I Think I Found a Way Softmod an Xbox 360

Discussion in 'Xbox 360 Modding & Tutorials' started by WIFI Darth Maul, May 25, 2017 with 42 replies and 34,548 views.

  1. WIFI Darth Maul

    WIFI Darth Maul Newbie

    Messages:
    9
    Ratings:
    0
    So I was fooling around with my xbox 360 slim and removed my hard drive from it and hook it up via connection to my desktop. I unscrewed my desktop and connected it like a normal hard drive.

    So I explored the files using Xplorer360 and found out that the 360 emulates the original xbox to play the games and that it has the same file extensions as SID5 original xbox hack.

    It also has a file called "xboxdash.xbe". So I was wondering what if I copied over the SID5 exploit files and replaced everything. When inserting an original xbox game into the 360, would it load the xbmc dash or the SID5 installer?

    I was also wondering if there was a possibility of loading the Splinter Cell exploit on the 360 through the same save hack exploit used on the original xbox.
     
  2. Atlas

    Atlas Local Rivethead VIP Retired

    Messages:
    15,880
    Ratings:
    13,239
    To be fair, JTAG/RGH consoles can run some original Xbox homebrew. However, I would think the SID5 Installer looks for and alters certain files that an Xbox 360 does not have. Likewise, given the inherent hardware components required for an Xbox 360 to run unsigned code, I don't think running SID5 on a 360 would effectively softmod the 360.
     
  3. TehCactus

    TehCactus Enthusiast

    Messages:
    49
    Ratings:
    11
    I've tried this before. The installer doesn't run as it's not on the whitelist of supported games for backwards compatibility, basically. It does run on a JTAG/RGH with hacked BC files though.
     
    • Informative Informative x 1
  4. TEIR1plus2

    TEIR1plus2 Getting There

    Messages:
    519
    Ratings:
    206
    This ^
    xbox 360 backwards compatible stuff has always been really limited. Example: at some point you were able to play halo 1 and 2 on the 360, but last time my friends and I tried(shortly after the release of the anniversary) it was disabled.
     
  5. OP
    WIFI Darth Maul

    WIFI Darth Maul Newbie

    Messages:
    9
    Ratings:
    0
    Yeah I tried it and no luck, but I am working on modding a Xbox iso game where you can hotswap the original for the modded one and somehow launch an exploit. I am also working on a second method with a hacked save game file and see how that works, because JTAG/RGH's and even flashing your console are just too much time and difficult.
     
  6. TEIR1plus2

    TEIR1plus2 Getting There

    Messages:
    519
    Ratings:
    206
    not saying its impossible, but very unlikely. Even if you found an exploit in a game like that, the HV is very good about not giving titles permissions to rewrite areas of the system like the nand, and with out that you would have to do the exploit every start up. KK exploit did that(granted they got access to the nand), the reason it moved to the smc exploit was because redoing the exploit on every boot was stupid. And not only do you need to write to the nand, you also have to bypass the checks the bootloaders do. The RGH doesn't even do that, it literally sends a RESET cmd to the cpu to GLITCH the check and run the HACKED system. The only exploit to bypass those checks was the jtag, and it literally got patched.

    To be quite honest, if you think installing a chip is too much work, I don't see you going anywhere with this project. The process literally took me maybe an hour or two to rgh my console, and I was using an LPT cable.
     
    • Like Like x 1
  7. TehCactus

    TehCactus Enthusiast

    Messages:
    49
    Ratings:
    11
    No matter what, when you try to launch whatever softmod installer you're using for the original Xbox emulation, it will not launch on a stock console.
     
    Last edited: Jun 5, 2017
  8. CaptainCamillo

    CaptainCamillo Newbie

    Messages:
    1
    Ratings:
    0
    Another idea for a softmod:

    (if this sounds idiotic please forgive me, just trying to put forth an idea or two..)

    would it be possible to get the xbox360 to connect to an 'update server' other than Microsofts, and push forth an update file that essentially does w/e you want the softmod to do..? idea no2: create an exploit that could be attached to an email, open said email/attachment through internet explorer on 360.
    or maybe something like 3dsBrowserHax.
     
    Last edited: Jun 21, 2017
  9. TEIR1plus2

    TEIR1plus2 Getting There

    Messages:
    519
    Ratings:
    206
    #1: It WOULD be possible to connect to an alternate server but impossible to execute any code not signed by MS. Thats where that idea fails.
    #2: cannot say for sure because I don't know how they made IE work, but if I had to guess I would say the IE browser is very limited in what it can run to begin with. Meaning nothing not supported by MS.
     
