What's new
  • Howdy, Guest!

    We have issued a forced password reset on all user accounts, meaning you will not be able to login until this process is complete. Instructions will be displayed when you login with your previous credentials, however if for any reason you do not have access to your associated email address, you will need to contact us at [email protected].

    For more information, please read this Important Announcement

    Thank you for being awesome!

Discussion Possibly a new lead for the xbox 360 RSA key?

  • Thread starter Mind
  • Start date
  • Views 7,226
Status
Not open for further replies.
Mind

Mind

Enthusiast
Messages
813
Reaction score
113
Points
125
Sin$
0
I know this has been talked about many times before But I found a file located on the xbox that mentions RSAKeyValue, PublicKeyValue, Encryption Algorithms over and over and I figured maybe it means something. Now I have to agree I do not know much about the RSA key but this caught my eye. Please dont flame, just posting what I found.

I have not gone through all the websites listed but this one caught my eye: http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd

?CžeKÌ|‰îÍ6ôH£›;L31WDäÛ ·$ý²•±’äGÓu²³ÂXó`ôc3µµ$' ''b !–NªÖ¬£·Ý.h|ü/3JWdÀ;Çå‹´¯òÛÐkøb›–0fÃqÓ6w „í7U€ÇºÓíX®$,À‡CÇ”ÿP-맖°•Ìwv‰¡öšù}ç[ÂtøÐ# * æ÷mñŠ1Åýüûîim­MÏéÜЪF*HcÆÅ6Ô·šÍ`˜$Å?^;—å …Õl!v£/¥3m_à/ôÛÚ¨ Í‹^ôE?ØÐhX3ê]± æÎ/d#xJôÏ;U><c:CertificateCollection xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:c="http://schemas.microsoft.com/DRM/2004/02/cert" c:Version="2.0"><c:Certificate><c:biggrin:ata xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:c="http://schemas.microsoft.com/DRM/2004/02/cert"><c:tongue:ublicKey><KeyValue><RSAKeyValue><Modulus>m+rPUYKbubVPXrU6LVcxOSmBNHFNYe/7JqocxGKnB/aPcTDsSqE8tAIPKgeRsAzBHGdMYJTkP0mne6RhgCg0oXRNPwfe0LydV+g6VmETTYROsSxE/y60Q8GErdqmXaKCqrIJ1nNxyQt/2ptFKpGMOwSktRXfEGsRh/rwx36le2c=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue></c:tongue:ublicKey><c:KeyUsage><c:EncryptKey>1</c:EncryptKey></c:KeyUsage><c:SecurityLevel>2000</c:SecurityLevel><c:ManufacturerData><c:ManufacturerName>Microsoft Corporation</c:ManufacturerName><c:ManufacturerURL>www.microsoft.com</c:ManufacturerURL><c:ModelName>Xbox 360</c:ModelName><c:ModelNumber>ffffffff9810df38</c:ModelNumber></c:ManufacturerData><c:Features><c:WMDRMReceiver>1</c:WMDRMReceiver></c:Features></c:biggrin:ata><Signature><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></CanonicalizationMethod><SignatureMethod Algorithm="http://schemas.microsoft.com/DRM/2004/02/CERT/Rsa-sha1"></SignatureMethod><Reference><Transforms><Transform