What's new

Xbox One Modding Offline Hypothetical Theory

  • Thread starter natedawg46
  • Start date
  • Views 6,827
natedawg46

natedawg46

Enthusiast
Messages
8
Reaction score
2
Points
55
Sin$
7
So first off we all know what the inside of an Xbox One looks like by now and probably also know what the inside of Xbox One S looks like as well. We also have yet to find a similar method/way of doing a Jtag/RGH on the Xbox One but that doesn't stop us from other possible ideas.

So since we know what type of harddrive is in the xbox one, there is a possibility that we can explore that hard drive just like any other pc/laptop hard drive plugged into one of your computers. But the method I am going to present is not by taking an Xbox One hard drive and plugging it into your computer hard drive plug. It is rather by using an external cable that you plug into the xbox one hard drive in order to convert it into a USB plug that you can plug into a Computer to explore the hard drive just like exploring a Xbox 360 hard drive VIA the Transfer Cable
So here's the idea behind this method. An xbox one hard drive has regular SATA cables just like any other pc/laptop hard drive.
This here is what the Xbox One hard drive looks like>>>

url


It's just like any other standard hard drive. This particular hard drive is the Seagate/Samsung ST500LM012 Momentus Spinpoint M8 Thin 7mm Internal Hard Drive- 500GB
In order to explore this hard drive, we are going to need a certain cable to do that.
51UwI7yqgFL.jpg

So once you get your xbox one hard drive connected and powered on with this kit, we may run into some issues regarding the Self-Encryption of these hard drives.

This is where these links will come into handy.



Then in theory once you get into a hard drive, your computer should recognize it as if it was like a USB Device. Thus you could then use Exploration programs to explore the hard drive and to understand the language of an Xbox One. You could therefore see the games installed and upload DLL modded menus into the hard drive or modded gamesaves.

I'm not saying that any of this will work or if that's even possible but is an Theory/Idea that could lead to some progression.

Comment your thoughts/comments/ideas and opinions and lets get a discussion going.
 
ds7630

ds7630

Contributor
Programmer Free Hoster Experienced Veteran
Messages
2,112
Reaction score
238
Points
365
Sin$
0
Comment your thoughts/comments/ideas and opinions and lets get a discussion going.

It's unfortunately going to take a bit more than that. This is like a "USB Jtag" method (It won't be a JTAG). We have to get inside the box, hardware (modchip). It will be a form of the the Rest Glitch Hack.
 
S

Sketch

Enthusiast
Messages
531
Reaction score
278
Points
170
Sin$
7
It's unfortunately going to take a bit more than that. This is like a "USB Jtag" method (It won't be a JTAG). We have to get inside the box, hardware (modchip). It will be a form of the the Rest Glitch Hack.
Pretty sure he is just meaning being able to access the drive while console is running. Not an actual exploit of sorts.
I doubt the X1 will have anything similar to the RGH.
 
ds7630

ds7630

Contributor
Programmer Free Hoster Experienced Veteran
Messages
2,112
Reaction score
238
Points
365
Sin$
0
Pretty sure he is just meaning being able to access the drive while console is running. Not an actual exploit of sorts.
I doubt the X1 will have anything similar to the RGH.
It will be different, if and when someone does it. That's for sure.
 
natedawg46

natedawg46

Enthusiast
Messages
8
Reaction score
2
Points
55
Sin$
7
True, I was just thinking that if you used my method, you could explore the harddrive with Horizon or something else like Xbox 360 neighborhood. Something along those lines. not totally sure with xbox ones how everything works. im more an xbox 360 guy.
It's unfortunately going to take a bit more than that. This is like a "USB Jtag" method (It won't be a JTAG). We have to get inside the box, hardware (modchip). It will be a form of the the Rest Glitch Hack.
 
The xbox one is just so complicated. I mean if you follow the routes of where the nand goes to and all that **** on the motherboard, maybe someone will figure something out.
 
Twisted Impulse

Twisted Impulse

Member
Messages
2,781
Reaction score
613
Points
420
Sin$
7
Might as well connect it as a regular sata hard drive, saves buying a separate adapter & will give the same results. As for reading the files, anything important & actually useful will be stored on the nand (CPU key, keyvault as an example for the 360). The files will all have checksums too so if you change anything (mod saves, edit system files) you'd need to rehash it, which would mean you'd need access to encrypted files stored safely on the nand.

It'll be useful to copy games should we ever unlock the console to homebrew & shared games but other than that it's pretty pointless...
 
Harmonic

Harmonic

Work Hard, Dream Big
Messages
1,625
Reaction score
393
Points
330
Sin$
7
I like this theory. However as Twisted Impulse Twisted Impulse has said, most of the files that are a necessary that we need to access will be stored on the nand which we simply do not have the knowledge to acquire. Maybe someday soon, we'll get a nand reading but not anytime soon.
 
