Searching xbox360 vulnerabilities

[bluemimmos]

well the hypervisor exploit is fixed or its still there on latest kernel, i dont know.

But if its still there and only the way to call it is blocked by blowing efuses then we could search for vectors to call it....

as we have seen many vectors used in many consoles like tiff exploits in psp, iphone, web browser vuln in iphone etc..
and we have also seen savegames buffer overflow etc,, doesnt that apply to xbox360??

Please make me clear on this,

and opne question more , how do i extract the hypervisor off my nand image using my cpukey so i can feed it into ida64 and disassmble and reverse it.....

i can understand ppc64 assembly codes...
 

[inspuration]

You can't use that old hypervisor exploit on a new system regardless of whether you can find a new attack vector .  Dig through the hypervisor and find a new exploit.

[Blackaddr]

Only two kernel versions had the HV bug that allows the KK exploit to work.  It was the first and only exploit ever found to bypass the HV security and run unsigned code.  It is worth noting that the console was originally secure and MS *introduced* a new bug.  MS promptly fixed the HV bug and uses CB revocation to prevent downgrading.  

The 2007 timing attack method was a way to downgrade back to the exploitable HV, MS promptly fixed it.

The 2009 JTAG hack was yet another method to effectively downgrade and run the exploitable HV, MS promptly fixed it.

We need to find yet another way to run the old, exploitable HV again, or we need to find a new vulnerability in the HV.

The problem with searching for new vulnerabilities is the new, creative, enthusiastic people are optimistic because they don't actually know very much about the system.

The true experts who spent years dissecting the system are pessimistic because they DO know the system that well.  I suspect very few if any of the original people are actively working on it.

btw, I'm in the former group.  I'm still motivated because I'm still too ignorant of the system, but I enjoy the learning nonetheless.

[q36]

This is the very technical area of these boards, meaning only people with technical ability should post here, specifically related to kernel hacking. Keep your bull$#!t useless threads out of here. There won't be another way to downgrade after updating past 8498, it's not hard to google that and figure out why. We need a god damn private forum on here.

[Xumpy]

@q36: Oké I agree that some boards should be read only for the public but don't close them down.

Personaly I'm also getting tired of reading to some amazing posts and then some noob comes in asking the same damn question over and over again.

But keep in mind that there are still people here who read what you guys post to learn from...

If you take that away, I don't believe there is any point in keeping this (or any) forum online...

[xboxtech]

I also agree I still like coming to the threads for maybe something I dont know or need to refresh on doing.  After all I think what alot of us do makes the systems more open and can do alot more then what MS blocks out. 

[q36]

Well, there are many topics that just don`t get discussed because these forums are full of idiots who join randomly to post their opinion. I think that the kernel hacking section should be limited to the people who actually hack the kernel.....which is very few and even some who claim they do just know func names and brag about it...... I find it hard to believe that anyone learns anything from these forums anymore because if they did, they`d  learn to keep their f***ing mouths shut.

[tex1ntux]

I find it hard to believe that anyone learns anything from these forums anymore because if they did, they`d  learn to keep their f***ing mouths shut.

The thing about keeping your mouth shut is no one knows you're doing it.  I'm sure there are plenty of people who come here to read/learn; I've been doing it for years.

[Gastgeber]

Sorry for Offtopic

Well it is not on the topic but on the discussion.

I would accept a read only function in forum, cuz i only read and learn. And i aggree that a lot of people post bu*&%it, that i dont wanna read. So I just filter the important messages from the important people. i would write more if i had the time and if i was faster then the pros here. I enjoy the time and the information in this board cuz there is more tech stuff than somewhere else.

@the pro's
Keep writing!