I actually made my own board based on the design everyone else used. I posted a pic and the eagle sch/brd files of it earlier in this thread. I didnt change any programming and stuck with the default parts. No point in chasing your tail trying to mess around with something that works. I also used a 12mhz oscillator with the built in capacitors. The board works perfectly.
It is recommended that for resonators with a frequency <= 20mhz that a 30pf cap be used on both legs (check the data sheet of the part below)

http://search.digikey.com/ca/en/cat/crysta...52887?k=x907-nd

data sheet says 15pF for 20MHz Crystal Osc.


try using PicXFlash_V3b_plus2

USB_Xbox360_SPI_4-20MHz_(incl.BootLoader)_PicXFlash_V3b.zip

ready to burn (with PIC Programmer) .hex for Osc. 4 to 20 MHz
with BootLoader integrated in .hex

Question, are these new boards and fancy stuff I see people making required? I only have the diodes to printer port thingy made from the original jtag. Is this not good enough for the new reset glitch anymore? It's just to extract/flash your kernel right?

Are there any nice tutorials out yet or is it still in early stages?

Kipper,

Thx man!

esson,

So, I only need to flash this hex with my PCI programmer board?
No need to use PDFSUSB.exe to program PICFLASH.hex with the PIC on my board?
How about the bootloader jumper? shorted or opened?

Thx!

@marcus.miranda

that's right, only program the hex to PIC (20MHz version for your board),
jumper opened and use directly afterwards,

should then be recognized as Memory Access

(PICFLASH.hex and PicXBoot.hex are both in one .hex -> so you can use bootloader later as usual, if needed)

Got it!
Just did and apparently it worked because the NANDPro was giving one ARM hardware incompatible error or something and now it says "Could not detect a flash controller!" because no NAND is wired to my board.

Will hook up the wires on the board later to see if I'm lucky now.

Thx Kipper, Grim and esoon.

LPT will work just fine, but is slow and unreliable. USB SPI is much faster. LPT for me was around 40min to dump a nand. My usb spi takes about 5 min for a dump.

Does anyone know what resistor is on the STBY_CLK (R4B24). I soldered to the point and while I was moving the glitch chip to get to another point I lifted the pad and trace . While frustrated I tried to repair and removed the resistor, now I can't find it. Any help is greatly appreciated.

it is a 34 ohm resistor, (plus or minus 1 ohm). it can be fixed if you are careful

It worked! The board worked after flashing the PIC with PicXFlasher_V3b (booloader+flasher) [courtesy of esoon. Thx man!]

Extracted 2 NANDs and they didn't match. Extracted another one and compared the it against the other two. It matched the second. Extracted a fourth NAND and compared against the second and they matched. So I picked the second and discarded the others. Used the python program and generated the ecc.

Going to create the glitch board based on Technitian's design.

Thx to all who helped me somehow.

Thanks Noraa, appreciate it. I can live with the 40min dump, means I save some money and time trying to get the usb. I've had bad dumps before but resoldering always did the trick. As long as the dump checks out fine right?

Is the CPLD required however? I only know about this tutorial so it's where I get my info from regarding the reset glitch. If I can exactly use the old method I'll be set though since I know that by heart

Pointed to kipper2k but anyone else confirm I have the wiring figured correctly?

kipper2k Reset Board

Thanks!

Wiring is good... use the alternate solder point for Hana clk and run the wire from cpu_rst on the underneath to tidy it up.

Use the other ground pad at the back of the board, dont use the ground pad you currently have it going to and you are all set. Use the link below to see the Hi-res picture showing Fat install


http://www.kipper2k.com/topinstall.jpg

once again, thanks!

3 hdmi systems that i almost threw away a 6 months ago now have loving dvdroms with correct keys once again. o Happy day. Curious question ecc generator creates a smc.bin, what is this used for?

i think its encase you want/need a donor smc, ive never used it.

just a quick plug, i am offloading all my old fixes, i have 7 working glitched falcons to offload, obviously they have been opened and a couple have been reflowed by me. msg me if interested.

finally glitched my Slim.
This is the cable i used for programming my cpld.
http://www.ebay.com/itm/120773528879?ssPag...984.m1439.l2649

Programmed it with x360gcProg 1.1 made by Soulhaven. (thanks).