Algorithm="http://schemas.microsoft.com/DRM/2004/02/CERT/Data"></Transform><Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></Transform></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></DigestMethod><DigestValue>3+WQ7VNxqxdjY8txJWXb1Ud/K38=</DigestValue></Reference></SignedInfo><SignatureValue>OzgYJZ5mbKzsuSdk8Hb4kFczbUxPyWES4zh7kwNgMMYnRhzhnysbR18Ia056PA7dBWlH7FlkoU5mv0DMSCwjqRySoUYU1Ia+O6F8eKPStSDsR1T0ENHByhGrU2HAQd/b111xMJ6cTKmqZywKIUQ9TKyfhW5bPtLpf3V7UNtjfjY=</SignatureValue><KeyInfo><KeyValue><RSAKeyValue><Modulus>scyFBjV9WofAgCpROXe+QkPTcprUJJt/nHpGhVHzlK1CDfXit52bTj8OoVxfQZx0tFH5Qi7XSgdfNyNLZF+I5UrG4EPbee73t4qkNO0C1Oni75Wi3Et4mmrGlkishbEj395geGRlPdG8llWkuJKb9jhIqMeAvPLjxSK7VulHx7M=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue></KeyInfo></Signature></c:Certificate><c:Certificate><c:biggrin:ata xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:c="http://schemas.microsoft.com/DRM/2004/02/cert"><c:tongue:ublicKey><KeyValue><RSAKeyValue><Modulus>scyFBjV9WofAgCpROXe+QkPTcprUJJt/nHpGhVHzlK1CDfXit52bTj8OoVxfQZx0tFH5Qi7XSgdfNyNLZF+I5UrG4EPbee73t4qkNO0C1Oni75Wi3Et4mmrGlkishbEj395geGRlPdG8llWkuJKb9jhIqMeAvPLjxSK7VulHx7M=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue></c:tongue:ublicKey><c:KeyUsage><c:SignCertificate>1</c:SignCertificate></c:KeyUsage><c:SecurityLevel>2000</c:SecurityLevel><c:ManufacturerData><c:ManufacturerName>Microsoft</c:ManufacturerName><c:ManufacturerURL>http://www.xbox.com</c:ManufacturerURL></c:ManufacturerData></c:biggrin:ata><Signature><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></CanonicalizationMethod><SignatureMethod Algorithm="http://schemas.microsoft.com/DRM/2004/02/CERT/Rsa-sha1"></SignatureMethod><Reference><Transforms><Transform Algorithm="http://schemas.microsoft.com/DRM/2004/02/CERT/Data"></Transform><Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></Transform></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></DigestMethod><DigestValue>X+BRD7jGOtazq9aUgYlL2OQgIZ8=</DigestValue></Reference></SignedInfo><SignatureValue>RQX/hYYPNKCTWOQKeHBcPWe8UGmrDVHpevodyFBhzN/J4AEuZaWuJXCjFSENVjYbuA/4GdrP8FQCqJworXleFqK7Z04uei6t0NZHkVhX1g4/Yuc59XGLOzqumuQdor7i2wEWrHt5sOEyu73Mm6I/2tezmCun8qWNXQD/m9vJeNU=</SignatureValue><KeyInfo><KeyValue><RSAKeyValue><Modulus>+KcXELSdK/Z1CkCvlPFC90hLkVvawISwrmUggpDIR5l7j7/LqFVQ2h5bsye/YUtA/aowmN5Im/RRxtB4hIDHuZcXlUH0llxWNggySMJjRUGiHXU84iREMegNGhvU/1VtJn+cuN8iSPoYFTyEqsPN0//hdmRe3aSWoEX+6mBQWJc=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue></KeyInfo></Signature></c:Certificate><c:Certificate><c:biggrin:ata xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:c="http://schemas.microsoft.com/DRM/2004/02/cert"><c:tongue:ublicKey><KeyValue><RSAKeyValue><Modulus>+KcXELSdK/Z1CkCvlPFC90hLkVvawISwrmUggpDIR5l7j7/LqFVQ2h5bsye/YUtA/aowmN5Im/RRxtB4hIDHuZcXlUH0llxWNggySMJjRUGiHXU84iREMegNGhvU/1VtJn+cuN8iSPoYFTyEqsPN0//hdmRe3aSWoEX+6mBQWJc=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue></c:tongue:ublicKey><c:KeyUsage><c:SignCertificate>1</c:SignCertificate></c:KeyUsage><c:SecurityLevel>2000</c:SecurityLevel><c:ManufacturerData><c:ManufacturerName>Microsoft</c:ManufacturerName><c:ManufacturerURL>http://www.xbox.com</c:ManufacturerURL></c:ManufacturerData></c:biggrin:ata><Signature><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></CanonicalizationMethod><SignatureMethod