edit keyvault in winhex for xenon

[sliddon]

i'm having a few problems making a new unbanned keyvault i read that u can edit a keyvault instead of replacing it so here is what i tried on my xenon

1st got s/n  from a unbanned 360 also the mac and mfd to calc the console id

extracted raw decrypt  keyvault from a backup nand before the ban

opened it in winhex and changed serial number console id mfd to match unbanned details

used decrypt to replace new raw keyvault in a 1888 degrader image with encrypt ticked

flashed with nandpro xbox boots to setup laug screen but controler fails to connect



to test my setup i did a stright swap of 2 keyvaults without the hex edit and it works fine

i was told to use keyvault modder v1c but i cant work out how to save modified serials it only has a option to patch drive

so am i missing somthing out?

[Jed]

it wont work unless they have given you the cpu key ands the kv , as you have to change the cpu key as that also gets black listed (from what i have read) so there isnt going to work , you could allways try making one but then it probs wouldent work


Jed

[sliddon]

it wont work unless they have given you the cpu key ands the kv , as you have to change the cpu key as that also gets black listed (from what i have read) so there isnt going to work , you could allways try making one but then it probs wouldent work


Jed

huh ive not heared about them banning cpu keys infact if i do a stright kv swap it connects to live fine
i was trying to just edit my keyvault to match the unbanned without having to dump the unbanned kv as the console id s/n mfd date and the mac can be read without jtaging 

[Jed]

ahh i get you , this makes me intrested , anyway i will work somthing up for you , and will post a read me

Talk later
Jed

[sliddon]

cheers i was thinking as we can calc the console id and read the s/n mfd and mac from the options menu on any 360
instead of dumping a unbanned keyvault to use we could just edit are own keyvaults with these details it saves the hassle of reading the other keyvault and could be done even if the 360 has taken a new update like my donor 360 has

ill keep playing about seen a post about flashing just the keyvault so should make things a bit faster to test

[sliddon]

well i'm stuck now after using degraded 1888 the box worked fine connected to live and asked to update
soon as the update was finshed it wouldnt boot just the center light flashers after 30 secs it rrods

the degraded 1888 image no longer works and my nand backup before the ban no longer works
i guess i need a image of the next update after 1888 to add my kv to as thats what it must have failed at

has anyone had the 360 fail on a update after using  degraded 1888 i'm lost and didnt even think to backup the faild update from nand to repair its erased now

i have the 1888 image and the newest banned image and cpu key

[k0mpresd]

the old dumps probably dont work because the ldv increased when you updated via live. so now your old dump has wrong ldv. dump the nand and try to open via flashtool to get correct ldv, patch a working dump, then flash.

edit: oh. you erased the failed update?

[sliddon]

yh i wrote over it without thinking

[l_oliveira]

If you updated through XBOX Live you were served with kernel 2.0.8955 which will install CB 1940 and CD 8453.
Obviously it didn't boot because it has strict keyvault checking and you broke the signatures when you hex edited it

With all the hacking people have been doing it would be weird if MS didn't take action.
They did and you now have to "peel that pineapple" to get it working again.  Good luck ...

Maybe if you kept the backup from the NAND when it "bricked" you can inject the original keyvault and see it it boots.
If you erased the "bricked nand" then you will be in "dire straits" to repair that system ...


Once a system is banned it's banned for good. There's no real "unban" and the most you will get is some time until you get caught again, because a system with a swapped keyvault is like a Frankenstein, with different kinds of flesh/skin which all have different skin colors...  

Just think of a african guy with a white arm implanted to get the idea of what I mean...

[sliddon]

i thought xenon didnt have the extra hash checking like falcon jasper the keyvault wasnt hex edited just swaped loads of people have reported it working and updating fine

i dont have a backup of the bad flash to check ldv so i guess its time to bin it

[sliddon]

well ive kind of sorted it now i thought maybe if i increased the CB LDV by one from 14 to 15 and flashed back the 1888 degraded it may work

flashed it back and now have the 1888 welcome screen laug option
 now i dont want to f*** it up again so how should i update from live or disk?

 

[l_oliveira]

Once CB 1940 is installed, you can kiss downgrade goodbye.

[sliddon]

ok well i decided to put my banned keyvault back into the working 1888 degradeed image and update back to how it was banned

booted 1888 with my real keyvault inserted used one of my kids games run the update

now the controler connects but has 1 red light on the front its the e74 light not the normal player 1 light and i have no video output

ive taken a dump of this bad update this time anyone fancy checking out for me??

this is what degraded says about my bad update

CB VERSION 1923 LDV 15
CD VERSION 8453
CE VERSION 1888
CF VERSION 5759 LDV 16


also i have a good nand made before the ban and before using the degrader that shows
CB VERSION 1923 LDV6
CD VERSION 8453
CE VERSION 1888
CF(0)VERSION 8507 LDV 13
CF(1)VERSION 8955 LDV14

been playing about with the bad image got it to boot to dash said plz connect hdd 1st then wont boot any games just a black screen and the controler light is player4 not 1 but i can view the dash getting closer lol

[l_oliveira]

1923 is one of the fxed CBs.  No more homebrewn on that XBOX.

I don't know what you can do to fix it but it seems like the more you mess with it the worse it gets ... :x

[sliddon]

i have 3 others for hombrew this one i rrod repaired for keyvault change region ect
its starting to come back to life lol
1 thing i would like to know is does zephyr have the new hash check like falcon and jasper because this xbox from ebay looked like a xenon 2005 mfd on case 1 gpu heatsink but looking in the keyvault the real mfd is 2007 and drive is a benq it came with a sammy ms25 must be spoofed! so to me it looked like a xenon

this would explain some of the trouble i'm having if zephyr is like falcon no keyvault editing after nxe

[sliddon]

its back to normal now fixed and updated with mw2 update

before i mess about with the keyvault again can anyone confirm what models allow this after nxe

[l_oliveira]

Consoles made after the KK exploit became public are patched. KV incidents (Christmas lights) will be "not forgotten" if you get what I mean.

Again, if you like your xbox live account/gamertag stay away from live with your hacked xbox... lol

[sliddon]

cheers thats march 2007 right?
what about refubs?

when i get home later ill try just changing the game region and see if it chrismas lights

its strange bececause before i never had chrismas lights just rrod after 30 secs witch looks more like wrong pairing data

so maybe the 1st time i used my 1888 degraded image the 1st update on live after failed but changing my pairing ldv witch caused the problem not using the unbanned keyvault

[l_oliveira]

Consoles repaired by MS will have their CB/CD updated so they will also have their keyvaults hash added in the factory made update process.

The hash check is not enforced on old consoles because the hash data do no exist on them. There's nothing to check the KV with. Of course once the console is back at the factory, the KV can have the hash added and then the system is secured.

I was able to play around with region changing an unsecure(old xenon) system with 8955 kernel. And I was able to update it without any issues. So the only roadblock is indeed the hash.

[sliddon]

ok i get you so this box made march 2007 that shows a benq drive in the keyvault is most likely a reapired box as ms only used samsung and hiachi drives before

or maybe its the model between xenon and falcon the one thats the same as xenon just with a 2nd gpu heatsink in that case if they didnt add the check untill falcon this model also may not have the hash. did they start using benq before falcon??

guess the only way to find out for sure is to change the region and test for xmas lights