| The Xbox 360 reset glitch hack - New Homebrew Hack! |
Aug 28 2011, 11:18 PM
Memba Numero Uno
Joined: 17-May 02
Member No.: 1
Xbox Version: unk
360 version: unknown
The Xbox 360 reset glitch hack - New Homebrew Hack!
Posted by XanTium
| August 28 18:18 EST | News Category: Xbox360
GliGli released a new hack to boot the Xbox360 into XeLL and thus run homebrew software on your console. It's is compatible with ALL dashboard version and ALL Slim and Fat (expect Xenon, Falcon support will follow later) models and is unpatchable via software updates by Microsoft.
From the readme/nfo:
Introduction / some important facts
tmbinc said it himself, software based approaches of running unsigned code on the 360 mostly don't work, it was designed to be secure from a software point of view.
The processor starts running code from ROM (1bl) , which then starts loading a RSA signed and RC4 crypted piece of code from NAND (CB).
CB then initialises the processor security engine, its task will be to do real time encryption and hash check of physical DRAM memory. From what we found, it's using AES128 for crypto and strong (Toeplitz ?) hashing. The crypto is different each boot because it is seeded at least from:
- A hash of the entire fuseset.
- The timebase counter value.
- A truly random value that comes from the hardware random number generator the processor embeds. on fats, that RNG could be electronically deactivated, but there's a check for "apparent randomness" (merely a count of 1 bits) in CB, it just waits for a seemingly proper random number.
CB can then run some kind of simple bytecode based software engine whose task will mainly be to initialise DRAM, CB can then load the next bootloader (CD) from NAND into it, and run it.
Basically, CD will load a base kernel from NAND, patch it and run it.
That kernel contains a small privileged piece of code (hypervisor), when the console runs, this is the only code that would have enough rights to run unsigned code.
In kernel versions 4532/4548, a critical flaw in it appeared, and all known 360 hacks needed to run one of those kernels and exploit that flaw to run unsigned code.
On current 360s, CD contains a hash of those 2 kernels and will stop the boot process if you try to load them.
The hypervisor is a relatively small piece of code to check for flaws and apparently no newer ones has any flaws that could allow running unsigned code.
On the other hand, tmbinc said the 360 wasn't designed to withstand certain hardware attacks such as the timing attack and "glitching".
Glitching here is basically the process of triggering processor bugs by electronical means.
This is the way we used to be able to run unsigned code.
The reset glitch in a few words
We found that by sending a tiny reset pulse to the processor while it is slowed down does not reset it but instead changes the way the code runs, it seems it's very efficient at making bootloaders memcmp functions always return "no differences". memcmp is often used to check the next bootloader SHA hash against a stored one, allowing it to run if they are the same. So we can put a bootloader that would fail hash check in NAND, glitch the previous one and that bootloader will run, allowing almost any code to run.
Details for the fat hack
On fats, the bootloader we glitch is CB, so we can run the CD we want.
cjak found that by asserting the CPU_PLL_BYPASS signal, the CPU clock is slowed down a lot, there's a test point on the motherboard that's a fraction of CPU speed, it's 200Mhz when the dash runs, 66.6Mhz when the console boots, and 520Khz when that signal is asserted.
So it goes like that:
- We assert CPU_PLL_BYPASS around POST code 36 (hex).
- We wait for POST 39 start (POST 39 is the memcmp between stored hash and image hash), and start a counter.
- When that counter has reached a precise value (it's often around 62% of entire POST 39 length), we send a 100ns pulse on CPU_RESET.
- We wait some time and then we deassert CPU_PLL_BYPASS.
- The cpu speed goes back to normal, and with a bit of luck, instead of getting POST error AD, the boot process continues and CB runs our custom CD.
The NAND contains a zero-paired CB, our payload in a custom CD, and a modified SMC image.
A glitch being unreliable by nature, we use a modified SMC image that reboots infinitely (ie stock images reboot 5 times and then go RROD) until the console has booted properly.
In most cases, the glitch succeeds in less than 30 seconds from power on that way.
Details for the slim hack
The bootloader we glitch is CB_A, so we can run the CB_B we want.
On slims, we weren't able to find a motherboard track for CPU_PLL_BYPASS.
Our first idea was to remove the 27Mhz master 360 crystal and generate our own clock instead but it was a difficult modification and it didn't yield good results.
We then looked for other ways to slow the CPU clock down and found that the HANA chip had configurable PLL registers for the 100Mhz clock that feeds CPU and GPU differential pairs.
