What's new

Discussion King Kong Exploit (Archives)

Lucky

Lucky

HYX's stamp of approval!
Super Moderators
Premium
Scaling the Mountain Beginning of An Odyssey Bright Idea
Messages
4,660
Solutions
13
Reaction score
1,717
Points
1,650
Sin$
0
The bulk of this thread is archive based. It is vastly irrelevant as the JTAG and RGH exploits take full advantage of a console in a much better manner. The sources I used can be found here and here along with here. This is also an extension thread to JoinTheResistance's thread - here (Thanks to Ruby Ruby for finding this post for me).




51PX285K8PL._SY445_.jpg


King Kong - this was possibly one of the first major breakthroughs with the Xbox 360 in it's early years.

The back story of King Kong
.

Back in 2006, an anonymous hacking group had showed off a method of running unsigned code on an xbox 360 using a computer and a transfer cable. This blew many people by surprise as the console was still so new to the market. Now, the unsigned code that was used during King Kong is not the unsigned code we know of today (free boot consoles able to launch back up games, completely home-brew applications, development kit nands, etc etc). But, rather, the console able to load unsigned code with full privileges - which included the infamous Linux (more on Linux and the 360 later) - but only during the time the console spent running the King Kong exploit discs.


A little more back story on this anonymous hacking group... They are said to have had no intentions of really getting the Xbox 360 to run homebrew, but presumably just to run Linux.


How did the King Kong exploit work?

The King Kong exploit utilized a major flaw in the Hypervisor file. Some more on the hypervisor below. However, in the classic release of the King Kong game, a shader was able to be exploited - which granted essentially all access to the console while the game was running, as mentioned above. Of course, it was not as easy as just throwing the disc into the console and being big hacker man. But, it was still fairly easy - especially compared to the JTAG and later on RGH exploits.

The King Kong exploit would target a specific shader, Direct X, which the hypervisor recognized as valid and let's the shader do as it pleases.


-What do I need to perform this so called King Kong Exploit?
First and foremost, you need an Xbox 360 running either 4532 or 4548 - a dashboard lower or higher would not work as the exact hypervisor bug was not applicable. You would need a flashed DVD Drive (console + pc), and the original release of King Kong. As well as a computer that was able to read/write discs.


-What are the steps to performing the King Kong Exploit?

First and foremost, if your console is not on dashboard 4532 nor 4548, or any dashboard above 4598, you should stop reading here. *NOTE, JTAG and RGH consoles can not boot the 4xxx dashboards - it is patched out of bootloader. However, if you are below 4598, you are able to downgrade/upgrade to 4532/4548.* If your console meets the expectation, you will need to grab your original King Kong release disc files (whether it be from a specific DVD reader such as a 0800 or a back up of the game file existing. For piracy reasons, I will not be posting how to obtain a back up of the original King Kong release.. Next up, you'll take said files and patch it using something like an Xbox game disc back-up application. Then, you need to patch the files and burn this to a a new disc.

We're almost done! Now, you need to burn another disc - Gentoo LiveCD. This is essentially a disc that has Linux burned onto it. Not just any Linux though - XeLL.

Essentially, once you run this disc to the xbox 360 the console will load the game up as expected, however, once you press the start button - the disc shall eject and you will now insert Gentoo LiveCD and you are now loading Linux for the xbox 360.

Here is some more useful information.

maxresdefault.jpg


-What is XeLL?
XeLL stands for Xenon Linux Loader. It is a modified version of Linux that is built to run and roam on the Xbox 360 platform. If you currently have a JTAG/RGH you most likely have seen this by pressing the disc eject tray. XeLL was eventually used and written to automatically grab the consoles efuse set, cpukey, dvdkey, and some more very useful information! It also received some love and was given the power to read/write nand functions in the later years when JTAG and RGH were very popular.



-What is the Hypervisor?
The hypervisor is a form of software - that runs in between the processor and the kernel level of the console. It's main duty on the Xbox 360 was to provide strict security - preventing the console from running unsigned code. Should the hypervisor notice an attempt of unsigned code to be ran it will trigger a reboot.



Linux_Kernel_Booting.jpg

-Even more fun bits
Off my research, King Kong was only able to be performed under two very specific dashboards... 4532 and 4548. The specific Direct X shader was only noticed having a weakness in 4532 and 4548 - which is why the KK exploit does not carry through to any old dashboard.



Big shout out to xXBeefyDjXx xXBeefyDjXx for helping me get all the information correct, and adding insight and missing bits that I could not find off of researching. This information would only be about 50% correct on a good day had it not been for him collaborating with me as I dove into the wonderful world of King Kong Exploit. Seemingly lost in time that played such a wonderful part of the xbox 360's uproar of modding.

If anyone finds any information is not correct, nor up to date (or maybe just confusing), please drop a response or shoot me a PM.​
 
Last edited:
Top Bottom
Login
Register