Mattie4321
Enthusiast
Sorry but not all of the youtube videos could be embedded, this is because Se7enSins will not allow many vids to be posted in the same post. As a result of this some of the videos must be watched on YouTube The links are very visible where this is nesecary.
Thanks for Understanding
Requirements!
Hardware
* Depends on your PC, get them to be safe
** Optional
Software
Also your computer MUST have an LPT PORT this can either be Built In or via a PCI Extension Card. (NOTE: I used a PCI Extension card for my tutorial)
- Switching diodes ---------- UK | USA - Quantity 3
- Ethernet cable ------------- UK | USA - Quantity 50cm (max)
- 100 ohm resistors -------- UK | USA - Quantity 5*
- LPT Connector ------------- UK | USA - Quantity 1
- LPT Case -------------------- UK | USA - Quantity 1**
- Soldier ---------------------------- UK | USA - Quantity 1
- soldiering iron ------------------ UK | USA - Quantity 1
- Torx 8 Size Screwdriver ---- UK | USA - Quantity 1
- Torx 10 Size Screwdriver -- UK | USA - Quantity 1
- Pliers Small --------------------- UK | USA - Quantity 1
* Depends on your PC, get them to be safe
** Optional
Software
- Nandpro Folder --------- Download
- Total Commander -------- Download
- Degraded 1.1 ------------ Download
- Freeboot Maker v4 ---- Download
- Auto Xbins --------------- Download
- USB Explorer ---------- Download
Also your computer MUST have an LPT PORT this can either be Built In or via a PCI Extension Card. (NOTE: I used a PCI Extension card for my tutorial)
Step | One!
Will Add Video 1 When Uploaded to YouTube!!
Check Dashboard Version
Okay so now that you understand the concept and assuming that you have a dashboard that is exploitable, that is to say anything which is 2.0.7371.0 or lower.
If you have...
- Been on XBOX Live
- Updated in any way
- Have the new NEX dashboard
- Do not see the old 'BLADE' dashboard
The number you want is 2.0.7371.0 or lower
Even if you have 7371 you still cannot be sure that the XBox is exploitable, you will have to check the CB Version after you have read the nand. (Step ???)
Find Your Motherboard Revision
In order to find out what your mother board is use this diagram as a guide...
Step | Two!
Sorry but due to Se7enSins limiting the number of Media Files I can iinput to the thread the video must be watched on youtube.
Open The XBox
For this you will need...
- Torx 8 Screwdriver
- Torx 10 Screwdriver
- Small Screwdriver / Paperclip
- Xbox Opening Tool (Optional)
Very simple step, just follow the video tutorial and you'll be fine. Its best to use quite a bit of force to open the XBox, they are tough so don't be afraid of breaking them.
Step | Three!
Installing Jtag Points
You Will Need...
- 3 Strands of Short Wire
- Pliers
- Soldering Iron
- Solder
- 2x Switching Diodes
Xenon Jtag Points
Zephyr, Falcon, Opus, Jasper Jtag Points
Step | Four!
Installing LPT Wire/Cable
You Will Need...
- Spliced Ethernet Cable
- Pliers
- Soldering Iron
- Solder
- 5x Resistors
- 1x Switching Diode
The Points on this are the same no matter which motherboard you have!!
Here is another Picture to help understand...
LPT Connections are the same for every single board. There is not difference. This picture names those motherboards because of the JTAG points that are in the picture. Disregard that. LPT connections are the same for ALL boards!
Step | Five!
Ok so now that you have the LPT cable soldered to the motherboard and have your cable connected to your PC. It is time to start dumping the NAND. In order to dump the NAND you will need to download some things...
Download...
For LPT Pci Card Users
Enter the Device Manager (Control Panel> Device Manager)
Right-click on your PCI card and make properties Right-click on your PCI card and Let properties
Then go to the resources tab Then go to the Resources tab
The ports to be tested are those marked in red on the screenshot below: The ports are giving further to Be Tested That are Marked in red on the screenshot below:
Here you have your ports to test that you return NandPro IO Patcher (ports 1 and 2) Here You Have to test your ports That You Will Return to NandPro IO Patcher (ports 1 and 2)
Warning! Warning! Never leave blank spaces in the port! Never leave blank spaces in the port! Do not put anything! Do not put Anything! Leave as is, if you do not use port 3! Leave as is, if you do not use port 3!