Glitched and have my cpu keys now.
Flashed my nand back to normal for now.
Waiting for a rebooter.

Thanks everyone for helping.

Hi, I have been having problems with this hack and I was hoping someone could help me. And if not I would be willing to send the console to someone to repair and glitch for me.

Ok so here's what happened.

It's a slim.
I read the nand using an lpt cable. I got 2 identical files first try.(used total commander to check)
I programmed the chip, in my case a matrix glitcher.
Created the ecc image using exploit360
Wrote the ecc to the nand. All seemed to go smoothly.
I installed the glitcher, however my slim failed to glitch. (tried 220pf cap and 270pf)
So I removed everything and wrote my original nand image back to the slim.
To my dismay the console booted to e79 error code 1033.
nandpro still reads and writes the nand as it should, however
If I write the original nand to the slim, then read the nand and compare the two images in total commander I get a bunch of differences. 29970 or something like that.
Does this mean I have a problem writing to the nand?
I'm using the diode at the moment. Do you need a diode when reading and writing the slim nand? I have been unable to find an answer on this.
The 1033 code says the slim cannot find the hdd however there is only the 4gb flash memory on the slim.(I have also checked all cables and connections)
If anyone can help me with or shed some light on what is happening(judging by this thread this seems to be the best place to get help) I would be very greatful.
Many thanks
Nick.

i never used the diode, just the 100ohm but i havent used lpt to read/write the nand since before the slim was released.

sometimes it takes up to 5mins to boot, how long have you left it on when testing?

Using LPT, you should be more careful. I did 6 dumps just to be sure and than 2 more. Funny thing was 1 and 2 showed identical, then 4,5 and 6 showed identical also but different from 1 and 2. Dumped two more times, the 7 was identical to 4,5 and 6 the 8 was a fail. True story

Anyway, I use the same configuration for the read and the write, same diodes, same resistors (i used 68ohm, didn't work with 100ohm). Never had any issues with the writing part.

Maybe try unplugging your console and let it sit for a few minutes and try again. Did you use +w16 or -w16 to write the original nand back?

When you rewrote the nand, in theory you only needed to rewrite the first 50 blocks as they were the only blocks rewritten by the .ecc file. try using the command .... nandpro usb: -w16 original.bin (assuming that is the name of the original nand file you read from the 360. Make sure all wires from the glitch chip are disconnected. once you rewrote the original.bin file back to the 360 unplug the 360, wait at least 30 seconds, plug in a video cable and try rebooting.

edit... also unplug both sata connectors from the motherboard

Hey, thanks for the replys
Yeah I used the +w command. Damn I should have done more reads I guess.
If my 2 original reads turned out to be incorrect does that mean I have a door stop for sure?
Are any of you based in the uk?
Il try -w now and let you know how I get on thanks alot.
Oh and I left the box on plenty it just wasn't gonna glitch 4 me at all. The fan did make a sound around every 5 seconds as though it was trying to glitch...but nothing.

Edit. Wait there's no point doing a -w command now is there since I've already wrote the entire nand file back, perhaps badly. In theory I should be able to write the original nand file back then read the nand and get an identical file to my original?
Is there any advantage to erasing the nand and then writing the original?

Just write the original nand with -w and it should work if it was a good dump. Remember to unplug the console for a few minutes when done flashing.

Ok great il try that now thanks man.

Its always advised to erase a flash before writing to prevent error.

For example it compares the bytes, if different, writes them. If it does a dump, and the dump is 0xFC and thats what it expected - it will skip the write. the off-chance that it screws up a read could result in an incorrect block being left. Of course an immediate dump afterwards would prove the write.

This goes back to the chances that all 00000000 won't be read incorrectly like 00101101 could be... In reality writing the whole flash, an erase is not as necessary.

Same idea as installing windows on a Windows disk isn't as good as installing windows on a formatted disk. Flash writing is pre-determined and takes up the whole disc tho. The error checking is generally very good as well.

Is the glitching hardware detectable by live or MS when running legit dash on a dual boot setup(nandwitch)?

Thank you! Thank you! Thank you!!!!!
It worked!
So happy right now, it cost me 500 quid to import that console from japan.
I should never have attempted it on this console, the stakes are too high lol.
Cheers man. I owe ya a pint

I'll have half

Yes indeed, kudos to you as well sir

So just to clear this up, is it the -w or +w command that should be used when writing the ecc file?

