|
xboxleech
|
 |
« on: May 06, 2006, 11:27:58 AM » |
|
In the specialists’ first working hack, he placed the SS on the firmware. I think that I’m rite in saying that this meant the hack only worked for games with the same SS (few to one). As a result, he changed his hack so that the original SS was placed on the backup. The other hacks since have been based around this principle.
Please correct me if any of my assumptions are wrong.
My question is now, what is the difference between different SS’s and how does the kernel know that one SS doesn’t belong to a given game i.e. why did/does the SS being put on the firmware not work for all games.
Thanx.
|
|
|
|
|
Logged
|
|
|
|
|
elitedev
|
|
« Reply #1 on: May 06, 2006, 02:18:33 PM » |
|
I too had wondered this as well, I had read that the security sector was linked to the xbe by a date in the xbe header. I had originally thought if you use any security sector from a newer xbox game, just change the date in the security sector to match the game. As long as the dates match, then the game will be 'linked' to your security sector, and as long as it contains valid cr data it should be valid.
I do not know if that would work or not yet as I have not yet tried it, maybe someone here has already tried that and they should post there findings.
|
|
|
|
|
Logged
|
|
|
|
|
xboxleech
|
|
« Reply #2 on: May 08, 2006, 09:14:35 AM » |
|
Interesting. If what you say is true, how hard would it be to read the xbe and send the correct data? Im assuming that constantly patching the firmware on the fly would either be impossible or bad for the life of the firmware? Either way, I'd image this would be worth exploring since the whole adding a SS to an image is quite contrived. If this is a definite "no go" then maybe someone would consider setting up a server where people can upload their SS to a database. Then a program to add the SS to an image can check the xbe and download the correct SS from the server. Just an idea...  |
|
|
|
|
Logged
|
|
|
|
|
MacDennis
|
|
« Reply #3 on: May 08, 2006, 09:25:54 AM » |
|
Interesting. If what you say is true, how hard would it be to read the xbe and send the correct data? Im assuming that constantly patching the firmware on the fly would either be impossible or bad for the life of the firmware?
You can't change any xbe data because it is signed. Even the SS is signed partially, I'm not sure if the linking data is part of the signed data though. |
|
|
|
|
Logged
|
|
|
|
|
elitedev
|
|
« Reply #4 on: May 08, 2006, 10:35:42 AM » |
|
you wouldnt have to change the xbe, just read the date information from it. you would only need a modified firmware with a valid ss embedded, just the bytes that link to the xbe would be read directly from the xbe so of coarse it would match and link properly, and if ss is valid, it should boot shoulnt it?
|
|
|
|
|
Logged
|
|
|
|
|
MacDennis
|
|
« Reply #5 on: May 08, 2006, 11:09:13 AM » |
|
you wouldnt have to change the xbe, just read the date information from it. you would only need a modified firmware with a valid ss embedded, just the bytes that link to the xbe would be read directly from the xbe so of coarse it would match and link properly, and if ss is valid, it should boot shoulnt it?
Yes but the date in the SS is probably part of the signed section in the SS. If that's the case then your method will not work. |
|
|
|
|
Logged
|
|
|
|
|
xboxleech
|
|
« Reply #6 on: May 08, 2006, 04:27:22 PM » |
|
Just to clarify, I did not mention modifying the xbe, I'm really not that stupid  I was thinking the same as elitedev. MacDennis, your logic makes sense, but you use the word "probably". Is there anyone who can confirm this is the case? If yes then the whole online DataBase of SS still seems like an idea to me. Thanx |
|
|
|
|
Logged
|
|
|
|
|
elitedev
|
|
« Reply #7 on: May 09, 2006, 08:20:50 PM » |
|
what part of the security sector is signed? i dont think that the security sector header would be signed. if we read the date information from the xbe and insert that into our generic security sector (that is ripped from any newer xbox game) we could then have it all contained in the firmware itself so there would be no need for any patching and the firmware would be universal. can we move this to the technical forum?
|
|
|
|
« Last Edit: May 09, 2006, 08:25:12 PM by elitedev »
|
Logged
|
|
|
|
|
MacDennis
|
|
« Reply #8 on: May 10, 2006, 04:59:34 AM » |
|
what part of the security sector is signed? i dont think that the security sector header would be signed.
You hope it isn't signed but in reality it actually is. Yes, only the header and not the part which the dvd-rom firmware uses. The information is somewhere in the technical forums. |
|
|
|
|
Logged
|
|
|
|
|
elitedev
|
|
« Reply #9 on: May 10, 2006, 09:40:19 AM » |
|
hrmm, i cant seem to find that information anywheres. ill take your word on it.
|
|
|
|
|
Logged
|
|
|
|
|
Dilber MC Theme by HarzeM