Xtreme firmware 4.1A and 4.1B for TS-H943 Xbox 360

[commodore4eva]

 

------------------------------------------------------
Xtreme firmware 4.1A and 4.1B for TS-H943 Xbox 360
------------------------------------------------------

FirmGuard, Dual Speed, Media Stealth, One Firmware, Xbox 360 backup and extraction firmware modification!



Features
-----------------

(v4.1)  Improved FirmGuard, now impregnable!

(v4.0)  MS28 core firmware. Also better and faster media detection.
(v4.0)  FirmGuard added. On by default. Firmware cannot be Read/Written by 360 console. Can ONLY be turned off (Read/Write enabled) via Enable0800 mode.
(v4.0)  4.0A firmware. 4.0A is default Fast Read Speed mode. Quite/Slow Read mode for backups activated via any Xbox 360/Xbox 1 Original game disk.
(v4.0)  4.0B firmware. 4.0B is default Quiet/Slow Read Speed mode. Fast Read mode for backups activated via any Xbox 360/Xbox 1 Original game disk.

(v3.3)   Dual Read Speed mode (Quite/Slow Read mode for backups activated via any Xbox 360/Xbox 1 Original game disk.)
(v3.2)   Improved Media speed patch, forced full speed on all media types!
(v3.1)   Added Booktype overwrite patch (bitsetting to Dvdrom no longer required)
(v3.1)   Added Media speed patch (drive treats backup disc speed rating same as original)
(v3.1)   Fixed DVD Movie backup/Xbox 1 backup read bug.
(v3.0)   Stealth Media implemeted into firmware. Backups now appear exactly as original disk regardless of which disk check command used by Xbox 360
(v3.0)   Enable0800 mode supports extraction of raw PFI (Physical Format Information) and raw DMI (Disk Manufacturing Information)
(v3.0)   Support for loading of extracted PFI and DMI from disk
(v3.0)   Non-Stealth Backups automatically enhanced with embeded PFI for Xbox 360 and Xbox 1
(v3.0)   Included new Video.iso for Xbox 360 and Xbox 1 backups, now the same as originals
(v3.0)   Security placeholders/bad sectors for 360 backups are outside both valid psn ranges so they cannot be read/checked by 360 host
(v2.0)   Extraction part of firmware enabled with Enable0800 DVD. ISO included.
(v2.0)   In Enable0800 mode, allows drive to function natively under Windows without any hardware conversion/adaptors
(v1.0)   Boots all Xtreme Xbox 360 backups
(v1.0)   Boots all Xtreme Xbox 1 backups
(v1.0)   Boots all Xbox 360 originals
(v1.0)   Boots all Xbox 1 originals on Xbox 360

Use on Xbox Live at own risk

Technical details
------------------------

FOr Xtreme 4.1A default backup Read Speed is same as original game disks 12x. When Original Game disk is booted, all subsequent backup loading will be at Quiet/Slow Read mode, Original Game disks are unaffected. Turn console off/on to reset back to Default backup read speed (12x). Quiet/Slow Read Speed is for quiet operation and/or cheap DVD+R DL media.

FOr Xtreme 4.1B default backup Read Speed is Quiet/Slow 2-4x. When Original Game disk is booted, all subsequent backup loading will be at Fast Read mode 12x, Original Game disks are unaffected. Turn console off/on to reset back to Default backup read speed for backups (2-4x).

FirmGuard disables reading/writing of drive firmware. This is always on. Can only be turned off via Enable0800 mode. Do not have SATA cable plugged into Xbox 360 console when in Enable0800 mode.

Backups now automatically have pre-locked PSN range same as stated in extracted PFI sector if exists, or embeded PFI, therefore cannot read extracted SS/PFI/DMI sectors from disk. Currently all original 360 games have same PFI sector but maybe not in future, hence new feature of extracting PFI in Enable0800 mode and read from backup at PSN $4fb1d (Xbox 360) and $605fd (Xbox1) or if these sectors are blank embeded PFI will be used
 
Backups now support loading of DMI sector. This sector is different for every original 360 game but is currently not checked for, but maybe in future hence DMI can now be extracted also in Enable0800 mode and read from backup at PSN $4fb1e (Xbox 360) and $605fe (Xbox1)

Firmware checks for Enable0800 security sector @ PSN 04FB1F and if found, enables 0800 mode of firmware.

ISO image Enable0800.iso included. Just burn and insert into drive when you wish to extract security sectors or dump games.