Algorithm="http://schemas.microsoft.com/DRM/2004/02/CERT/Rsa-sha1"></SignatureMethod><Reference><Transforms><Transform Algorithm="http://schemas.microsoft.com/DRM/2004/02/CERT/Data"></Transform><Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></Transform></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></DigestMethod><DigestValue>U5dAyOG2XT7VNLuBzelylrL8NEM=</DigestValue></Reference></SignedInfo><SignatureValue>EUyjTNzHiHvhiBLzsza4Wii8wZyv70eSWT9VsxEYsSAXl5LUH1GIT7svONlfGzOyMHchnBMd2Qc3M19IBiFQ+dFzrXobVxDiPflg4fyEkIvn/eMujcRCSU+9drYKs2QysTJ9k2GjPcmQ8wWG4lftDgc555cCQiIhkNlOTEWFcis=</SignatureValue><KeyInfo><KeyValue><RSAKeyValue><Modulus>sAMzO56CMzRDa9cif2VfezUAA6e5XkSoyzHabqkIcIYIYEP2h61ukH93js6NDIG0bcGye/TlnxOtdeuKGmO0AOYbgJ7piCe0ZVyNdMn/1DrEflvHoA8YnMfl96/PoLrEwKw7j9FZR1XvjDpUl4mClydY5jrWy8xkNkuRCYh3PJE=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue></KeyInfo></Signature></c:Certificate><c:Certificate><c:biggrin:ata xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:c="http://schemas.microsoft.com/DRM/2004/02/cert"><c:tongue:ublicKey><KeyValue><RSAKeyValue><Modulus>sAMzO56CMzRDa9cif2VfezUAA6e5XkSoyzHabqkIcIYIYEP2h61ukH93js6NDIG0bcGye/TlnxOtdeuKGmO0AOYbgJ7piCe0ZVyNdMn/1DrEflvHoA8YnMfl96/PoLrEwKw7j9FZR1XvjDpUl4mClydY5jrWy8xkNkuRCYh3PJE=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue></c:tongue:ublicKey><c:KeyUsage><c:SignCertificate>1</c:SignCertificate></c:KeyUsage><c:SecurityLevel>3000</c:SecurityLevel><c:ManufacturerData><c:ManufacturerName>Microsoft Corporation</c:ManufacturerName><c:ManufacturerURL>http://www.microsoft.com</c:ManufacturerURL></c:ManufacturerData></c:biggrin:ata><Signature><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></CanonicalizationMethod><SignatureMethod Algorithm="http://schemas.microsoft.com/DRM/2004/02/CERT/Rsa-sha1"></SignatureMethod><Reference><Transforms><Transform Algorithm="http://schemas.microsoft.com/DRM/2004/02/CERT/Data"></Transform><Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></Transform></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></DigestMethod><DigestValue>6Oa4ngWiBGCi2UmRjCzkNaiiNUY=</DigestValue></Reference></SignedInfo><SignatureValue>L8ae7IcXOLihq5n0q7T4KYcCuhRlhKU6qa5yy+4bmFS9qr7th2KIvSo6/zKrYTwnvMHuHyZK7Es3lIYCoBuVhr7sPABh7M//5WajfaKyMQpeTC28P3Htsv448o5YYTSXuIdzssY/EbBQ0PpOyf4zxvXZxIbRm8EpCpDm0DZZeIM=</SignatureValue><KeyInfo><KeyValue><RSAKeyValue><Modulus>pjoeWLSTLDonQG8She6QhkYbYott9fPZ8tHdB128ZETcghn5KHoyin7HkJEcPJ0Eg4UdSva0KDIYDjA3EXd69R3CN2Wp/QyOo0ZPYWYp3NXpJ700tKPgIplzo5wVd/69g7j+j8M66W7VNmDwaNs9mDc1p2+VVMsDhOsV/Au6E+E=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue></KeyInfo></Signature></c:Certificate></c:CertificateCollection>
 
