Swapped CPU on Falcon. Original nand bad. Can i rebuild?

[BoXXDr]

I had a falcon motherboard here that worked perfect but was missing the dvd key and it was not exploitable. I transplanted another cpu into it that was exploitable. I was able to make a xellous for it and get xellous to run. It gave me my cpu key but my dvd key was all 000000000000000000000's. Also Xellous says kv is bad. I tried installing XBR on it and i get chistmas tree lights. I tried building freeboot and it says i am using wrong cpu key.
The original nand was tampered with by someone before me so i have no idea what they did to it. It wont even open in degraded.
Is it possible to build a new FreeBOOT image with only the cpu key? I have never run into this issue yet.
It's a falcon with cb5770.
If anyone can point me in the right direction that would be great, i have got way too much work into this to fail now.

[Gazcoigne]

try phonseys premade images or hit him up he can build a donor nand for you if you get stuck

[BoXXDr]

try phonseys premade images or hit him up he can build a donor nand for you if you get stuck

On your advise I tried the premade image but got xmas tree lights. The procedure for using the premade nand with donor KV seemed simple enough. I don't see how i could have made any mistakes. So i sent a PM to phonsey and hopefully he knows what i am doing wrong.

[dc_away]

you could build a freeboot .030 image for it (kv hash disabled), but 032 uses the kv hash check for falcon and later consoles. i thought xbr had the kv hash disabled as well, maybe since your cpu key isnt decrypting the nand, this is causing the xmas tree lights? did you build a nand image with a donor (decrypted) kv encrypting with your cpu key? if i had your cpu key, i could try and build a freeboot .030 image for you.

[BoXXDr]

Yes, i encrypted the kv. I have never built a FreeBOOT .30 image before. If you could help that would be very generous.
My CPU key is A01CED8B2F245C1921EF7DD069E7A37C

[maximilian0017]

Did you flash Xellious to the nand and did you then read out the cpu key? or did you already know the cpu key of the new cpu you installed?

[l_oliveira]

Man, to make it boot all you need is the original keyvault. Even for freeboot, using mismatching (donor) security files is no big deal.
It only matters if you're a f***ing lamer and want to ruin other peoples fun on live. Then proper security files might get you online for a little longer. (we know you're not...)

But then meh.

And you only need the original keyvault for the CPU because of the hashing protection on the keyvault.

You can get around that if you have Freeboot 3.0 (but then cope/deal with the corrupted profiles problem)

To read the original (mangled) dump keyvault block:

nandpro <device> -R16 keyvault.bin 1 1

Device can be  file_name.bin: or either LPT: USB: depending on which device you are using.

After you obtain the (supposedly) keyvault dump, use the excellent tool  Bincrypt (search this forum for it) to decrypt the block you extracted. For it to work with bincrypt, use -R not -r on nandpro as command parameter.

Bincrypt should be set this way:

Source=extracted file
Operation=decrypt
Supported Files=keyvault

CPU key (for the chip you have currently on the mother board) should be pasted on the CPU Key field. No spaces allowed.

If decryption is sucessful, then you have the working keyvault you need. 

For the decrypted keyvault from bincrypt to work on freeboot (making the image) you might need to remove the first 16 bytes of the file (hmac hash) as ibuild don't use that information and expects the dump to not have it.

Paste it in a set of files from a donor dump and your console should then work.

Hopefully you can salvage the original keyvault from the damaged dump with these instructions. Good luck.