The NXE and CON Resigning.

**Haxalot88** · 11-16-2008, 09:00 PM

Quote: Originally Posted by Sonja

This really stinks. No seriously, there's something fishy about this...I just can't put a name on it, but something is definitely fishy. And, can someone provide a link to Xbox Scene?

xbox scene - Google Search

***Scar*** · 11-16-2008, 10:30 PM

Quote: Originally Posted by gabe_k

This may seem like a stupid question, but I'd like to know before I spend $100 on an infectus. I have a launch console, and I have NXE. I can still downgrade, correct? None of the updates can stop that?

I dont think the infectus has been tested on a console with the NXE yet. it could patch the timing attack the infectus uses so i would wait until someone tests it.

Quote: Originally Posted by halodu2de

if i have a private KV and i want to mod with NXE is it possible for M$ to ban the keyvault if i use it online or if i resign with it and give the mods to someone else and they play it online?

If you upload the file somewhere or give someone the save and they upload it then MS could ban your KV from the info on the save.

ddxcb · 11-16-2008, 10:35 PM

I herd that they patch the time attack with 66?? kernal

**Haxalot88** · 11-16-2008, 10:39 PM

Quote: Originally Posted by ddxcb

I herd that they patch the time attack with 66?? kernal

impossible to patch unless they patch the bios itself, which they cannot do from the system itself. Only new hardware revisions would be patched against it.
The reason is because all patches exist on the NAND itself. The way the system works, is the bios will load, and begin to load the system patches and kernel (this is where the timing attack works). Since the patches exist on NAND, by the time the system patch takes effect against the timing attack, the bios will have already decrypted the NAND with the cpu key, allowing the timing attack to work it's magic.

nickcas · 11-16-2008, 10:44 PM

Quote: Originally Posted by Scar

I dont think the infectus has been tested on a console with the NXE yet. it could patch the timing attack the infectus uses so i would wait until someone tests it.

I know that the NXE has been tested on a console that already downgraded before.

**Haxalot88** · 11-16-2008, 10:53 PM

Quote: Originally Posted by nickcas

I know that the NXE has been tested on a console that already downgraded before, and it's different from previous downgrades but it works.

I don't know if it works on a console that would be using infectus for the first time or not though. It may be the same process.

as long as it's a vulnerable console, it will be downgradeable. Timing attack is not affect. See above for details.

nickcas · 11-16-2008, 11:47 PM

Quote: Originally Posted by Haxalot88

as long as it's a vulnerable console, it will be downgradeable. Timing attack is not affect. See above for details.

Yeah, I see that. I meant upgrades, my bad lol. If you're upgrading from an exploitable console, the procedure is a little different. You have to resolder your r6t3 in place, or you'll get an error when upgrading. I think so it blows an efuse.

**Haxalot88** · 11-17-2008, 12:04 AM

Quote: Originally Posted by nickcas

Yeah, I see that. I meant upgrades, my bad lol. If you're upgrading from an exploitable console, the procedure is a little different. You have to resolder your r6t3 in place, or you'll get an error when upgrading. I think so it blows an efuse.

ah, Microsoft finally got a bit smarter

**Halodu2de** · 11-17-2008, 11:00 AM

ill just resign 5 maps at a time so that at least i make a profit over what i payed for it so if anyone wants me to resign you'll get the map after i get four other maps and after then ill lower the price drastically cause then its not as bad if my kv gets banned

dschu012 · 11-17-2008, 12:43 PM

If your only using it for yourself and a few others it is likely it won't get banned. Because if 360gamesaves KV wasn't banned what is the chances yours will as long as you keep it relatively private.

Resigning halo maps is probably the easiest way to get your KV banned tho since you can't resave the file when you load it up on another xbox.

**Halodu2de** · 11-17-2008, 02:01 PM

i could have people save it through my fileshare quickly or just custom games but yea maybe ill do different packages so like monthly or weekly or certain number and get one free

***Scar*** · 11-17-2008, 03:54 PM

Quote: Originally Posted by dschu012

If your only using it for yourself and a few others it is likely it won't get banned. Because if 360gamesaves KV wasn't banned what is the chances yours will as long as you keep it relatively private.

Resigning halo maps is probably the easiest way to get your KV banned tho since you can't resave the file when you load it up on another xbox.

The 360gs keys were banned...

LeeringPaladin · 11-17-2008, 04:17 PM

Good idea, this should get answer a lot of peoples questions.

Supermodder911 · 11-17-2008, 08:20 PM

Just to clear a few things up, MS wouldn't actually "ban" the KV... They could simply add the SHA1 digest of the public key certificate found in the CON header at 0x4(0xA8 bytes long) to a list of "banned" or "blasklisted" keys. That list could then be checked by the kernel and the keys are only loaded and the signature of the 0xA8 byte certificate then verified if the hash is not found in the "list". I don't know for sure but this seems like the right way to do it, I'll check out the kernel later...

