custom code by injecting specific data into a PNG file on the PSP 2.00 firmware. With luck something similar can be achieved by injecting data into a level map, movie file, or even an image file.

The more games that there are out there, the more possiblities that one of them may have a hole that can be exploited.

FINALLY! Someone with some sense in their freaking head.

I CONCUR! This is a doorway to the real hack, not just for pirate kiddies.

[cerealkillajme]

As we've seen in the past, injecting specific data into saved games can cause an overflow that allows custom code to be executed. Examples in-clude 007 and Mech Assault softmod methods and more recently, GTA on the PSP.

Hypervisor on the 360 is supposed to make a buffer overflow impossible. I also believe that we could possibly find an exploit and use it, don't know how we could beat the hypervisor, but who knows.

[tom_mandory]

I've mentioned this a few times in a few different places, but what about a multi region player. That's all I've been waiting for.
As I understand it, this can be done with a firmware hack, but it has not, so at the moment it is pure piracy when it could have been more.

[82ross]

Multi region dvd player or games player? Games multi region just from a firmware hack is a no go the xex and region info on the 360 itself would confilct.

As a dvd player it probably could by patching the region info in the css protection on the fly, but in the greater scheme of things its probably not at the top of everyones todo list.

I think backups are quite handy for most people, dvds are/can be fragile. The prospect of finding further bugs to exploit is great

This post has been edited by 82ross: May 20 2006, 12:14 AM