0800 mode of firmware deactivated by inserting game backup (Xbox 360 or Xbox 1) or DVD movie or turning off console.
Reads Xbox 360/Xbox 1 security sector from PSN FD021E (Layer 1)
Reads Xbox 360 security sector from PSN 04FB1F (Layer 0)
Reads Xbox 1 security sector from PSN 605FF (Layer 0)
Security sector must be extracted using Enable0800 DVD for Xbox360 games and Xbox 1 games


Flashing your drive
---------------------------

For ms28 firmware versions of drive you will need to use the Vcc method or the VIA SATA 10 sec method to read/write flash. Refer to http://forums.xbox-scene.com/index.php?showtopic=535222

Advisable to make a backup of your dvd drive firmware first.("mtkflash r /m orig.bin")

In Windows, copy orig.bin to same directory as this release (same directory as xtrem41a.bin/Xtreme41b.bin and X360SAM.exe)

Double click "Make X41a.bin" or "Make X41b.bin" to create x41a.bin (Xtreme4.1A firmware with your key from orig.bin) or x41b.bin (Xtreme4.1B firmware with your key from orig.bin). Thanks to eXOBeX for X360SAM.EXE

Copy x41a.bin or x41b.bin to boot disk

Power off PC

Plug SATA cable from DVD drive to PC. Power cable drive still connected to Xbox 360
Power on Xbox 360
Power on PC
Boot with standard dos boot disk with included mtkflash utility

Run "mtkflash w /m x41a.bin" or "mtkflash w /m x41b.bin"



Flashing your drive with Xtreme4.0 firmware installed
-----------------------------------------------------

Plug SATA cable from DVD drive to PC. Power cable drive still connected to Xbox 360

Power on PC

Boot with standard dos boot disk with included mtkflash utility to dos

Power on Xbox 360

Insert Enable0800 disc into drive and wait 10 seconds then eject disc

Run mtkflash as per normal.


Creating a game backup (Recommended way)
------------------------------------------

Use either Schtrom360XtractV3.0 or later

or

Xbox Backup Creator v2.1 or later





***********************************************************************************
***********************************************************************************
***********************************************************************************
***********************************************************************************


----------------------------------------
Legacy information for creating backups.
----------------------------------------


Extracting Security Sector
---------------------------------------

Ensue SATA cable is plugged from drive to PC.
(This is very important as may be possible in future for console to detect modified firmware due to Inquiry routine enabled for Windows)

Power on Xbox 360.
Insert Enable0800 DVD into drive. Wait 5 or so seconds then remove the Enable0800 DVD. Drive now in 0800 mode.
Turn on PC and wait for Windows to boot
Insert original game disk into drive and wait for windows to detect disk change
Run DVDinfoPro
Enter the following four custom cdb commands:

AD 00 FF 02 FD FF FE 00 08 00 01 C0
AD 00 FF 02 FD FF FE 00 08 00 03 C0
AD 00 FF 02 FD FF FE 00 08 00 05 C0
AD 00 FF 02 FD FF FE 00 08 00 07 C0

Then save hexadecimal display as bin file as SS.bin

Extracting PFI (Physical Format Information) Sector
-------------------------------------------------------------------
Run DVDinfoPro
From Advanced Commands pull down menu choose Send Custom Command
From Preset Commands pull down menu choose "00h Physical Format Information" from under the Read DVD Struct Commands heading
Click Send
Then save hexadecimal display as bin file as PFI.bin

Extracting DMI (Disk Manufacturing Information) Sector
-------------------------------------------------------------------
Run DVDinfoPro
From Advanced Commands pull down menu choose "04h Disc Manufacturing Info"
Click OK on Read DVD Structure Option window
Then save hexadecimal display as bin file as DMI.bin



Creating a game backup
-----------------------------------
Drive is still in 0800 mode.
Extract Isobuilder.rar
Insert original game disk into drive and wait for windows to detect disk change
Run DVDinfoPro
Enter the following custom cdb command to unlock drive: (game data visable)

FF 08 01 01 05 01 03 00 04 07 (new in MS28)

Run Isobuster
Right click on DVD and select Extract From-To
Click Length and enter number of LBAs as follows:
 
Xbox 1 Original Number of LBA to read 3431264 decimal
or
Xbox 360 Original Number of LBA to read 3567872 decimal
Select User Data (2048 bytes/block)
Click Start Extraction
Enter filename as game.iso and click Save
Upon read error dialogue box choose fill with blank zeros for sector and select use this selection for all errors
Copy game.iso, ss.bin, PFI.bin and DMI.bin to the relevent isobuilder directory (Depending on Xbox 360 or Xbox 1 game)
Run build360.bat (Xbox 360 game) or build.bat (xbox 1 game).
These batch files now expect PFI and DMI bin files
Burn with CloneCd and choose the image.dvd file

Turning off 0800 mode of firmware
------------------------------------------------

Either insert game backup (Xbox 360 or Xbox 1) or DVD movie. This de-activates 0800 part of firmware or turn off console.