  10. TehCactus

    TehCactus Enthusiast

    Messages:
    49
    Ratings:
    11
    You can update from a USB, offline, so there's no point for a server redirection. You can't do anything with just an update file.
     
  11. OP
    WIFI Darth Maul

    WIFI Darth Maul Newbie

    Messages:
    9
    Ratings:
    0
    Sorry i havent responded in a while, there was a bug on the site that didnt let me log in but i tried loggging in with google chrome and it worked.

    After all my efforts in making an exploit for the 360 have all come to a fail. I have thought about server execution similiar to that of the 3ds but havent tried it yet. I also thought of a way to hotswap a modded copy of a game (i was thinking black ops 2) which would load like Swap Magic for the ps2. I have yet to try these methods because i am determined to bring a softmod to the 360 whether i create it or someone else.
     
  12. OP
    WIFI Darth Maul

    WIFI Darth Maul Newbie

    Messages:
    9
    Ratings:
    0
    I was thinking about that same thing
     
  13. OP
    WIFI Darth Maul

    WIFI Darth Maul Newbie

    Messages:
    9
    Ratings:
    0
    OK! So i used the PS4 webkit on the 360 because i was curious and it brought me to a black screen for about 30 seconds and then crashed. So ideally, i think there is much hope for some sort of server execution. Im gunna try altering the webkit exploit for the 360 and make some work arounds
     
  14. TEIR1plus2

    TEIR1plus2 Getting There

    Messages:
    519
    Ratings:
    206
    Just an fyi, the 360 is VERY secure software wise. There was never much of a point going after the software unless there was a careless programmer error(original smc exploit). Technically there was a softmod already, which was the kingkong exploit. But it was patched and there hasnt been one since
     
  15. OP
    WIFI Darth Maul

    WIFI Darth Maul Newbie

    Messages:
    9
    Ratings:
    0
    That was the saddest day of my life, i bought the King Kong game for the 360, which was also one of my favorite ps2 games, and the day i bought the game to perform the exploit, it was freakin patched! Has anyone ever gone through any other game files to see if they had like a shader or something that leads to a backdoor? If not I'll try to find one hopefully
     
  16. TEIR1plus2

    TEIR1plus2 Getting There

    Messages:
    519
    Ratings:
    206
    I think they learned their lesson with the shader thing in the kk exploit, shaders are most likely not given many permissions anymore. You might have some luck looking into a row-hammer attack? Dunno if the 360 would be vulnerable though. Its also a very unreliable attack but if you could isolate its memory reads then might be possible. Only thing I could think of for a software exploit that hasn't been patched.
     
  17. OP
    WIFI Darth Maul

    WIFI Darth Maul Newbie

    Messages:
    9
    Ratings:
    0
    I made a modded Call of Duty Black Ops 2 iso that is to be hotswapped like a normal modded game. I got a copy of Free Style Dash and copied over the contents into the Black Ops 2 iso and renamed Free Style's "default.xex" to "default_mp.xex" and replaced the Black Ops 2 "default_mp.xex" with the Free Style Dash one. I haven't tried it out yet because i ran out of f*cking DVD+R DL's, sadly. So ideally, the game is supposed to launch as normal but when you launch multiplayer it is supposed to open up Free Style Dash instead. But if anyone wants to try out what i did it would be of much help.
     
  18. TEIR1plus2

    TEIR1plus2 Getting There

    Messages:
    519
    Ratings:
    206
    Will not run. When it attempts to launch the default_mp.xex it will check for a valid RSA signature which the freestyle xex does not have. If the RSA check fails the console will refuse to run the xex.
     
  19. OP
    WIFI Darth Maul

    WIFI Darth Maul Newbie

    Messages:
    9
    Ratings:
    0
    There's no hope for an xbox 360 softmod right?! I just wish that the scene would be as big as the 3DS. They said it would be impossible to softmod the 3DS and then scene exploded. I'll keep working on it the best i can and hopefully we'll see progress whether from me or someone else. Give it a couple years and one will eventually come out
     
  20. TEIR1plus2

    TEIR1plus2 Getting There

    Messages:
    519
    Ratings:
    206
    No hope? Wasn't trying to say that. But what I have been saying is that the console is very secure from a software perspective which is why no one really goes at it from that angle. You have to realize this is Microsoft your talking about, while they are far from perfect, they have had decades of experience on the software side of things but less so on the hardware side, Sony and Nintendo don't come close to the type of experience they have. If they weren't good at making their software secure, then that would be a pretty big failure honestly. You would almost have a better chance trying to break Microsoft's RSA algorithm to sign your own code.
     

Share This Page