+w for ecc! -w for original nand. chek the readme of nandpro

Haha ok thanks man. I think I used +w but I couldn't be 100% maybe that's why I couldn't get it to glitch. I have to get some flux and I'm gonna try this again on my jasper. Can't be risking my jap box lol.
Thanks again
Nick

I have a 256mb Arcade jasper that refuses to glitch PERIOD!, i should sell it back to MS so they can use it to prevent the hack lol. spent 3 days on it on and off and no go. Its a jasper that doesn't have the heat pipe on the GPU. (thought all jaspers came with heat pipes). My other arcade model made about 6 weeks later has a heat pipe, 256mb nand and glitched perfect. I bought both of these and they were both factory sealed so there is no unknown history on these boxes

woo hoo, someone knows how i feel, been trying to get this slim to glitch a bit longer then 3 days tho.

they actually decided the jasper dident need the added cooling of the heatpipe towards the end of there run and started putting the original gpu heatsink on them, i disagree and purpose that speaks to the quality of stock consoles.

have you thought about sniffing post?

I'm starting to wonder how refined this new hack can become to be accessible to all who want it.

Please prove me wrong, I will be happy to have my post in the Hall of Shame

For thouse in Europe IC at farnell

http://uk.farnell.com/jsp/search/productde...amp;sku=1605831

Digikey has 13,000 of em

Yes, but for Europe with shipping and VAT they are kinda expensive.

Been keeping an eye on this thread. But its kind of gone over my head a bit. Im a keen hacker mind and I can pretty much get to grips with most methods. So can someone tell me exactly what I would need and point me in the right direction of how to build it and how to implement it. Thanks

http://free60.org/Reset_Glitch_Hack

Hey kipper2k, did you get my PM?

Hi Anthony, i received payment on Friday 7th, put it in mail on evening 7th, the next Monday was a holiday so you should get it in next 2 -3 days if customs don't hold it up. It's actually only been 4 business days as no mail moves from post office here on a weekend

ok was just checking on it. making sure all went well.

Read over the past 102 pages of this thread. If it isn't here it don't exist.

Hope they'll figure it out soon

Pacote-san here.... same problem...

I have 2 jaspers 16mb that JUST WONT GLITCH! Spent almost 2 days and nothing... tried on another jasper 16mb that a client shipped to me and glitched first time no problem... but these 2 i just cant do it... tried alt hana, all sort of wires... Matrix glitcher, coolrunner, etc

The problem is obvious some other thing.....

yah, and now...

http://www.logic-sunrise.com/news-372832-u...x-360-slim.html

MS have released a new slim motherboard with no Hana chip.... the fun continues. From what has been said of the Hana, the Glitch chip actually only used the Hana for the clock soi would assume that an external clock would overcome this change providing the other pads are still available, who knows, someone may be designing a glitch chip for the 25 Xenon boards still working (Sorry, couldn't resist

ok guys so after a month of not being able to detect my nand with a pci lpt on win 7 ultimate (yes i know this is probably the worst setup possible) tryed using virtual pc's etc and still no luck.

i've ordered a nand-x to ease the pain, i ordered from mrmodchips.co.uk about a week ago (pre order out of stock expected delivery 18/10/11) and the expected date has changed at least twice since, has anyone elese delt with this company?

do they do this alot and if so how long did you have to wait?

i understand there will be a high volume of orders now this hack is out but dont want to be waiting by the door everyday for it to come, i dont have anything better to do with my day lol (untill this turns up :-)

cant wait to get this done argghhhhh
(at least the rebooter may be out by the time it comes)


GLITCH GLITCH HURRAY!

Cross your fingers: http://forums.xbox-scene.com/index.php?sho...12969&st=30

Hello, I connect XC2C64A CoolRunner-II via JTAG cable LPT. 360gcProg program defines it as two dice, and IMPACT as unknown. What should I do? I read on the forums that it is possible for the closure of the legs (or podaniya they signal) chip restarts and totally clean. Who knows where to? Thank you ... shawl http://i31.fastpic.ru/big/2011/0924/b8/d74...bb8878a2db8.jpg
P/s Schemes for JTAG prvoda used as a single resistor and a diode and resistors ....