|
1
|
Xbox 360 / Tech Support 360 / Re: Corona V4 Glitching Issues
|
on: May 13, 2013, 08:41:36 AM
|
|
So what you say is that the Corona v4 has a hard limit inside the actual SMC chip of 5 max resets?
I'd like to know that, because I always use xebuild to build my rgh2 images and I always say yes to patch_smc which will take the smc.bin firmware from nanddump.bin, patch the limit and write that to my target image.
I haven't done a corona v4 though.
|
|
|
|
|
3
|
Xbox 360 / Tech Support 360 / Re: 0225 kamikaze shortage
|
on: November 03, 2012, 08:33:38 AM
|
|
Thanks a lot for the replies, I really appreciate it.
There was some dirt between pin4 and 5 but it didn't cause the short.
I measured all of the pins, and none of them seem to be shorting to another.
Also when removing the epoxy I used the low-setting on my heater so it'll get hot enough to pry off the epoxy with a sharp knife.
However I doubt it was hot enough to melt the solder or disconnect the legs.
When I power it, the chip starts getting hot but it sometimes identifies though.
Also the fuses C6 and U2 and/or U1 get so hot, I can almost fry en egg on it.
So I only power it for like 5 seconds now.
I tried to find spots on the board where the shortage might be, but I can only think of the 3.3v spot of the power connector, because that's the only one I soldered the wire to (that goes to my drill).
But that one seems good.
So I guess the shortage is caused within the chip because the drill spot was either a bit off or too deep, in which case I can trash it.
If you want phonsey I can send you the board, if you want to take a look.
I'm out of ideas now, guess I'll wait for the TX new board to glitch it and get the dvd-key and one of those special replacement boards that only require the dvd-key.
|
|
|
|
|
4
|
Xbox 360 / Tech Support 360 / 0225 kamikaze shortage
|
on: November 01, 2012, 05:25:23 PM
|
Hey there I need some help. Tried the Kamikaze on a 0225 winbond lite-on slim. While they usually go fine, this one didn't cooperate with me. I always use dosflash spi unlock under real dos-mode (win98 bootdisk) using my ICH9R in IDE compatible mode. So I started drilling with the 3.3v (from the drive) connected to my soldering iron but it didn't unlock when I hit the spot. So I turned everything off and powered my drive again and I notice that the drive board gets really hot including the MCIX chip. Like I created a shortage within the drillin hole. Now sometimes it identifies the flash but sometimes not. When it identified I tried a SPI unlock with a small cotton stick and alchohol and said UNLOCKED. But still the board overheats fast and I don't think I'll be able to dump without fixing the shortage. I could drill further hoping to somehow disconnect the shortage within the drilling hole. Or I could send it to someone with one of those xecuter pro devices which are capable of doing a full dump. any ideas? here's a picture of the drilling hole: http://chicken.better-than.tv/~mastag/hole.jpg |
|
|
|
|
5
|
Xbox 360 / Xbox 360 General Discussion / Re: RGH Explained
|
on: October 30, 2012, 12:05:47 PM
|
Lets wait for these changes to be included in xeBuild then  EDIT: After reading TX's frontpage, they'll be releasing special CR3-DGX addon for their new CR3 Pro glitcher that will be able to extract the cpu-key from 15xxx and newer consoles. After you have the key, you can use it to build a freeboot image. Too bad the addon only works with their CR3 Pro, must be a pricey deal. I'd rather see a stand-alone addon for extracting the cpu-key, so I can use a cheaper board for glitching.. |
|
|
|
|
7
|
Xbox 360 / XboxHacking - General / Re: Xecuter Fusion v1.07 BETA released
|
on: May 24, 2012, 04:08:19 AM
|
Same here, I only have jtag consoles atm. Oh well they have to make a little profit right?  Having it RGH-only will keep the sales up. But to be fair, I'd buy a Coolrunner and a Demon (once it hits the stores) if: 1. The Demon would properly reset the SMC so I can switch between my onboard flash and Demon flash (running Fusion) without the risk of getting banned from Live. 2. Fusion supports xellLaunch for running Linux 3. (Optional) Comes wil a nice sata-splitter so it would connect hdd A only when booting from my onboard flash and connect hdd B when booting from the Demon flash, to prevent my hacked kernel from poluting the hdd that's connected when I connect to Live. Keeping everything separated (nice and safe:P). |
|
|
|
|
12
|
Xbox 360 / Xbox 360 General Discussion / Re: RGH 2.0 Released by Team SQUIRT
|
on: April 17, 2012, 02:44:58 PM
|
From TX's page: With RGH2, a cpu_key is necessary for building the NAND image. The reason for this is because cpu_key encryption starts at CB, and in RGH1 there was only one CB which meant that CD was encrypted with cpu_key but CB could be "zero paired" which meant that the cpu_key would not be applied. When split-CB was added, they started the encryption at CBA and removed the zero pairing option, which means that cpukey encryption on CBB is mandatory. Bottom line is, after the 14717 update they turned all phats into a split CB boot chain but using unglitchable bootloaders. We can still glitch these boxes even when we don't know the cpu_key because we can use the "XOR hack" to embed the RGH2 bootloaders. For older images (pre-14717) we need the cpu_key to encrypt the new loaders because there is not a CBB already in the image that we can derive a keystream from. So if I would like to glitch my 14719 trinity, I can only glitch it to run xell -IF- I have my cpu-key. And in order to get my cpu-key I need to use the XOR Hack right? Correct me if I'm wrong but the XOR hack relies on the way they use RC4 encryption, now what if MS will update the way they use the RC4 encryption patching the RC4 vulnerability. Then some day we end up with updated boxes which we are unable to extract the cpu-key...? |
|
|
|
|
14
|
Xbox 360 / Xbox 360 General Discussion / Re: Updating Retail Dual Nand to 14719
|
on: April 04, 2012, 03:49:12 PM
|
|
Offtopic question:
I was thinking of buying a dualnand reset glitch chip for my slim which is currently on Live with 14719.