Thanks to everyone on #FW,  Xboxhacker.net , Xbox-Scene.com, Maxconsole.com and Xbins.Org for their support. Keep up the good work everyone.
Commodore4Eva@gmail.com

[Xenn0X]

Thnx m8! as always appriciated! 

[creatox]

Hehe... sure it would be a great new option, "(v4.1)  Improved FirmGuard, now impregnable!", but I'm from Holland and have no idea what "impregnable" means. 

Can someone explain? (PM in English or Dutch)

PS. C4E You're te best!  hehe

[glaze83]

hehe, impregnable means that MS definately cannot read or write to the firmware.

I would however like to know what flaw there was in the original 4.0.

Cheers,

And thanx for another great release

[Lande]

Comodore4ever, you see mi mail and the anterior post¿?.  Thnaks for all.

[Xenn0X]

Hehe... sure it would be a great new option, "(v4.1)  Improved FirmGuard, now impregnable!", but I'm from Holland and have no idea what "impregnable" means. 

Can someone explain? (PM in English or Dutch)

PS. C4E You're te best!  hehe

ondoordringbaar. of te wel niet uit te lezen of te schrijven door MS.

so now back to the english for the normal peeps

[The M.A.R.T.]

hehe, impregnable means that MS definately cannot read or write to the firmware.

I would however like to know what flaw there was in the original 4.0.

Cheers,

And thanx for another great release

Yeah I am interested also what this makes a 100% secure way. What has changed from the 4.0 so MS can't find a way around it? With software it's always like: it'll never be 100% in most cases. I mean: MS said the 360 was 100% not hackable and well... we know how that one got shot down within no time! So if anyone can explain in further detail it would be appreciated

[arrarro]

assuming Commodore4eva is a genius and we have to thank his incredible mind if we are able to do great things with our beloved xbox360, I imagine that when he released xtreme 4.x he knew what he was doing so I cannot think he never asked himself the same questions we are discussing about, regarding the possibility for MS to try and read the fw or the checksum and ban if there is no response. Anyway, I would like to hear Commodore4eva thoughts about this...

[LordX]

how about to make it to work in windows without Enable0800.iso , same like with Hitachi with Tray open on startup.

[The M.A.R.T.]

how about to make it to work in windows without Enable0800.iso , same like with Hitachi with Tray open on startup.

I guess it depends if that is nescessary, this one could be 100% waterproof already, therefore it would be nice to hear what's different compared to the 4.0 FW

[twicko]

work fine

thanks 

[VOYAGERXP]

what is Enable0800.iso as i have never used it.

[Jayqu3]

to bad we couldnt add a dummy original firmware file to the flasher so if they do check it sends the original information insted of it picking up the xtreme firmware..

man that would be sick 

[The M.A.R.T.]

to bad we couldnt add a dummy original firmware file to the flasher so if they do check it sends the original information insted of it picking up the xtreme firmware..

man that would be sick 

I hope your 360 isn't burning down like those flames indicate

[digifred]

Jesus great work again
Do you guys sleep ?
Thks again
Greetz
Fred

[Bang360]

ISO image Enable0800.iso included. Just burn and insert into drive when you wish to extract security sectors or dump games.

Probably dumbest question of the day...I am almost positve that i need to burn enable 800 to a DL .The problem i am having is ..I open clonecd hit open image file choose enable800 iso then goto burn it and i get a
Writing to Pioneer DVD RW DVR110 Failed!

I can burn Backups with no problems at all it is just this enable800 iso i cant get to burn on DL....What am i missing and 2 is there another way to burn the iso IE nero or something or does it have to be CLoneCD...


Also How do i know that the burn went alright JUst test it or what.....


Thanks

[eyric101]

Damnit I wanted to inpregnate it.

[blazintildadeath]

if i were ya i would stay away from all these xtreme 4.0's...if u mess up on a flash u'll never be able to reflash ur firmware

[glaze83]

if i were ya i would stay away from all these xtreme 4.0's...if u mess up on a flash u'll never be able to reflash ur firmware

not really, you'd just have to use the vcc trick or the bad flash recovery technique. What may help a lot of people is to know that you need to use your ORIGINAL FIRMWARE when running the bat file of the package.

[blazintildadeath]

yeah but u know how risky that resistor trick is??? u could destroy ur xbox 360 motherboard... plus that bad flash recovery wont work...the firmware wont even let u upgrade or downgrade unless u got the enable0800 disc...god forbid ur xbox doesnt even want to read that dvd disc...u'll have do so much crap and imagine if u have a dead bricked drive...with an xtreme 3.3 or less u could just hot swap a sata a boot it up from the dead but with this firmware who knows u'll probably be stuck for good...i just hope to see what happens in the future