Getting Started with Homebrew on Xbox 360

[jelle2503]

1) When soldering the JTAG hack, is it best to solder the diode to two pieces of kynar (30 awg) wire, and then solder the wires to the points on the board, or to go with only one piece of wire, and solder the diode directly to one of the points?
2) I've noticed there are two types of points that I'll need to solder to (on the Xenon board) - pads that look like they have a blob of solder in the middle already (from the factory), and pads with a hole in the middle.  Is there a tried and trusted method for soldering wires to each of these pads?  Here's what I plan to do:

i) use cotton swab to cover pad with flux
ii) tin pad (possibly using a bit more solder for the pads with a hole in the middle?)
iii) tin wire
iv) rest wire on pad - heat both pad and wire with soldering iron (have a 30w iron - 3-4 seconds of heating?) - apply solder to joint

1. you can choose to do either, but sticking the diode in the hole could result in poking the diode wire through the hole and hitting the metal case , you don't want that (i used 2 wires on both ends on first go)
2. read the guide. fill up the holes with some decent leaded solder, it'll make it easy for you

your plan is very good, you have learned very good soldering basics. but a 30W iron could do damage if you're not very careful! it's really hot you could lift pads.

if you pre-tin the pad, and the wire, you're good to go and melt them together with just a touch of the iron.


@ lithium210
It's your choice to use a diode on that point. It's not required, but it helps you get a good flashconfig (from what i've read).

I'm not sure about the 330ohm resistor. I have set up a falcon without one and it worked.. Well it does randomly RROD but a powercycle fixes this.

[rolf2]

330 ohm resistor, or even better diode is needed only if you get rrod 0020 with wire jumper .

[lithium210]

330 ohm resistor, or even better diode is needed only if you get rrod 0020 with wire jumper .

i'll just do the jumper as normal like mentioned in the guide. IF i do get a rrod or random rrod's, then im sure putting a 330ohm resistor between those points wouldnt hurt? Also you mentioned diode, havent seen anyone put a diode instead of a resistor on 2.4-2.7

btw.. thanks for the responses and once again, awesome site!

[jnr]

Hello, all. I'm trying to figure out how long I can make my JTAG cable. I've read reports of NAND read/write problems if the cable is too long, but I'd like to give myself as much slack to work with as possible, and my donor cable is a few feet long. Could I use a longer cable by removing the 100ohm resistors the guide specifies?

[keropi]

a safe length for the lpt cable would be ~30-35cm , I made a 30cm one and worked fine...

I am getting a falcon 360 with 6717 kernel, I assume this is OK for hacking correct? 

[ReverseAffect]

a safe length for the lpt cable would be ~30-35cm , I made a 30cm one and worked fine...

I am getting a falcon 360 with 6717 kernel, I assume this is OK for hacking correct? 

yes that should be fine....i just did one with that dash...

[Blackaddr]

Regarding the jumper wire, maybe someone can clear this up.

We are using the SMC to drive some GPU JTAG pins.  Two of them get level shifted, one of them is tied off.

I'm assuming the two level shifted ones are TMS and TDI.  I assumed the one that is tied off is nTRST but it could also be TCLK if the GPU JTAG doesn't have a constant test clock.  TDO obviously would not be needed for the exploit.

- Blackaddr

Answering my own question.

J2D2 Pins:

1 - TDI
2 - TMS
4 - nTRST (tied to another 1.8V signal which is probably always high while the SMC executes teh exploit.)

- Blackaddr

[threedee]

Hello... New here... and already my head is splitting from overload...

Been reading now for couple of weeks, lurking here and there, posted some, etc. But one thing is getting to me very seriously - outdated, inaccurate, suspicious, misleading, contradictory information, on too many models available, dashboard/kernel versions, xbr/freeboot, etc... General overload of info to the point where its difficult to discern the relevant from not. And the worst of all when i ask a question (after reading a lot) i get sent to google again... All i want is a confirmation of what i think is correct (or not...) or questions that i dont have a clear answer to...

So, i'm jtag virgin, be gentle

I'm yet to gather all the stuff to start doing it seriously.
Some questions if i may:

1. Just got a second xbox (first is on 8955, so, pretty much dead in jtag context) and will try to mod it. Question is if its moddable or not.
Box is as follows:
Elite 120gb jasper (16mb ? no internal MU for sure)
MFG: 2009-jul-15
K/D: 7363
DVDrom Liteon 83850 (flashed, old model, no switch was needed).


