Manual Way to identify MB revision from a dumped nand

[SoulHeaven]

Hi everybody,

I'm trying to understand how 360 Flash Tool works to identify the MotherBoard Revision from a dumped nand, but I'm not able to find any information about that.

Could we identify the revision just by a hex value to find in the nand at a specific offset, or do we need the 1BL Key to decrypt the FS and identify here the revision ?

Moreover, what's is the difference between same revision but other version ?? Like Falcon (v2) and Falcon (v3).

Many thanks for your help.

[Gazcoigne]

plexo has incorporated such a thing in his excellent app XBRFlasher

AFAIK it looks at an offset in hex i dont know off hand which one but it tells you the cb which tells you the mobo revision

[SoulHeaven]

Hi,

concerning the CB identification. It's okay for me.

But is it enough to identify the MB Revision in a no doubt way ?

I remember about a diagram showing all JTAG CB and unJTAG CB, but I'm not able to find it again.

[Martin_sw]

To identify retail NAND dumps that is probably enough, Falcon/Opus might have the same CB versions though I'm not sure.
Beware though not all of the CB versions may be listed in the thread, things like 8192 and 4580 turned up after the initial version of the diagram.

For example just look at offset 0x8402 in an image with ECC, value is 2 bytes(word) and is big-endian.

Here is the diagram.
http://www.xboxhacker.org/index.php?topic=12270.0

[ReverseAffect]

yep and convert that to decimal....

[Martin_sw]

Yeah i did say word (datatype), so thats kinda obvious isn't it...

[ReverseAffect]

Yeah i did say word (datatype), so thats kinda obvious isn't it...

in case the op didn't know ...that ain't obvious is it...

[Martin_sw]

Well, with some basic deduction skills and knowledge (or the ability to use Google), that would reveal itself rater soon... sorry for assuming the op isn't an idiot...

And as for this being CB only, the CB versions has different VM code that is presumably optimized for that motherboard revision. While Zephyrs can run a Falcon CB just fine no stock Zephyr would ever have that.

And if one wanted to identify a Zephyr that has been flashed with a Falcon XBR image, well it's just that, a Falcon XBR image.

Take care.

[SoulHeaven]

Thanks for your answers.

Yes, I have already had found for the CB in decimal, just I was afraid of commun CB for Different MB Revision like you said for the Zephyr/Falcon.

Thanks for the diagram.

I will start with that and will see if it's enough.

else, no idea about difference between Falcon v1, v2 and v3 ?

[maximilian0017]

else, no idea about difference between Falcon v1, v2 and v3 ?

Dont know if the CB is different every time but the 16a version has a different kind of bad block management because of a different Southbridge, maby you could detect that.