Discussion Quick question on the HV.

Status
Not open for further replies.
Messages
3
Reaction score
0
So to start this off this is my first post on this site but i am definitely not new to modding.
Before i was on TTG and realized that only few ppl actually have 2 cents in there brain lol.
Now lets get down to buisness,
I have successfully dumped the HV, Thanks to Dwack :smile:, and now working on reversing the checks...
Now simple question, how do i replace the old HV with the reversed one?
I am not really too sure on this, well the only way that comes to mind is replace the HV in the kernel and reflash with new kernel, but it seems that everyone else does it with an xex or dashlaunch plug-in, which is my weekness and im definitely gonna do alotta research.
But if someone could help me out thatd be great, feel free to PM me if you want.
Hope i get a good welcome to S7. :smile:
 

GModz Tuts

Se7ensins Un-Official Lobby Verifier
Messages
3,064
Reaction score
724
*7s

But on topic, i personally dont know, possibly fibd a way to inject jt.

Welcome to the light side.
 

etownlax

Getting There
Messages
1,643
Reaction score
192
If you know where the HV is loaded into memory, you can simply change it in memory. You could run an XEX which does it on boot (dashlaunch plug-in). You could even change it by poking from your computer.
 

Altruism

Selena Gomez <3
Messages
4,583
Reaction score
1,506
If you know where the HV is loaded into memory, you can simply change it in memory. You could run an XEX which does it on boot (dashlaunch plug-in). You could even change it by poking from your computer.
Isn't it encrypted though?

So to start this off this is my first post on this site but i am definitely not new to modding.
Before i was on TTG and realized that only few ppl actually have 2 cents in there brain lol.
Now lets get down to buisness,
I have successfully dumped the HV, Thanks to Dwack :smile:, and now working on reversing the checks...
Now simple question, how do i replace the old HV with the reversed one?
I am not really too sure on this, well the only way that comes to mind is replace the HV in the kernel and reflash with new kernel, but it seems that everyone else does it with an xex or dashlaunch plug-in, which is my weekness and im definitely gonna do alotta research.
But if someone could help me out thatd be great, feel free to PM me if you want.
Hope i get a good welcome to S7. :smile:
Welcome to se7ensins my good sir. I'm IP Banned from TTGay so that part didn't appeal to me until you implied that everyone there is stupid. Which isn't 100% true, but it's almost there lol. Anyways, just get a retail HV extracted from the kernel and poke it into place.
 

Altruism

Selena Gomez <3
Messages
4,583
Reaction score
1,506
In all honesty, I don't know, but I think you're right. Either way, if he knows how to use the dump of data, he should know how to get it back to the encrypted state. I would assume anyhow.
Alrighty, thanks.
 

haloreach

Enthusiast
Messages
287
Reaction score
10
This site isn't any better as shown by the comments. You will not find any useful help here.
 

Fuse

dem hacks yo
Messages
564
Reaction score
191
The HV within the nand image (updated base kernel) is retail, but gets patched up during the boot process. So forget about replacing it within the nand etc. As for dashlaunch plugin, closer. At least you have the right idea about reversing the checks, gives you pretty much all the info you need.
 

Dwack

Now employed at Dominoes!
Messages
4,551
Reaction score
2,942
Or just use an xex to load it into memory o_O

Hint Hint ... you don't actually HAVE to replace the HV. You just need someway of running the checks over a retail HV.

Besides, replacing the HV in memory with a stock HV would defeat the point of XeBuild.
Also the NAND idea wouldn't work too well either.
 

ddxcb

Contributor
Messages
1,647
Reaction score
311
Or just use an xex to load it into memory o_O

Hint Hint ... you don't actually HAVE to replace the HV. You just need someway of running the checks over a retail HV.

Besides, replacing the HV in memory with a stock HV would defeat the point of XeBuild.
Also the NAND idea wouldn't work too well either.
Brain storming here, add non modded retail HV somewhere in the 360 memory. Move checks to the new hv location to memory, does its thing, profit?
 

Fuse

dem hacks yo
Messages
564
Reaction score
191
Brain storming here, add non modded retail HV somewhere in the 360 memory. Move checks to the new hv location to memory, does its thing, profit?
Very close. Think more about HOW you're going to get the live 'retail' HV.
 

Dwack

Now employed at Dominoes!
Messages
4,551
Reaction score
2,942
Very close. Think more about HOW you're going to get the live 'retail' HV.
Coming from someone who is not any closer.... stop re-posting what I tell you, acting like you know.

o.O

Furthermore ... you don't "get" a live retail HV. It's not like you can turn on your retail and wave a magic wand and it dumps the HV for you.
 

Fuse

dem hacks yo
Messages
564
Reaction score
191
Coming from someone who is not any closer.... stop re-posting what I tell you, acting like you know.

o_O

Furthermore ... you don't "get" a live retail HV. It's not like you can turn on your retail and wave a magic wand and it dumps the HV for you.
I knew it was to do with loading a hv into memory before you said anything to me anyway. As for creating the live retail HV, all I said was think about how you can achieve that.
 

Fire30

Seasoned Member
Messages
7,255
Reaction score
2,370
Am I missing something, or could you not just dump the nand from a retail console(that you know cpu key), and then just extract the kernel, and take the first 256kb, and that is the hv? I'm pretty sure I'm missing something lol.
 

ddxcb

Contributor
Messages
1,647
Reaction score
311
Am I missing something, or could you not just dump the nand from a retail console(that you know cpu key), and then just extract the kernel, and take the first 256kb, and that is the hv? I'm pretty sure I'm missing something lol.
Or take the 1888 kernel, patch it with the xboxupd.bin of what kernel you want, then there is the HV and the kernel in one file :wink:
 

Codster333

Enthusiast
Messages
140
Reaction score
65
Or take the 1888 kernel, patch it with the xboxupd.bin of what kernel you want, then there is the HV and the kernel in one file :wink:
Any one feel free to correct me if I'm wrong but i was under the impression the HV including the data sent to ms about your console was dynamic, unique and generated upon boot up of the console each time. Which is why reversing all the checks so it generates a retail HV, unlike the ****ed up one created from freeboot was important. Just information I believe I've seen before
 

ddxcb

Contributor
Messages
1,647
Reaction score
311
Any one feel free to correct me if I'm wrong but i was under the impression the HV including the data sent to ms about your console was dynamic, unique and generated upon boot up of the console each time. Which is why reversing all the checks so it generates a retail HV, unlike the ****ed up one created from freeboot was important. Just information I believe I've seen before
But you dont need to send data of the current use of the modded HV, like what people said, defeat the purpose of it.

Hence grab the retail kernel of the what dashboard and then put it into memory, moddify the location the checks to that clean retail hv instead of the one the xbox is using as it's modded.

then the challenge is using a clean retail and then pass the system as not being modded.
 

etownlax

Getting There
Messages
1,643
Reaction score
192
But you dont need to send data of the current use of the modded HV, like what people said, defeat the purpose of it.

Hence grab the retail kernel of the what dashboard and then put it into memory, moddify the location the checks to that clean retail hv instead of the one the xbox is using as it's modded.

then the challenge is using a clean retail and then pass the system as not being modded.
Wow. It just sounds so simple.haha. I just read free60's write up on the SMC hack. Now that it makes a little bit of sense, I'm simply amazed.
 
Status
Not open for further replies.
Top Bottom