thegamex11

thegamex11

Enthusiast
Messages
162
Reaction score
6
Points
70
Sin$
0
hmm interesting you should look alot more into this dont know much about it but its worth a shot at
 
E

EclipseModz

VIP
VIP
Retired
Messages
7,688
Reaction score
2,715
Points
655
Sin$
0
We have the public key. The private key is what is needed. That you will not get.
 
Sol Invictus

scopen4

Contributor
Messages
2,643
Reaction score
637
Points
325
Sin$
0
To successfully crack this mechanism, a hacker must either obtain the private RSA key from the Microsoft vault, or somehow manage to factor the 2048-bit public key. The likelihood of the private key being broken by a brute force attack on the public key is infinitesimally small. You have a much better chance of being struck by lighting twice and winning the lottery all on the same day. Finding a modification to a XEX section that generates the same hash requires an average of 2[sup]63[/sup] attempts — about three million years, assuming that you could generate a new section 100 thousand times per second
 
I EAT BABIES

I EAT BABIES

Do you own a Johnny West?
Messages
1,247
Reaction score
150
Points
210
Sin$
0
When your xbox over flows with CPU ram usages It crashes displaying all of the signatures. I had this happen once but did not know what to do with it back them. I'm sorry I f***ed up.
 
FreedomForAll

FreedomForAll

Enthusiast
Messages
60
Reaction score
4
Points
55
Sin$
0
This is probably an old topic, but after reading some information on the internet, I think I have a possible solution.

Read here about a Berkeley student cracking a RSA 40-bit key in 3.5 hours. He uses 250 idle computers to generate 100 billion attempts at the private key per hour. This translates to 27777777.778 attempts per second. That is about seven times the requirement here:
To successfully crack this mechanism, a hacker must either obtain the private RSA key from the Microsoft vault, or somehow manage to factor the 2048-bit public key. The likelihood of the private key being broken by a brute force attack on the public key is infinitesimally small. You have a much better chance of being struck by lighting twice and winning the lottery all on the same day. Finding a modification to a XEX section that generates the same hash requires an average of 263 attempts — about three million years, assuming that you could generate a new section 100 thousand times per second.
Three million years divided by seven is... 428571428.57 years. Oh yeah. But, if the computing power was increased to 500 computers or 1000 computers, the calculations could increase to 200 billion or 400 billion, respectively. Think of the possibilities.

Tell me if I'm wrong and just made a fool of myself.
 
S

SecToR .7

Enthusiast
Messages
955
Reaction score
170
Points
165
Sin$
0
This is probably an old topic, but after reading some information on the internet, I think I have a possible solution.

Read here about a Berkeley student cracking a RSA 40-bit key in 3.5 hours. He uses 250 idle computers to generate 100 billion attempts at the private key per hour. This translates to 27777777.778 attempts per second. That is about seven times the requirement here:

Three million years divided by seven is... 428571428.57 years. Oh yeah. But, if the computing power was increased to 500 computers or 1000 computers, the calculations could increase to 200 billion or 400 billion, respectively. Think of the possibilities.

Tell me if I'm wrong and just made a fool of myself.
Your explanation works as a proof of concept. Now go and get 500 to 1000 computers that can manage that.
 
FreedomForAll

FreedomForAll

Enthusiast
Messages
60
Reaction score
4
Points
55
Sin$
0
Your explanation works as a proof of concept. Now go and get 500 to 1000 computers that can manage that.

Thanks, now I know that I wasn't a complete fool. Sarcastic comment: if everyone who is a member at 7S let their computers be used for cracking the key we could get it done in a matter of hours.
 
Sol Invictus

scopen4

Contributor
Messages
2,643
Reaction score
637
Points
325
Sin$
0
Thanks, now I know that I wasn't a complete fool. Sarcastic comment: if everyone who is a member at 7S let their computers be used for cracking the key we could get it done in a matter of hours.

Highly unlikely.
 