2. Here's my question: what a hell is BL1 update ? Some sources say that old dashes (76xx) of newly made boxes are somehow fixed, preventing this whole jtag malarkey.

3. is 12W soldering iron good enough ? Have one kicking about from previous mods on other consoles.

4. do i absolutely need to remove R6T3 ? I gather its for removing a possibility of accidental "official" updates being installed ? WHEN do i remove ? Before dumping, before flashing or after its already flashed and up and running ? I loathe to think i need to meddle with it, so small i'm afraid i might mess up something...

5. parts i think i'll be using. Tell me if its ok. I'm no expert and dont know first thing about radio components. Many tutorials differ in parts they use...
      a) 100ohm 1/4w resistors
      b) 1N4148 Diodes

6. Ok, this is one stupid question right here - do i need to POWER UP xbox for reading/writing of nand procedure ? Or is it fed through LPT ? Didn't find a clear answer to that one...

7. I'd gladly stump up some dough if someone just did it for me, so if anyone from N.Ireland Co.Tyrone is here and willing to help i'd be happy...

All i want is to get a possibility to load homebrew/isos from external drive.
Modded many consoles before but it never was as complicated as this (PS1/PS2/PSP/Wii/DC(ok that was a softmod ))

Ok that one was a long post...

[X-QlusioN]

@threedee
1. Last known exploitable 360 was 2009-06-18, and since yours is 1 month later, I'm pretty convinced it'll NOT be hackable (you could read the NAND and find out maybe some miraculous way it still is hackable)

3. Sure
4. Not required but recommended
5. That'll do (don't see any tuts having other components though)
6. power con,nection needs to be hooked but 360 does not need to be on

But as said in 1, you're probably out of luck...

[Blackaddr]

2) They are talking about the 2BL/CB.  If it is the updated version it locks out the JTAG exploit.

But it looks like you still dont' have an exploitable console based on your July manu date.

[threedee]

So you're saying i shouldn't even bother with LPT then ?

I have another candidate, arcade jasper 256/512 (dont know for sure) MFG of january 2009, will that one do the trick ?

Also, if i have a big block nand do i have to dump/flash all of it or can i just do 16mb system area part only ? if so, how ?

[baberg]

So you're saying i shouldn't even bother with LPT then ?

It can't hurt to dump the NAND, especially if the box has been on XBL with a flashed drive.  At the very least you'll get a dump of the NAND and can re-flash that if you get banned which prevents the console from making trusted content on a HDD or memory stick.  And wiring the LPT isn't very hard at all if you have any experience with a soldering iron.

Also, the parts you referred to are exactly what I've been using to mod my consoles, so you're good on that front.

[jelle2503]

updated a little for big block general instructions (done my first BB jasper few days ago)

[ToBbErT]

Hey jelle2503

I just dumped my jasper 256mb twice and i didnt get any errors with nandpro. Total commander tells me both bin's are identical but im unable to open the dump with 360 Flash Tool 0.91 . Im getting the message "wrong file size or unsupported". I followed your guide and used the command -r64 so the dump is only 64mb. Is that why the tool wont open it? The dump looks fine in my hex editor, so do you think its safe to continue?

Thanks for reading and making the guide!


ToBbErT

edit  I just used a tool from Mazouck and zouzzz "cd info" and it worked without a problem. So i think my dumps are fine.

[Arakon]

Flashtool doesn't handle large block nands.
cd_info only checks 2 bytes in ANY file, it's no indication at all of wether a dump is good or not.

[ToBbErT]

Well is there a way to check the dump? Ive googled hours but found nothing 

[jelle2503]

well idk if your dumps are safe to proceed with flashing. i'm not the one evaluating that, you are

new flashtool will come out that'll support 66mb dumps.. don't know when but will be

[threedee]

Serious revision/update on my last post - I got a NEW pro 60gb, jasper, MFG 04-feb-09. Will that be exploitable ?

yeah yeah i know, i didn't do the dump yet, just today got all the parts for lpt cable, tools'n'stuff...

[jelle2503]

please search.. stop asking?

http://www.xboxhacker.org/index.php?topic=12241.0

to answer your Q yes it's exploitable.

[melthoras]

hi!

If I have flashed the nand with xbr is it possible then to desolder the LPT cable ?