**Haxalot88** · 11-17-2008, 08:31 PM

Quote: Originally Posted by Supermodder911

Just to clear a few things up, MS wouldn't actually "ban" the KV... They could simply add the SHA1 digest of the public key certificate found in the CON header at 0x4(0xA8 bytes long) to a list of "banned" or "blasklisted" keys. That list could then be checked by the kernel and the keys are only loaded and the signature of the 0xA8 byte certificate then verified if the hash is not found in the "list". I don't know for sure but this seems like the right way to do it, I'll check out the kernel later...

I've checked several combonations in the system update so far. I checked them in any XEX's that might have them, along with some accompanied binary files. Nothing stores SHA1 hashes (of the entire public key, or any portion there-of) or any parts of the keys from what I have so far checked. I'll check a few more things though.

Supermodder911 · 11-17-2008, 08:34 PM

Quote: Originally Posted by Haxalot88

I've checked several combonations in the system update so far. I checked them in any XEX's that might have them, along with some accompanied binary files. Nothing stores SHA1 hashes (of the entire public key, or any portion there-of) or any parts of the keys from what I have so far checked. I'll check a few more things though.

It can be embedded in the kernel/HV...

Edit: Skimming the public key signature verification function, I don't see any checking with the digest. I'll check out xam...

**Halodu2de** · 11-17-2008, 09:44 PM

seriously, WHAT THE F**K NOW I FEEL LIKE A NOOB I DIDNT UNDERSTAND ONE WORD YOU SAID......... well maybe ONE

Eaton · 11-17-2008, 09:53 PM

Quote: Originally Posted by halodu2de

seriously, WHAT THE F**K NOW I FEEL LIKE A NOOB I DIDNT UNDERSTAND ONE WORD YOU SAID......... well maybe ONE

Lol. Welcome to the technical side of Halo modding.

Supermodder911 · 11-17-2008, 10:17 PM

The current discussion isn't halo related..., but yea...technical side.

***Scar*** · 11-18-2008, 12:44 AM

Yeah, CON resigning isnt JUST Halo 3 related. I just posted it here because thats what the main population of this site is into...

11-16-2008, 09:00 PM	#21
Haxalot88 I ****ing dare you	Re: The NXE and CON Resigning. Quote: Originally Posted by Sonja This really stinks. No seriously, there's something fishy about this...I just can't put a name on it, but something is definitely fishy. And, can someone provide a link to Xbox Scene? xbox scene - Google Search

11-16-2008, 10:30 PM	#22
*Scar* Retired Staff	Re: The NXE and CON Resigning. Quote: Originally Posted by gabe_k This may seem like a stupid question, but I'd like to know before I spend $100 on an infectus. I have a launch console, and I have NXE. I can still downgrade, correct? None of the updates can stop that? I dont think the infectus has been tested on a console with the NXE yet. it could patch the timing attack the infectus uses so i would wait until someone tests it. Quote: Originally Posted by halodu2de if i have a private KV and i want to mod with NXE is it possible for M$ to ban the keyvault if i use it online or if i resign with it and give the mods to someone else and they play it online? If you upload the file somewhere or give someone the save and they upload it then MS could ban your KV from the info on the save.

11-16-2008, 10:35 PM	#23
ddxcb Junior Member	Re: The NXE and CON Resigning. I herd that they patch the time attack with 66?? kernal

11-16-2008, 10:39 PM	#24
Haxalot88 I ****ing dare you	Re: The NXE and CON Resigning. Quote: Originally Posted by ddxcb I herd that they patch the time attack with 66?? kernal impossible to patch unless they patch the bios itself, which they cannot do from the system itself. Only new hardware revisions would be patched against it. The reason is because all patches exist on the NAND itself. The way the system works, is the bios will load, and begin to load the system patches and kernel (this is where the timing attack works). Since the patches exist on NAND, by the time the system patch takes effect against the timing attack, the bios will have already decrypted the NAND with the cpu key, allowing the timing attack to work it's magic.

11-16-2008, 10:44 PM	#25
nickcas Member	Re: The NXE and CON Resigning. Quote: Originally Posted by Scar I dont think the infectus has been tested on a console with the NXE yet. it could patch the timing attack the infectus uses so i would wait until someone tests it. I know that the NXE has been tested on a console that already downgraded before. Last edited by nickcas; 11-16-2008 at 11:48 PM.

		Se7enSins Forums > Xbox 360 Gaming > Halo 3 & Halo 3: ODST > Halo 3 Modding > Halo 3 Modding Discussion
The NXE and CON Resigning.

11-16-2008, 10:53 PM	#26
Haxalot88 I ****ing dare you	Re: The NXE and CON Resigning. Quote: Originally Posted by nickcas I know that the NXE has been tested on a console that already downgraded before, and it's different from previous downgrades but it works. I don't know if it works on a console that would be using infectus for the first time or not though. It may be the same process. as long as it's a vulnerable console, it will be downgradeable. Timing attack is not affect. See above for details.

11-16-2008, 11:47 PM	#27
nickcas Member	Re: The NXE and CON Resigning. Quote: Originally Posted by Haxalot88 as long as it's a vulnerable console, it will be downgradeable. Timing attack is not affect. See above for details. Yeah, I see that. I meant upgrades, my bad lol. If you're upgrading from an exploitable console, the procedure is a little different. You have to resolder your r6t3 in place, or you'll get an error when upgrading. I think so it blows an efuse.