Right-click on your PCI card and make properties Right-click on your PCI card and Let properties
Then go to the resources tab Then go to the Resources tab
The ports to be tested are those marked in red on the screenshot below: The ports are giving further to Be Tested That are Marked in red on the screenshot below:
Here you have your ports to test that you return NandPro IO Patcher (ports 1 and 2) Here You Have to test your ports That You Will Return to NandPro IO Patcher (ports 1 and 2)
Warning! Warning! Never leave blank spaces in the port! Never leave blank spaces in the port! Do not put anything! Do not put Anything! Leave as is, if you do not use port 3! Leave as is, if you do not use port 3!
Plug the power cable into the back of the 360 and into the wall so it has its power source. But do not turn on the 360 as it is not required. All you need to do is plug in the power cable and continue.
Dumping the Nand
- Click Start
- Select run
- Type CMD
- Type
Code:
cd Desktop
- Type
Code:
cd nandpro20d
For Xenon, Zephyr, Falcon, Opus and 16MB Jasper's(No internal memory)
Code:
nandpro.exe lpt: -r16 nand1.bin
For Jasper's with 256MB Internal memory.
Code:
nandpro.exe lpt: -r256 nand1.bin
For Jasper's with 512MB Internal memory.
Code:
nandpro.exe lpt: -r512 nand1.bin
6. Click enter and it should start. If it says testing 4 times and fails you need to check your soldering.
7. If done right it will start to read the NAND. It should read to block 3FF.
8. Repeat step 4. You want to have at least 2 dump to compare to each other and make sure they are identical.
*Note that it is possible that your NAND has bad blocks in it. Error(25x) and you keep getting this each time you dump the NAND don't worry. It is safe to continue because that is just how your NAND image is.
Comparing the Nand's
Download...
If it says file are identical you are set to continue. If it does not say that. I suggest you go back and dump 1 or 2 more times.
If your two dumps are identical. Congratulations. You have successfully dumped your Xbox 360 NAND. Now you can continue.
- Open Total Commander.
- Click File
- Compare by Content
- A new window will open. Open on nand dump for file one and open the second dump for file 2.
- Then click Compare.
If it says file are identical you are set to continue. If it does not say that. I suggest you go back and dump 1 or 2 more times.
If your two dumps are identical. Congratulations. You have successfully dumped your Xbox 360 NAND. Now you can continue.
Checking the CB Version
This is a very important step for 360's with the 7371 kernel. Some of these 360's have been patched already to stop the JTAG hack. This is the way to make 100% sure whether or not your 360 is still vulnerable.
Download...
Open your NAND image in Degraded1.1
Your CB version will be displayed.
Exploitable CB versions:
1888, 1902, 1903, 1920,1921: exploitable xenon
4558: exploitable Zephyr
5761, 5766, 5770: exploitable falcon
6712, 6723: exploitable jasper
Non-Exploitable CB Versions (CD = 8453 for all of them)
Xenon: 1922, 1923, 1940
Zephyr: 4571, 4572, 4578, 4579
Falcon/Opus: 5771
Jasper: 6750
NAND wont open in Degraded? Here is how to fix that.
For Big Block consoles. Degraded will not open your image.
Download...
Open your NAND image in Degraded1.1
Your CB version will be displayed.
Exploitable CB versions:
1888, 1902, 1903, 1920,1921: exploitable xenon
4558: exploitable Zephyr
5761, 5766, 5770: exploitable falcon
6712, 6723: exploitable jasper
Non-Exploitable CB Versions (CD = 8453 for all of them)
Xenon: 1922, 1923, 1940
Zephyr: 4571, 4572, 4578, 4579
Falcon/Opus: 5771
Jasper: 6750
NAND wont open in Degraded? Here is how to fix that.
- Make a copy of your NAND backup
- Open that copy in a hex editor
- At offset 0x0012 you will see 2004 - 2007 Microsoft Corporation
- Change that to 2004 - 2005 Microsoft Corporation
- Now you image will open in Degraded.
For Big Block consoles. Degraded will not open your image.
Writing Xell
Xell is used to grab your CPU Key for your console. Install Xell is easy and takes little to no time.
First you will need to download it from Xbins. Again here is the directory.