Apparently those registers are written by the SMC through an I2C bus.
I2C bus can be freely accessed, it's even available on a header (J2C3).
So the HANA chip will now become our weapon of choice to slow the CPU down (sorry tmbinc, you can't always be right, it isn't boring and it does sit on an interesting bus ;)
So it goes like that:
- We send an i2c command to the HANA to slow down the CPU at POST code D8 .
- We wait for POST DA start (POST DA is the memcmp between stored hash and image hash), and start a counter.
- When that counter has reached a precise value, we send a 20ns pulse on CPU_RESET.
- We wait some time and then we send an i2c command to the HANA to restore regular CPU clock.
- The cpu speed goes back to normal, and with a bit of luck, instead of getting POST error F2, the boot process continues and CB_A runs our custom CB_B.
When CB_B starts, DRAM isn't initialised so we chose to only apply a few patches to it so that it can run any CD, the patches are:
- Always activate zero-paired mode, so that we can use a modified SMC image.
- Don't decrypt CD, instead expect a plaintext CD in NAND.
- Don't stop the boot process if CD hash isn't good.
CB_B is RC4 crypted, the key comes from the CPU key, so how do we patch CB_B without knowing the CPU key?
RC4 is basically:
crypted = plaintext xor pseudo-random-keystream
So if we know plaintext and crypted, we can get the keystream, and with the keystream, we can encrypt our own code. It goes like that:
guessed-pseudo-random-keystream = crypted xor plaintext
new-crypted = guessed-pseudo-random-keystream xor plaintext-patch
You could think there's a chicken and egg problem, how did we get plaintext in the first place?
Easy: we had plaintext CBs from fat consoles, and we thought the first few bytes of code would be the same as the new CB_B, so we could encrypt a tiny piece of code to dump the CPU key and decrypt CB_B!
The NAND contains CB_A, a patched CB_B, our payload in a custom plaintext CD, and a modified SMC image.
The SMC image is modified to have infinite reboot, and to prevent it from periodically sending I2C commands while we send ours.
Now, maybe you haven't realised yet, but CB_A contains no checks on revocation fuses, so it's an unpatchable hack !
Nothing is ever perfect, so there are a few caveats to that hack:
- Even in the glitch we found is pretty reliable (25% success rate per try on average), it can take up to a few minutes to boot to unsigned code.
- That success rate seems to depend on something like the hash of the modified bootloader we want to run (CD for fats and CB_B for slims).
- It requires precise and fast hardware to be able to send the reset pulse.
Our current implementation
We used a Xilinx CoolRunner II CPLD (xc2c64a) board, because it's fast, precise, updatable, cheap and can work with 2 different voltage levels at the same time.
We use the 48Mhz standby clock from the 360 for the glitch counter. For the slim hack, the counter even runs at 96Mhz (incremented on rising and falling edges of clock)
The cpld code is written in VHDL.
We need it to be aware of the current POST code, our first implementations used the whole 8 bits POST port for this, but we are now able to detect the changes of only 1 POST bit, making wiring easier.
We tried not to include any MS copyrighted code in the released hack tools.
The purpose of this hack is to run Xell and other free software, I (GliGli) did NOT do it to promote piracy or anything related, I just want to be able to do whatever I want with the hardware I bought, including running my own native code on it.
GliGli, Tiros: Reverse engineering and hack development.
cOz: Reverse engineering, beta testing.
Razkar, tuxuser: beta testing.
cjak, Redline99, SeventhSon, tmbinc, anyone I forgot... : Prior reverse engineering and/or hacking work on the 360.
Official Site: github.com/gligli
Tutorial/HowTo: libxenon.org / free60.org
Posts in this topic
Xbox-Scene The Xbox 360 reset glitch hack - New Homebrew Hack! Aug 28 2011, 11:18 PM EatonZ XS news was slow today. ;p
Excellent work to all ... Aug 29 2011, 12:22 AM bucko I'm so not updating my 360 now :D :D :D
Ju... Aug 29 2011, 12:23 AM SNAAAKE PRAOO B) Aug 29 2011, 12:33 AM iateshaggy update away (at least slim, clarification would be... Aug 29 2011, 12:41 AM Orka
update away (at least slim, clarification would b... Aug 29 2011, 12:48 AM radoman
Unpatchable for the hardware already out there...... Aug 29 2011, 01:10 AM CoLD FiRE I'm so happy that I'm unable to find the r... Aug 29 2011, 12:48 AM highonxbox Holy crap Holy crap Holy crap! All systems run... Aug 29 2011, 12:52 AM Orka
Holy crap Holy crap Holy crap! All systems ru... Aug 29 2011, 12:54 AM Aldanga
Holy crap Holy crap Holy crap! All systems ru... Aug 29 2011, 01:11 AM miller420
According to GliGli, this particular hack does no... Aug 29 2011, 01:58 AM Paperstack.1 I guess I should send in my Slim immediately to ge... Aug 29 2011, 12:54 AM marcelosnp I am very happy :D Aug 29 2011, 01:02 AM wes302 who is going to do this and how much will you char... Aug 29 2011, 01:04 AM Reaper527 this is a huge development. congratulations to eve... Aug 29 2011, 01:07 AM UnrealEureca I think I'm going to buy a new slim now...... ... Aug 29 2011, 01:08 AM thecrunked You think they will release a newb friendly guide/... Aug 29 2011, 01:09 AM Orka
You think they will release a newb friendly guide... Aug 29 2011, 01:18 AM radoman
They have. As noob friendly as it can be.
TX wil... Aug 29 2011, 01:59 AM ninjanutta This is so good,im getting a slim for back up jtag... Aug 29 2011, 01:24 AM DevilDave Sweet mother of Jesus! Gonna get myself a slim... Aug 29 2011, 01:52 AM uN0pEn Excellent!! I have the Dev boards already... Aug 29 2011, 01:54 AM kipper2k Why would you bother with a Xenon even if they wer... Aug 29 2011, 02:06 AM thecrunked How can I tell if I have a xenon or an opus (or so... Aug 29 2011, 02:13 AM kipper2k
How can I tell if I have a xenon or an opus (or s... Aug 29 2011, 02:15 AM miller420
Xenon or Opus is not supported (and won't be)... Aug 29 2011, 02:20 AM kipper2k
Zephyrs had a 203w power supply as well.
Yah,... Aug 29 2011, 02:25 AM miller420
How can I tell if I have a xenon or an opus (or s... Aug 29 2011, 02:19 AM Orka
How can I tell if I have a xenon or an opus (or s... Aug 29 2011, 02:19 AM tomgreen99200 :popcorn: Aug 29 2011, 02:28 AM thecrunked looks like i have a xenon :(
that is my offl... Aug 29 2011, 02:32 AM kipper2k
looks like i have a xenon :(
that is my off... Aug 29 2011, 02:37 AM thecrunked
Jaspers are xellable so you are good to go
sor... Aug 29 2011, 02:38 AM kipper2k
sorry i am new at jtag,
jasper = falcon?
nop... Aug 29 2011, 02:42 AM sabbath_dude Wow! :o Great news! :D I was just readi... Aug 29 2011, 02:34 AM Orka Relisted:
http://cgi.ebay.co.uk/ws/eBayISAPI.dll?V... Aug 29 2011, 02:42 AM thecrunked actually i guess it doesn't really matter what... Aug 29 2011, 02:42 AM kipper2k
actually i guess it doesn't really matter wha... Aug 29 2011, 02:45 AM jsawyer86 I HAD to log in for this one! TY so much to ev... Aug 29 2011, 03:10 AM kipper2k
Woot! Awesome news!
I just ordered this ... Aug 29 2011, 03:24 AM sephiroth99
Here's the proper board... better hurry, i fo... Aug 29 2011, 03:27 AM kipper2k
I saw that, but shipping was like 30 bucks (for m... Aug 29 2011, 03:30 AM UnrealEureca
Here's the proper board... better hurry, i fo... Aug 29 2011, 03:32 AM jsawyer86
Here's the proper board... better hurry, i fo... Aug 29 2011, 03:48 AM biscoito I guess I'll wait until team xecuter releases ... Aug 29 2011, 03:20 AM InvidiousDemise Epic! Xlink will breathe again. Can anyone sug... Aug 29 2011, 03:21 AM sephiroth99
Epic! Xlink will breathe again. Can anyone su... Aug 29 2011, 03:23 AM Freakyfabe THIS IS GOOD. REAL GOOD!!!! :D T... Aug 29 2011, 03:37 AM pezjono1986 Sweet mother!