11-17-2008, 12:04 AM	#28
Haxalot88 I ****ing dare you	Re: The NXE and CON Resigning. Quote: Originally Posted by nickcas Yeah, I see that. I meant upgrades, my bad lol. If you're upgrading from an exploitable console, the procedure is a little different. You have to resolder your r6t3 in place, or you'll get an error when upgrading. I think so it blows an efuse. ah, Microsoft finally got a bit smarter

11-17-2008, 11:00 AM	#29
Halodu2de Modding Beast	Re: The NXE and CON Resigning. ill just resign 5 maps at a time so that at least i make a profit over what i payed for it so if anyone wants me to resign you'll get the map after i get four other maps and after then ill lower the price drastically cause then its not as bad if my kv gets banned

11-17-2008, 12:43 PM	#30
dschu012 Member	Re: The NXE and CON Resigning. If your only using it for yourself and a few others it is likely it won't get banned. Because if 360gamesaves KV wasn't banned what is the chances yours will as long as you keep it relatively private. Resigning halo maps is probably the easiest way to get your KV banned tho since you can't resave the file when you load it up on another xbox.

11-17-2008, 02:01 PM	#31
Halodu2de Modding Beast	Re: The NXE and CON Resigning. i could have people save it through my fileshare quickly or just custom games but yea maybe ill do different packages so like monthly or weekly or certain number and get one free

11-17-2008, 03:54 PM	#32
*Scar* Retired Staff	Re: The NXE and CON Resigning. Quote: Originally Posted by dschu012 If your only using it for yourself and a few others it is likely it won't get banned. Because if 360gamesaves KV wasn't banned what is the chances yours will as long as you keep it relatively private. Resigning halo maps is probably the easiest way to get your KV banned tho since you can't resave the file when you load it up on another xbox. The 360gs keys were banned...

11-17-2008, 04:17 PM	#33
LeeringPaladin Junior Member	Re: The NXE and CON Resigning. Good idea, this should get answer a lot of peoples questions.

11-17-2008, 08:20 PM	#34
Supermodder911 Junior Member	Re: The NXE and CON Resigning. Just to clear a few things up, MS wouldn't actually "ban" the KV... They could simply add the SHA1 digest of the public key certificate found in the CON header at 0x4(0xA8 bytes long) to a list of "banned" or "blasklisted" keys. That list could then be checked by the kernel and the keys are only loaded and the signature of the 0xA8 byte certificate then verified if the hash is not found in the "list". I don't know for sure but this seems like the right way to do it, I'll check out the kernel later... Last edited by Supermodder911; 11-17-2008 at 08:20 PM.

11-17-2008, 08:31 PM	#35
Haxalot88 I ****ing dare you	Re: The NXE and CON Resigning. Quote: Originally Posted by Supermodder911 Just to clear a few things up, MS wouldn't actually "ban" the KV... They could simply add the SHA1 digest of the public key certificate found in the CON header at 0x4(0xA8 bytes long) to a list of "banned" or "blasklisted" keys. That list could then be checked by the kernel and the keys are only loaded and the signature of the 0xA8 byte certificate then verified if the hash is not found in the "list". I don't know for sure but this seems like the right way to do it, I'll check out the kernel later... I've checked several combonations in the system update so far. I checked them in any XEX's that might have them, along with some accompanied binary files. Nothing stores SHA1 hashes (of the entire public key, or any portion there-of) or any parts of the keys from what I have so far checked. I'll check a few more things though.

11-17-2008, 08:34 PM	#36
Supermodder911 Junior Member	Re: The NXE and CON Resigning. Quote: Originally Posted by Haxalot88 I've checked several combonations in the system update so far. I checked them in any XEX's that might have them, along with some accompanied binary files. Nothing stores SHA1 hashes (of the entire public key, or any portion there-of) or any parts of the keys from what I have so far checked. I'll check a few more things though. It can be embedded in the kernel/HV... Edit: Skimming the public key signature verification function, I don't see any checking with the digest. I'll check out xam... Last edited by Supermodder911; 11-17-2008 at 08:38 PM.

11-17-2008, 09:44 PM	#37
Halodu2de Modding Beast	Re: The NXE and CON Resigning. seriously, WHAT THE F**K NOW I FEEL LIKE A NOOB I DIDNT UNDERSTAND ONE WORD YOU SAID......... well maybe ONE

11-17-2008, 09:53 PM	#38
Eaton Member	Re: The NXE and CON Resigning. Quote: Originally Posted by halodu2de seriously, WHAT THE F**K NOW I FEEL LIKE A NOOB I DIDNT UNDERSTAND ONE WORD YOU SAID......... well maybe ONE Lol. Welcome to the technical side of Halo modding.

11-17-2008, 10:17 PM	#39
Supermodder911 Junior Member	Re: The NXE and CON Resigning. The current discussion isn't halo related..., but yea...technical side.

11-18-2008, 12:44 AM	#40
*Scar* Retired Staff	Re: The NXE and CON Resigning. Yeah, CON resigning isnt JUST Halo 3 related. I just posted it here because thats what the main population of this site is into...

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode