|
ww735215
|
 |
« on: October 26, 2009, 09:15:17 PM » |
|
i found 360's ce section version is 1888,so any 360's ce section binary is identical ?
but i compair xenon and falcon's ce section,i found it is diffrent.
|
|
|
|
|
Logged
|
|
|
|
|
cory1492
|
|
« Reply #1 on: October 26, 2009, 11:38:32 PM » |
|
Did you decrypt them both before compare?
As far as I know CE is what it shows you for BK (base kernel? backup kernel?) in the system menu, I've not seen any other than 1888 (but that definitely does not mean one can not exist.)
|
|
|
|
|
Logged
|
|
|
|
|
Shaun
|
|
« Reply #2 on: October 27, 2009, 04:51:37 AM » |
|
xenon is just stored, on falcon it is crypted as cory states
|
|
|
|
|
Logged
|
|
|
|
|
ww735215
|
|
« Reply #3 on: October 27, 2009, 11:15:02 PM » |
|
oh.if falcon's ce section is encrypt,it's must diffrent with xenon ce part(store).
another question:
i use flash tool read a falcon's nand,i found:
dash.xex 0x03b0 0x0042c000(length)
03b0 is start block,how many byte is one block?
03b0*bytes(4k?)+0x0042c000h >16m ?
how to restore origin dash.xex through hexedit?maybe some is middle of nand,some is end of nand?how to resassemb to dash.xex?
|
|
|
|
|
Logged
|
|
|
|
|
Shaun
|
|
« Reply #4 on: October 28, 2009, 03:42:26 AM » |
|
1 block is 0x4200 bytes if a raw dump, 0x4000 if not
afaik, all CE are identical, just falcon needs a little work to get to it 1st.
Regarding injecting a file into the fs, not sure. robinsod commented that it was just a simple container for the whole thing, not sure exact details or how you would go about doing it
|
|
|
|
|
Logged
|
|
|
|
|
ww735215
|
|
« Reply #5 on: October 28, 2009, 11:06:28 AM » |
|
1 block is 0x4200 bytes if a raw dump, 0x4000 if not
afaik, all CE are identical, just falcon needs a little work to get to it 1st.
Regarding injecting a file into the fs, not sure. robinsod commented that it was just a simple container for the whole thing, not sure exact details or how you would go about doing it
if ce are identical ,why it is diffrent that my falcon' ce and my xenon' ce code .i compare them with tocalcmd. i get dash.xex through extracting from my origin nand with 360 flashtools, dash.xex is 4M size.so ,0x03b0(dash.xex offset) +4M>16M . SO I guest one part of dash.xex is end of orgin.nand,another part mayby is middle of orgin.nand. |
|
|
|
|
Logged
|
|
|
|
|
cory1492
|
|
« Reply #6 on: October 28, 2009, 01:19:16 PM » |
|
Typically a file system is stored in a NAND using LBA with LBA values stored in spare page (instead of sequentially like you think, just like most disks) - meaning any file can have it's sectors scattered in RAW chip data. In 360 certain sections are outside this file system, like SMC code/data and boot loaders but anything that shows up in the file system tree in flash tool should be in a LBA mapped file system of some kind with a file allocation table and such. Look for the source to flash tool, it 'decodes' the file system out of a RAW nand dump. edit:/ here, more detailed than I care to go into http://www.xboxhacker.net/index.php?topic=6674 |
|
|
|
« Last Edit: October 28, 2009, 02:27:20 PM by cory1492 »
|
Logged
|
|
|
|
|
ww735215
|
|
« Reply #7 on: October 28, 2009, 10:42:14 PM » |
|
thanks cory1492.
i get my falcon's cpukey and 5770 version ,if i build falcon's 84**.bin through ibuild.exe,then flash it to consol.what happen?
can it be hacked? 1bl should be modified by new 84** and cb version is 5771?
|
|
|
|
|
Logged
|
|
|
|
|
damox
|
|
« Reply #8 on: October 28, 2009, 11:33:14 PM » |
|
thanks cory1492.
i get my falcon's cpukey and 5770 version ,if i build falcon's 84**.bin through ibuild.exe,then flash it to consol.what happen?
can it be hacked? 1bl should be modified by new 84** and cb version is 5771?
If you flash 84**.bin created by ibuild without using freeboot. The console wont boot. It will effectively be the same as if your ldv dont match. |
|
|
|
|
Logged
|
|
|
|
|
ww735215
|
|
« Reply #9 on: November 01, 2009, 10:23:53 AM » |
|
thanks.
i have a question:
i found that it has ten same directory block on my falcon's nand.
example:
dash.xex start:0x3b0
derctory block:
3b0 3b1 .........
second:
3b0 3b1 ...........
and so on.
why same directory has ten store? if i replace with other's dash.xex, i must modify every director block?
|
|
|
|
|
Logged
|
|
|
|
|
cory1492
|
|
« Reply #10 on: November 01, 2009, 04:48:49 PM » |
|
Read the thread I linked you to, it discusses why there are multiple directory entries and how to find the correct one - or even (again) look at the source to flash tool, afaik it's got some #DEFINE stuff in it for building degraded which constructs file system/flash image.
Before you can treat the file system like a file system you must extract the relevant data. Consider "write before erase" strategy when dealing with a device that might fail while writing a sector or block, in this case though instead of immediate erase it seems it uses some form of incremental identification bytes to identify the correct/latest allocation table (the same sort of thing happens with smc config as well.) If you found 10, then either it has been updated 10 times (or 5 with mirrors) or it starts recycling back to the first one after 10 updates (or 5 if mirrored once like traditional FAT.) Seriously, read the thread and look at the source if you are actually interested in doing it by hand - it definitely touches on this info.
|
|
|
|
|
Logged
|
|
|
|
|
ww735215
|
|
« Reply #11 on: November 02, 2009, 12:40:26 AM » |
|
i spent a lot of time to analyse file system. it is too complicated.
start offset + length +2bytes what means 2bytes?i can't find any explain.need i modified it?
just i want to copy xenon's file system ,then paste to my falcon's.
|
|
|
|
« Last Edit: November 02, 2009, 10:15:50 AM by ww735215 »
|
Logged
|
|
|
|
|
Dilber MC Theme by HarzeM