Then connect a FAT32 formatted disk for storing homebrew like Snes360 (Hdd:\Emus)
I don't MS will ban me for having homebrew on a FAT32 usb disk since the original nand doesn't care about it (it will only look for videos, music and pictures).
But if I use one offline profile for my homebrew and one online profile for Live will I be safe?
Because some homebrew will make crazy achievements like Snes360 for example.
I can of course format a second usb device for use as memory storage and use that for my offline (homebrew) profile but that defeats the purpose of having a dualboot setup because I always have to insert it for running homebrew and take it out when I go on Live.
So do you guys think MS can take a sneak peak at the other profiles I have when I go on Live?
|
|
|
|
|
16
|
Xbox 360 / Tech Support 360 / Fruit Ninja Kinect issue
|
on: March 21, 2012, 09:01:24 PM
|
|
I was bored so I decided to buy the Kinect.
I have two boxes, one original slim and one jtag jasper512.
Now I use the jtag one in the living room because of snes360 and mupen360 etc and I plan to use the kinect on it.
So anyways the Kinect came with a code to download Fruit Ninja from xbox live.
I installed it on my original slim and used my transfer cable to copy the folder to my jtag.
My jtag runs the 14719 kernel built with xeBuild 1.01 update 1.
Then I installed the original 14719 update from MS to get the avatar stuff.
I also installed dashlaunch 2.32 with the contpatch = true set in launch.ini.
The game shows up in NXE and freestyledash.
However when I run it there is this strange issue.
When I slice the "Begin"-lemon, a screen pops up where I can sign into one of my profiles.
I have 3 offline profiles and the jtag box has never been on Live.
But no matter which profile I select, I always get the message that my box cant connect to Live (obviously).
So it asks me if I want to go back to NXE and do a connection test, when I say no it will still log into the selected profile and it will take me back to the title screen again.
But when I slice the "Begin"-lemon again it will still take me to the sign in screen however I'm already logged in.
So I tried signing into all profiles but no matter what I cant get passed the title screen.
Any ideas?
|
|
|
|
|
17
|
Xbox 360 / Tech Support 360 / ggBuild issues.
|
on: November 16, 2011, 03:18:46 AM
|
|
I've just installed ggBuild 0.33b kernel 13604 with Dash Launch 2.26 on a trinity slim.
It boots within 5 seconds most of the time.
However there are some issues.
I can boot xexmenu from a burnt cd-r.
But I cannot boot game backups at all.
fcrt.bin was taking in account when creating the ggBuild image.
I tried Call of Duty: MW3 and Sonic Generations.
They're properly written and verified with my iHas624, without truncating.
Also I've haved tested them on two other boxes with the LT2(.01) firmware flashed onto their drives and they work fine.
My second issue is regarding the 4GB memory module, it's a small pcb with 4GB flash that sits on a small connector nearby the nand.
The original NXE dashboard detects the 4GB just fine and it can be used for creating profiles and stuff.
But xexmenu nor freestyle dash won't detect it at all?
Only flash: and dvd: are detected.
I wanted to install freestyle dash with a few emulators onto the MU (snes360 ftw).
|
|
|
|
|
19
|
Research & Technical XboxHacking (Xbox 360) / DVD-ROM Drive and Media / Re: Upgrade Your VIA 6421 to dump 0225/0401... Slim Lite-On!
|
on: October 21, 2011, 03:23:26 PM
|
I'd like to thank CoDeFl@sher, mprace and oc or their support So I finally got the IDE female to male cable and hooked everything up... But I already turned on my computer and accidentally connected the power supply for IDE to sata adapter upside-down (while my computer was running). A spark and awful smell... and the IDE adapter is wasted But since my slim drive was already erased I just connected it to the port on the back of via and flashed LT+ 2.0 using dosflash16 (since the via never worked on jf anyways). I used mprace's dummy.bin to create the cfw, so thanks again. After flashing it with the via card, I used my ich9r controller (in ide compatible mode) to lock the drive again. It works and plays original discs, haven't tried any backups but I'm sure it works. Now it's time to get it glitched.. |
|
|
|
|
20
|
Xbox 360 / XboxHacking - General / Re: A new revision of the Slim, no more Glitch?
|
on: October 19, 2011, 08:45:54 AM
|
The manufacturing date of the new console is August 17th, before the glitch became public. Glaze83 is probably correct that the HANA and SB have been consolidated. Less likely is the HANA and GPU have been consolidated.
Just because the two previously separate devices might now sit on the same die (or atleast the same package) does not mean they dont' still communicate over an abstracted version of the I2C bus. This would prevent the designers having to rewrite all their existing software code.
If that bus is still exposed on the PCB, then nothing really changes.
If the bus is no longer exposed (since everything it connected to is now contained on the unified SB/HANA), then you still can glitch it, but you have to tell the SMC to handle the CPU clock speed adjustments.
I've already made a fair bit of progress towards porting the glitch to the SMC. To create an SMC based glitch hack for the slim, I was eventually going to have to use the SMC's I2C software routines to change the speed anyway.
Great work Blackaddr, Really appreciate your work in perfecting everything for us. Be sure to keep us posted bro! You're definitely my favorite hacker/engineer. |
|
|
|
|
Show Posts
Dilber MC Theme by HarzeM