Props to all those involved on h... Aug 29 2011, 03:59 AM Tatsh This is the best news ever since the last JTAG hac... Aug 29 2011, 04:11 AM jsawyer86 My girlfriend is already tired of me trying to exp... Aug 29 2011, 04:11 AM hyfall381 This sounds very interesting. I have never had a ... Aug 29 2011, 04:13 AM kipper2k
This sounds very interesting. I have never had a... Aug 29 2011, 04:21 AM dingnecros Okay I am a n00b to the whole jtag thing can someo... Aug 29 2011, 04:23 AM kipper2k
Okay I am a n00b to the whole jtag thing can some... Aug 29 2011, 04:27 AM Grim187 This looks promising, i might have to do another p... Aug 29 2011, 04:48 AM kipper2k
This looks promising, i might have to do another ... Aug 29 2011, 04:56 AM Grim187 @kipper2k thanks for the link.
the only things th... Aug 29 2011, 05:22 AM uN0pEn
@kipper2k thanks for the link.
the only things t... Aug 29 2011, 05:26 AM jsawyer86
This looks promising, i might have to do another ... Aug 29 2011, 05:39 AM honda4eternity I can't wait to recover the dvd drive keys fro... Aug 29 2011, 05:06 AM ruciz So. Hear me out. Radical idea but I think it has p... Aug 29 2011, 05:13 AM kipper2k
So. Hear me out. Radical idea but I think it has ... Aug 29 2011, 05:18 AM Aldanga No. It wouldn't work. Otherwise we'd be ab... Aug 29 2011, 05:18 AM ruciz
No. It wouldn't work. Otherwise we'd be a... Aug 29 2011, 05:22 AM Aldanga
Those with a locked SPI haven't been reflashe... Aug 29 2011, 05:29 AM ruciz
That's because it's a hardware lock, not ... Aug 29 2011, 05:42 AM Aldanga
I don't believe thats true.
Geremia said you... Aug 29 2011, 05:45 AM alphachaosomega
So if i get this chip what board should i use.. ... Aug 29 2011, 05:31 AM kipper2k
So if i get this chip what board should i use.. S... Aug 29 2011, 05:42 AM hardrock351w Great Work!!!
As happy as I am, I can... Aug 29 2011, 05:38 AM kipper2k Thing about jumping on the wagon and spending time... Aug 29 2011, 05:39 AM ruciz
Thing about jumping on the wagon and spending tim... Aug 29 2011, 05:51 AM kipper2k
There is no way I can think of to glitch an untap... Aug 29 2011, 05:54 AM ruciz
All i am saying is one hole leads to new holes an... Aug 29 2011, 06:09 AM rwcottrell im thinking this is way too technical and complica... Aug 29 2011, 05:40 AM faint_u This is the greatest news I've heard this year... Aug 29 2011, 06:11 AM ruciz
This is the greatest news I've heard this yea... Aug 29 2011, 06:30 AM masterofpuppets Fuck YES. The guys who do this shit are amazing ne... Aug 29 2011, 06:18 AM keine Crazy awesome news. Hopefully this doesn't end... Aug 29 2011, 07:00 AM kl1k Hopefully the timings for the Falcon's will be... Aug 29 2011, 07:24 AM Code-Red I couldn't care less that my JTAG's value ... Aug 29 2011, 07:29 AM Khaine Waiting for payday and the falcon timings here.
M... Aug 29 2011, 07:33 AM hangover So now the race is on for who can release the firs... Aug 29 2011, 07:44 AM Jameason Anyone know what JTAG programer cable and socket t... Aug 29 2011, 07:53 AM APE I can only imagine that in the next few months mor... Aug 29 2011, 08:03 AM alphachaosomega Ok so I did a google search for Xilinx Lab Tools a... Aug 29 2011, 08:44 AM SD_DRACULA
This is so good,im getting a slim for back up jta... Aug 29 2011, 08:47 AM Bloodsack The thing I want to know is when can I do my xbox ... Aug 29 2011, 09:03 AM ploggy I think bit of patience is key now. I would say wa... Aug 29 2011, 10:27 AM tech3475 So wait, will my xenon console see support in the ... Aug 29 2011, 11:13 AM ddsdavey Sooooo this boots Xell now? Sooooo all my Jaspers ... Aug 29 2011, 11:16 AM thesonandheir Holy Smokes Batman!
Knew things were moving c... Aug 29 2011, 11:17 AM ichigoxxx cant wait to try this great news for the scene. th... Aug 29 2011, 11:46 AM Orka
cant wait to try this great news for the scene. t... Aug 29 2011, 12:02 PM ploggy
They need to make xkey360 "live safe" t... Aug 29 2011, 12:10 PM