Cracked Samsung SDG-605B/616T/616F Firmware for Xbox 1 released!

[commodore4eva]

------------------------------------------------------
Cracked Samsung SDG-605B/616T/616F Firmware for Xbox 1
------------------------------------------------------

26 March 2006


Here it is at last. For all you unbelievers!

No vaporware release (I cracked it but I cannot release it, wtf hehehehe:)

Just the pure physical proof.

Works with all 1:1 (minus the obvious stuff)  backups of XBOX 1 discs.

Works on XBOX Live (sorry about that Microsoft haha:)


As we speak, we are now looking at the "TSSTCorp DVD-ROM TS-H943A" XBOX 360 drive (hmmmm very similar, MTK1359 chipset)
and expect to have that cracked soon as well. (sorry about that Microsoft again haha:) I have created the additional code required for the 360, so not long now!



Steps to flash drive:
---------------------


1. Plug Samsung DVD drive into PC IDE port with power still from XBOX.

2. Use included MTK Win flash program and firmware file "SDG605b.bin" and flash the drive (I used ATAPI mode).

3. Plug back into XBOX and enjoy:)


Commodore4Eva

Commodore4Eva@hotmail.com

[xDREAM]

Anyone tried this? I got a toshiba (crap) in my xbox

[burgemaster]

ive gota sammy, bit unsure whether to try it yet

Just compared it to the firmware dump from xbins and its not exactly the same like i expected

maybe some1 could try it?
ive got an X-Tender kit on my xbox so to take the dvd drive out takes ages!!!

need guinee pig hehe

[derived]

Wow, only been looking at it for a couple of minutes, but it looks real compared to the 605 firmware on xbins.

[monkeychris]

Well i think if you want this file, grab it now before it disappears!

Also, maybe TS might want to compare it with his work?

Did anyone look at if cracking the other drives, with this FW, maybe migrate the auth procedure

[laomax]

Hello commodore4eva,I don't download that file,please cound you send me an email with it ?Thank you.
My email:    laomaxb@hotmail.com

[MacDennis]

I quickly compared it using a hex editor to the original firmware. I did NOT look at the disassembly yet.

My first thought, where did they put the security sector? Well, it seems that they embedded it in the firmware at offset 0x1D000. Some other things have been embedded as well at 0x1DA00 and 0x1DB00. The main program code seems to be patched too at 0x72C0 for only 6 bytes. Considering these facts the file could be legit. I don't own a Samsung drive otherwise I would have tried it. But I would suggest to wait for a disassembly and analysis of this firmware.

There's one catch for sure. The security sector is embedded in the firmware. It has been found that this sector can be tied to a particular game. Not always but mostly it is. So, I would actually be quite surprised if this firmware would boot every xbox1 game on the market. And perhaps this linking is only checked on newer kernels, I'm not sure.

[relax]

Hey could someone host this file somewhere else than rapidshare.
I have a sammy and i want ot try this out.

[Arakon]

I tried it. either it's bugged, or fake. the xbox will ALWAYS report "please ensure this is an xbox game, dvd movie, or audio CD", unless it's a wrong region disk, then it reports "wrong game region". it even errors out on original games.

[MacDennis]

I tried it. either it's bugged, or fake. the xbox will ALWAYS report "please ensure this is an xbox game, dvd movie, or audio CD", unless it's a wrong region disk, then it reports "wrong game region". it even errors out on original games.

Not really surprising, could be because of what I said in my previous post. The security sector and game linking. Simple example, a Rallisport Challenge1 security sector can be used to boot Halo1 for example. But for many other games, this 'trick' does not work.

[Arakon]

now the question is, what game did he use for testing.. apparently only one or two. and unless we know what game it is, we can't test it.

[TheSpecialist]

I'm quite sure it's fake. If not, then it's at best a useless hack, since embedding the SS in the FW will only allow you to boot some VERY specific games. I'll try to have a look at the disassembly tonight to find out if it is a fake or just a useless hack that will work in some specific cases

I'm also wondering how MS feels about posting a firmware with copyrighted code (the SS) in it

[Utter Chaos]

Tried it and I can also confirm this does *NOT* work. As mentioned earlier the Security Sector is embedded in the firmware which will make it at most usable for a very limited number of games (or just one).

@Commodore4Eva: Please let us know which game this FW should work with (if any).

[jimmyemunoz]

Can someone please winzip or rar the file and e-mail it to me at jimmyemunoz@comcast.net thanks I appreciate it.

[Arakon]

stop requesting the firmware here, I will start deleting begging postings now. that crap clutters the threat and useful info will get drowned in it.

[Slack3er]

Tried it and I can also confirm this does *NOT* work.

IF this is real...

The question is, "How do you make a backup of a xbox 1 game..", doesn't most current methods edit the media flag inside a xbe.. So doesn't that mean the xbe signnature is invalid.... Maybe that's why your tests failed.  Swap method..

Regards;
Slack3er

[TheSpecialist]

Just like I expected, it's fake and a bad one too Try to make it more real next time by including the CPR_MAI

[takagari]

awe come on. ig ot excited

iw ish people owuld stopw ith the fakes crap..

[Utter Chaos]

For those interested. Differences are at:

0x1d000
0x1d300 (large block till 0x1d800)
0x1da00
0x1db00

Since it´s obvious a fake (the author doesn´t like the term Vaporware ) maybe it´s time to move on and close this topic.

Edit:Typo