FreedomForAll

FreedomForAll

Enthusiast
Messages
60
Reaction score
4
Points
55
Sin$
0
Well now. Think of 250 idle computers making 100 billion calculations an hour at a 40bit key. Now think of almost 200000 computers (that's how many members we have, right?) making 100 billion calculations an hour at a 2048bit key. Pwnage, much?
 
S

SecToR .7

Enthusiast
Messages
955
Reaction score
170
Points
165
Sin$
0
Well now. Think of 250 idle computers making 100 billion calculations an hour at a 40bit key. Now think of almost 200000 computers (that's how many members we have, right?) making 100 billion calculations an hour at a 2048bit key. Pwnage, much?
Of those 200,000 a small fraction are active here.
 
BigWalrus

BigWalrus

Enthusiast
Messages
1,991
Reaction score
885
Points
175
Sin$
0
Well now. Think of 250 idle computers making 100 billion calculations an hour at a 40bit key. Now think of almost 200000 computers (that's how many members we have, right?) making 100 billion calculations an hour at a 2048bit key. Pwnage, much?
think of it this way. what percentage of the people would actually help with this and how much of those members would actually read the thread if you made one trying to get people to help.
 
FreedomForAll

FreedomForAll

Enthusiast
Messages
60
Reaction score
4
Points
55
Sin$
0
think of it this way. what percentage of the people would actually help with this and how much of those members would actually read the thread if you made one trying to get people to help.
Exactly. There's pretty much no way to get enough computing power without M$ noticing. Wouldn't you notice if a forum was suddenly taking control of all it's members' computers?
 
BigWalrus

BigWalrus

Enthusiast
Messages
1,991
Reaction score
885
Points
175
Sin$
0
Exactly. There's pretty much no way to get enough computing power without M$ noticing. Wouldn't you notice if a forum was suddenly taking control of all it's members' computers?
FFS thats not what I ment...
 
D

Dr Hynexaz

Newbie
Messages
1
Reaction score
0
Points
35
Sin$
0
I know this has been talked about many times before But I found a file located on the xbox that mentions RSAKeyValue, PublicKeyValue, Encryption Algorithms over and over and I figured maybe it means something. Now I have to agree I do not know much about the RSA key but this caught my eye. Please dont flame, just posting what I found.

I have not gone through all the websites listed but this one caught my eye: http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd

?CžeKÌ|‰îÍ6ôH£›;L31WDäÛ ·$ý²•±’äGÓu²³ÂXó`ôc3µµ$' ''b !–NªÖ¬£·Ý.h|ü/3JWdÀ;Çå‹´¯òÛÐkøb›–0fÃqÓ6w „í7U€ÇºÓíX®$,À‡CÇ”ÿP-맖°•Ìwv‰¡öšù}ç[ÂtøÐ# * æ÷mñŠ1Åýüûîim­MÏéÜЪF*HcÆÅ6Ô·šÍ`˜$Å?^;—å …Õl!v£/¥3m_à/ôÛÚ¨ Í‹^ôE?ØÐhX3ê]± æÎ/d#xJôÏ;U><c:CertificateCollection xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:c="http://schemas.microsoft.com/DRM/2004/02/cert" c:Version="2.0"><c:Certificate><c:biggrin:ata xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:c="http://schemas.microsoft.com/DRM/2004/02/cert"><c:tongue:ublicKey><KeyValue><RSAKeyValue><Modulus>m+rPUYKbubVPXrU6LVcxOSmBNHFNYe/7JqocxGKnB/aPcTDsSqE8tAIPKgeRsAzBHGdMYJTkP0mne6RhgCg0oXRNPwfe0LydV+g6VmETTYROsSxE/y60Q8GErdqmXaKCqrIJ1nNxyQt/2ptFKpGMOwSktRXfEGsRh/rwx36le2c=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue></c:tongue:ublicKey><c:KeyUsage><c:EncryptKey>1</c:EncryptKey></c:KeyUsage><c:SecurityLevel>2000</c:SecurityLevel><c:ManufacturerData><c:ManufacturerName>Microsoft Corporation</c:ManufacturerName><c:ManufacturerURL>www.microsoft.com</c:ManufacturerURL><c:ModelName>Xbox 360</c:ModelName><c:ModelNumber>ffffffff9810df38</c:ModelNumber></c:ManufacturerData><c:Features><c:WMDRMReceiver>1</c:WMDRMReceiver></c:Features></c:biggrin:ata><Signature><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></CanonicalizationMethod><SignatureMethod Algorithm="http://schemas.microsoft.com/DRM/2004/02/CERT/Rsa-sha1"></SignatureMethod><Reference><Transforms><Transform Algorithm="http://schemas.microsoft.com/DRM/2004/02/CERT/Data"></Transform><Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></Transform></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></DigestMethod><DigestValue>3+WQ7VNxqxdjY8txJWXb1Ud/K38=</DigestValue></Reference></SignedInfo><SignatureValue>OzgYJZ5mbKzsuSdk8Hb4kFczbUxPyWES4zh7kwNgMMYnRhzhnysbR18Ia056PA7dBWlH7FlkoU5mv0DMSCwjqRySoUYU1Ia+O6F8eKPStSDsR1T0ENHByhGrU2HAQd/b111xMJ6cTKmqZywKIUQ9TKyfhW5bPtLpf3V7UNtjfjY=</SignatureValue><KeyInfo><KeyValue><RSAKeyValue><Modulus>scyFBjV9WofAgCpROXe+QkPTcprUJJt/nHpGhVHzlK1CDfXit52bTj8OoVxfQZx0tFH5Qi7XSgdfNyNLZF+I5UrG4EPbee73t4qkNO0C1Oni75Wi3Et4mmrGlkishbEj395geGRlPdG8llWkuJKb9jhIqMeAvPLjxSK7VulHx7M=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue></KeyInfo></Signature></c:Certificate><c:Certificate><c:biggrin:ata xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:c="http://schemas.microsoft.com/DRM/2004/02/cert"><c:tongue:ublicKey><KeyValue><RSAKeyValue><Modulus>scyFBjV9WofAgCpROXe+QkPTcprUJJt/nHpGhVHzlK1CDfXit52bTj8OoVxfQZx0tFH5Qi7XSgdfNyNLZF+I5UrG4EPbee73t4qkNO0C1Oni75Wi3Et4mmrGlkishbEj395geGRlPdG8llWkuJKb9jhIqMeAvPLjxSK7VulHx7M=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue></c:tongue:ublicKey><c:KeyUsage><c:SignCertificate>1</c:SignCertificate></c:KeyUsage><c:SecurityLevel>2000</c:SecurityLevel><c:ManufacturerData><c:ManufacturerName>Microsoft</c:ManufacturerName><c:ManufacturerURL>http://www.xbox.com</c:ManufacturerURL></c:ManufacturerData></c:biggrin:ata><Signature><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></CanonicalizationMethod><SignatureMethod Algorithm="http://schemas.microsoft.com/DRM/2004/02/CERT/Rsa-sha1"></SignatureMethod><Reference><Transforms><Transform Algorithm="http://schemas.microsoft.com/DRM/2004/02/CERT/Data"></Transform><Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></Transform></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></DigestMethod><DigestValue>X+BRD7jGOtazq9aUgYlL2OQgIZ8=</DigestValue></Reference></SignedInfo><SignatureValue>RQX/hYYPNKCTWOQKeHBcPWe8UGmrDVHpevodyFBhzN/J4AEuZaWuJXCjFSENVjYbuA/4GdrP8FQCqJworXleFqK7Z04uei6t0NZHkVhX1g4/Yuc59XGLOzqumuQdor7i2wEWrHt5sOEyu73Mm6I/2tezmCun8qWNXQD/m9vJeNU=</SignatureValue><KeyInfo><KeyValue><RSAKeyValue><Modulus>+KcXELSdK/Z1CkCvlPFC90hLkVvawISwrmUggpDIR5l7j7/LqFVQ2h5bsye/YUtA/aowmN5Im/RRxtB4hIDHuZcXlUH0llxWNggySMJjRUGiHXU84iREMegNGhvU/1VtJn+cuN8iSPoYFTyEqsPN0//hdmRe3aSWoEX+6mBQWJc=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue></KeyInfo></Signature></c:Certificate><c:Certificate><c:biggrin:ata xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:c="http://schemas.microsoft.com/DRM/2004/02/cert"><c:tongue:ublicKey><KeyValue><RSAKeyValue><Modulus>+KcXELSdK/Z1CkCvlPFC90hLkVvawISwrmUggpDIR5l7j7/LqFVQ2h5bsye/YUtA/aowmN5Im/RRxtB4hIDHuZcXlUH0llxWNggySMJjRUGiHXU84iREMegNGhvU/1VtJn+cuN8iSPoYFTyEqsPN0//hdmRe3aSWoEX+6mBQWJc=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue></c:tongue:ublicKey><c:KeyUsage><c:SignCertificate>1</c:SignCertificate></c:KeyUsage><c:SecurityLevel>2000</c:SecurityLevel><c:ManufacturerData><c:ManufacturerName>Microsoft</c:ManufacturerName><c:ManufacturerURL>http://www.xbox.com</c:ManufacturerURL></c:ManufacturerData></c:biggrin:ata><Signature><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></CanonicalizationMethod><SignatureMethod Algorithm="http://schemas.microsoft.com/DRM/2004/02/CERT/Rsa-sha1"></SignatureMethod><Reference><Transforms><Transform Algorithm="http://schemas.microsoft.com/DRM/2004/02/CERT/Data"></Transform><Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></Transform></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></DigestMethod><DigestValue>U5dAyOG2XT7VNLuBzelylrL8NEM=</DigestValue></Reference></SignedInfo><SignatureValue>EUyjTNzHiHvhiBLzsza4Wii8wZyv70eSWT9VsxEYsSAXl5LUH1GIT7svONlfGzOyMHchnBMd2Qc3M19IBiFQ+dFzrXobVxDiPflg4fyEkIvn/eMujcRCSU+9drYKs2QysTJ9k2GjPcmQ8wWG4lftDgc555cCQiIhkNlOTEWFcis=</SignatureValue><KeyInfo><KeyValue><RSAKeyValue><Modulus>sAMzO56CMzRDa9cif2VfezUAA6e5XkSoyzHabqkIcIYIYEP2h61ukH93js6NDIG0bcGye/TlnxOtdeuKGmO0AOYbgJ7piCe0ZVyNdMn/1DrEflvHoA8YnMfl96/PoLrEwKw7j9FZR1XvjDpUl4mClydY5jrWy8xkNkuRCYh3PJE=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue></KeyInfo></Signature></c:Certificate><c:Certificate><c:biggrin:ata xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:c="http://schemas.microsoft.com/DRM/2004/02/cert"><c:tongue:ublicKey><KeyValue><RSAKeyValue><Modulus>sAMzO56CMzRDa9cif2VfezUAA6e5XkSoyzHabqkIcIYIYEP2h61ukH93js6NDIG0bcGye/TlnxOtdeuKGmO0AOYbgJ7piCe0ZVyNdMn/1DrEflvHoA8YnMfl96/PoLrEwKw7j9FZR1XvjDpUl4mClydY5jrWy8xkNkuRCYh3PJE=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue></c:tongue:ublicKey><c:KeyUsage><c:SignCertificate>1</c:SignCertificate></c:KeyUsage><c:SecurityLevel>3000</c:SecurityLevel><c:ManufacturerData><c:ManufacturerName>Microsoft Corporation</c:ManufacturerName><c:ManufacturerURL>http://www.microsoft.com</c:ManufacturerURL></c:ManufacturerData></c:biggrin:ata><Signature><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></CanonicalizationMethod><SignatureMethod Algorithm="http://schemas.microsoft.com/DRM/2004/02/CERT/Rsa-sha1"></SignatureMethod><Reference><Transforms><Transform Algorithm="http://schemas.microsoft.com/DRM/2004/02/CERT/Data"></Transform><Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></Transform></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></DigestMethod><DigestValue>6Oa4ngWiBGCi2UmRjCzkNaiiNUY=</DigestValue></Reference></SignedInfo><SignatureValue>L8ae7IcXOLihq5n0q7T4KYcCuhRlhKU6qa5yy+4bmFS9qr7th2KIvSo6/zKrYTwnvMHuHyZK7Es3lIYCoBuVhr7sPABh7M//5WajfaKyMQpeTC28P3Htsv448o5YYTSXuIdzssY/EbBQ0PpOyf4zxvXZxIbRm8EpCpDm0DZZeIM=</SignatureValue><KeyInfo><KeyValue><RSAKeyValue><Modulus>pjoeWLSTLDonQG8She6QhkYbYott9fPZ8tHdB128ZETcghn5KHoyin7HkJEcPJ0Eg4UdSva0KDIYDjA3EXd69R3CN2Wp/QyOo0ZPYWYp3NXpJ700tKPgIplzo5wVd/69g7j+j8M66W7VNmDwaNs9mDc1p2+VVMsDhOsV/Au6E+E=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue></KeyInfo></Signature></c:Certificate></c:CertificateCollection>