Download the image for your motherboard revision. Extract and place it in the nandpro folder. Make it easy on yourself and rename the Xell file to Xell
With your LPT cable and everything still set up. You will be using nandpro again. So here we go again.
Click start
Don't worry about the file size. It is meant to only write to the beginning of your NAND flash. Click enter and it should starting writing. Once it is done writing. Unplug the lpt cable from the PC and turn on the 360. It should boot into a blue screen. If it does then you did it right.
First you will need to download it from Xbins. Again here is the directory.
Code:
/XBOX 360/development/free60/images/
Download the image for your motherboard revision. Extract and place it in the nandpro folder. Make it easy on yourself and rename the Xell file to Xell
With your LPT cable and everything still set up. You will be using nandpro again. So here we go again.
Click start
- Click run
- Type CMD
- Type
Code:
cd desktop
- Type
Code:
cd nandpro20d
- Type
Code:
nandpro.exe lpt: -w16 Xell.bin
Don't worry about the file size. It is meant to only write to the beginning of your NAND flash. Click enter and it should starting writing. Once it is done writing. Unplug the lpt cable from the PC and turn on the 360. It should boot into a blue screen. If it does then you did it right.
Step | Six!
Getting YOur CPU Key
So you get set 4 and set five from the picture you took...
Set 4: AF39DF25B0CD3878
Set 5: 36C083CF14E6E4D6
So my CPU key is: AF39DF25B0CD387836C083CF14E6E4D6
Note that down and save it! you will need it in the future! Now its safe to turn off your xbox once you get your key. Now we have everything we need to build our Freeboot 0.032 image... lets move on
Set 4: AF39DF25B0CD3878
Set 5: 36C083CF14E6E4D6
So my CPU key is: AF39DF25B0CD387836C083CF14E6E4D6
Note that down and save it! you will need it in the future! Now its safe to turn off your xbox once you get your key. Now we have everything we need to build our Freeboot 0.032 image... lets move on
Making your Freeboot Image
You Will Need...
- Your CPU key
- Your original nand dump
- Freeboot Toolbox
- Start the program and past in your CPU Key
- Click on Generate Freeboot
- Find your nand file
- Click Yes
- Your freeboot Image is back on your desktop!
Writing your Freeboot Image
To write the Freeboot image back to yout Jtag
In the Open CMD Window Type...
For Xenon, Zephyr, Flacon, Opus and 16mb Jasper's(No internal memory)
For Jasper's with 256mb Internal memory.
For Jasper's with 512mb Internal memory.
In the Open CMD Window Type...
For Xenon, Zephyr, Flacon, Opus and 16mb Jasper's(No internal memory)
Code:
nandpro.exe lpt: -w16 freeboot.bin
For Jasper's with 256mb Internal memory.
Code:
nandpro.exe lpt: -w256 freeboot.bin
For Jasper's with 512mb Internal memory.
Code:
nandpro.exe lpt: -w512 freeboot.bin
Step | Seven!
Sorry but due to Se7enSins limiting the number of Media Files I can iinput to the thread the video must be watched on youtube.
Open The XBox
For this you will need...
- Torx 8 Screwdriver
- Torx 10 Screwdriver
- Small Screwdriver / Paperclip
- Xbox Opening Tool (Optional)
Very simple step, just follow the video tutorial and you'll be fine. Its best to use quite a bit of force to open the XBox, they are tough so dont be affraid of breaking them.
Step | Eight!
Sorry but due to Se7enSins limiting the number of Media Files I can iinput to the thread the video must be watched on youtube.
Installing Modern Warfare 2
Download...
Auto Xbins
MW2 Files
USB Explorer
Credits!
All the people and tuts that helped me!
Okay so i made videos, but to make this tut wouldnt be possible without these people...
L14M333
EclipseModz
supremecippy
Nandpro Io Patcher
Install XBR Reboot
Fully Jtag an Xbox 360 ConsoleHow to Jtag HAck/nand Dump/Xell
Okay so i made videos, but to make this tut wouldnt be possible without these people...
L14M333
EclipseModz
supremecippy
Nandpro Io Patcher
Install XBR Reboot
Fully Jtag an Xbox 360 ConsoleHow to Jtag HAck/nand Dump/Xell
More Videos being made and more to be added over time!
Thanks For Using My Tut