Comments on: Current List of Revoked Xbox 360 Consoles

By: Gunmonkey80

Gunmonkey80 — Tue, 25 May 2010 08:46:03 +0000

I’m sure hackers would enjoy the benefits of memory hacking.
“Information spoofing” is a delight.
cosole id = (all to 0)
gt code 00 00 00 00
possibly edit IP to 00 00 00 00

By: xorloser

xorloser — Wed, 17 Mar 2010 00:10:40 +0000

iriez: any routine in HV is patchable if you “own” the system as you do when running something such as XBR.

from memory hashed keyvaults contained an extra key which was actually the hash over the keyvault. if it is indeed just a hash then the hash should be recalculatable as long as you have access to your cpu/fuse key.

By: Iriez

Iriez — Tue, 02 Feb 2010 07:12:11 +0000

Xor,

In process of researching the modification of Console ID, we have come to a few pieces of information. However, one thing is not behaving logically, so perhaps you can shed some light on it.

I have been told by atleast a dozen people that the hash checks are not active in v1 KV’s. This should enable us to modify them. I am however, resigned to what limited information was provided, and no one has been able to tell me as of yet, specifically, the differences between ‘v1′ and ‘v2′ KV’s and how it affects security/hash checks. But we just proved it is indeed verifying the console ID against the cert when we altered our KV’s with a new console ID on a xenon. Could you please shed some light on the subject of what is different between v1 and v2 KV’s? And if this is something not possible, how would one patch the HV/routine to prevent the check in the first place? Should XBR not be able to patch for that?

By: CodeAsm

CodeAsm — Sun, 17 Jan 2010 09:47:55 +0000

Wow, Love ur Site !
I knew math is good for something… Learning more about math XD

By: dude

dude — Sun, 06 Dec 2009 09:52:28 +0000

will do and thanks for the nice program BTW…..

By: xorloser

xorloser — Sun, 06 Dec 2009 09:38:14 +0000

No. If it could be resigned then there would be no need for all the hackery that is required to run your own stuff. Read my cryptography for dummies post for a basic overview of asymmetric cryptography which is used during signing and you might understand how and why the signing works like it does.

By: dude

dude — Sun, 06 Dec 2009 08:37:42 +0000

can a game be resigned after using XeXtool or X360GameHack?
I edited the default.xex region code from pal to region free
and want to resign it and inject it back into the games iso?
anyway?

By: xorloser

xorloser — Mon, 31 Aug 2009 02:57:01 +0000

Firstly it is assumed it is created during manufacture since the console ID exists when you buy the console and the key is part of the Console Certificate that is signed with a private key that only Microsoft has.

As for working out the algorithm it is the same as with anything hacking related, you take what you have and work backwards. So you look at the Console ID from a number of different xbox360s along with whatever other relevant information you can gleam and then it becomes fairly obvious. It is not a complicated algorithm; basically consisting of parts of the mac address and the date of manufacture.

The top 4 bits are still unknown to me as I did not come across an Xbo360 that had anything there except zeros, however the revoked list does show a very small number of IDs have some data here.

The only thing left is the CRC which tend to be calculated according to the same kinds of general rules and in this case was very simple. A brute force app that tested many different kinds of possible rules was able to identify the CRC algorithm after just a few seconds.

By: Name

Name — Sun, 30 Aug 2009 21:49:12 +0000

I’m curious, if what you say is true, and the console ID is generated at manufacture, how did you manage to work out the algorithm for generating the key?

By: sasoseso

sasoseso — Sun, 28 Jun 2009 09:24:31 +0000

i’m just asking 4 a clue to start with

anyway thanks 4 replay