What you've found is the console certificat not the Public Key :smile:
 
L

Lun4t1k

Enthusiast
Messages
229
Reaction score
16
Points
70
Sin$
0
Exactly. There's pretty much no way to get enough computing power without M$ noticing. Wouldn't you notice if a forum was suddenly taking control of all it's members' computers?
Ever hear of bitcoin? It uses your computer to perform calculations, and you're rewarded with a virtual currency, bitcoins, which can be converted to real cash. I'm sure if we got ahold of some source similar to this, we could try and make a network performing the calculations to try and calc the private key. Just an idea. Also, inb4 botnet.

What you've found is the console certificat not the Public Key :smile:
Well, that's from a decrypted keyvault.
 
B

BeyondS7s

Newbie
Messages
6
Reaction score
2
Points
45
Sin$
0
Keys are stored on TPM Chip, also TPM chips are already crackable.. just wondering why we still dont have that key....
 
K

Kushan

Newbie
Messages
2
Reaction score
0
Points
35
Sin$
0
Keys are stored on TPM Chip, also TPM chips are already crackable.. just wondering why we still dont have that key....

I realise this is bumping an old thread, but this idiot bumped it nearly a year down the line, so I felt compelled to reply to just try and knock some sense into people.

The PRIVATE keys are the ones we need and they are not stored anywhere on the console itself. Only Microsoft has them. The keys people above have mentioned are the public keys - these are only useful for signature checking, i.e. to see if a file has been signed by Microsoft's private key, it does not enable us to sign things ourselves (which is what the private key would do).

Brute-forcing is not going to happen any time soon, the very large numbers people are mentioning (checking billions of keys per second using thousands of machines) are still nothing compared to the extremely large numbers that the 2048-bit RSA key in question uses.

Here's an example. Have you heard of IPv6? You have probably read about it, it'll save the internet from running out of addresses. While IPv4 can only do about 4Billion addresses, IPv6 has enough addresses for every single person on the planet to have an address for every single molecule in their body. In fact, it has enough addresses to address every single grain of sand on the entire planet. That's a lot of addresses, yeah? Well, IPv6 uses 128 bits. Let that sink in for a second - you could count every grain of sand in the world and still have space left over in a 128-bit number. If you add just a single bit, to make it a 129bit number, it doubles the amount of possible values. 130 doubles that again and so on. All the way up to 2048. Have you realised how many possible values it is, yet? You could have a billion computers checking a million billion possibilities per second and still not find the key before the sun dies. Give it up, brute-forcing isn't going to happen with today's technology.
 
Status
Not open for further replies.
Top Bottom
Login
Register