S

Sketch

Enthusiast
Messages
531
Reaction score
278
Points
170
Sin$
7
I like this theory. However as Twisted Impulse Twisted Impulse has said, most of the files that are a necessary that we need to access will be stored on the nand which we simply do not have the knowledge to acquire. Maybe someday soon, we'll get a nand reading but not anytime soon.
The 'NAND' (I prefer Flash) has already been read. It's not going to assist much at all.
 
pLTPF

pLTPF

I am NOT LeafyIsHere
Messages
2,281
Reaction score
558
Points
325
Sin$
0
Pretty sure he is just meaning being able to access the drive while console is running. Not an actual exploit of sorts.
I doubt the X1 will have anything similar to the RGH.
I feel as if it will be like PlayStation where it's all custom firmwares because of how the OS is, a heavily modified version of windows.
 
Harmonic

Harmonic

Work Hard, Dream Big
Messages
1,625
Reaction score
393
Points
330
Sin$
7
I feel as if it will be like PlayStation where it's all custom firmwares because of how the OS is, a heavily modified version of windows.
We already have a good knowledge of Windows, as everything is now done through a live account. I don't see any reason how we couldn't exploit Windows' File Manager itself and somehow gain access to the HDD, a bit like Neighborhood.
 
Twisted Impulse

Twisted Impulse

Member
Messages
2,781
Reaction score
613
Points
420
Sin$
7
Nand reading isn't a problem, actually not that difficult. Decrypting the files is the hard part as they'll be gibberish when opened & also need the right hash for the console to run them. We need the security keys to be able to do anything at all, which we'd need an exploit to achieve.

For background look at how the 360 was conpromised. (Long post)

The game King Kong had a shader which didn't have a security check attached to it, which means we were able to modify that file & the system would run it. To be able to burn a disc with the file we needed, the disc drive firmware had to be modified & flashed so we could run this burned disc. Then we were able to do whatever we wanted to the system, for example XeLL which gave us the CPU key & allowed us access to the decrypted KV, whic opened the door for other things like rehashing game saves & attaching a profile to them.

Because it relied on a software exploit, MS patched the KK exploit quickly with a system update, so we needed a hardware exploit. Enter JTAG. This relied on having a certain software version due to efuses being blown on each software update making it impossible to downgrade, & using factory repair access ports to change the way the console worked (hence couldn't go back to KK exploitable dashboard). RGH solved this problem thanks to the nature of the exploit. Basically confusing the CPU with a very specifically timed pulse to the CPU, allowing us to run whatever we wanted. Due to the hardware being the problem, it made it impossible for MS to fix in existing consoles.

This was all possible solely thanks to the KK exploit & the level of security compromise we achieved (& all the hundreds of hours put in by the hacking scene).

For anything like RGH level modification on the Xbox One we'd need a similar exploit to KK to be able to reverse engineer the software, which now updates & changes much more frequently. MS has learned their lesson this time round. We don't even have a way to run copied games on it let alone full system access. Give it time, people are working different angles but for now, don't get your hopes up too much. Any software back is easily fixed & we'd be extremely lucky to see a hardware back again.

Note - to keep this easily readable I've oversimplified a lot of the language & explanations on how some of the exploits work.

Tl;DR - don't get your hopes up any time soon.
 
natedawg46

natedawg46

Enthusiast
Messages
8
Reaction score
2
Points
55
Sin$
7
Might as well connect it as a regular sata hard drive, saves buying a separate adapter & will give the same results. As for reading the files, anything important & actually useful will be stored on the nand (CPU key, keyvault as an example for the 360). The files will all have checksums too so if you change anything (mod saves, edit system files) you'd need to rehash it, which would mean you'd need access to encrypted files stored safely on the nand.

It'll be useful to copy games should we ever unlock the console to homebrew & shared games but other than that it's pretty pointless...
Yeah your probably right. Sorry mates, lol we will just have to keep the Xbox 360 modding alive and going!
 
DeeLaRoc

DeeLaRoc

Getting There
Messages
439
Reaction score
72
Points
180
Sin$
0
XBox One uses a heavily modified version of Windows 10. It also runs games, apps and such using hypervisor (sandboxing), which would make it more difficult than previous consoles.
 
W

Whiterabbitt

Newbie
Messages
5
Reaction score
0
Points
20
Sin$
7
What about dev kit? It allosw me to connect to my box thru my wifi network..i just got set up for dev mode it allows me to run unsigned code..unfortunately i have no idea where to go from here..
 
S

Sketch

Enthusiast
Messages
531
Reaction score
278
Points
170
Sin$
7
What about dev kit? It allosw me to connect to my box thru my wifi network..i just got set up for dev mode it allows me to run unsigned code..unfortunately i have no idea where to go from here..
It's not really unsigned code. You won't get anywhere. Devkits that are SRA or UWP (UWP is kinda SRA but has it's own capabilities in the boot cert.) are useless.
 
Orginal

Orginal

Minecraft Maniac
Grizzled Veteran 10th Anniversary Contest Sponsor
Messages
1,229
Solutions
2
Reaction score
374
Points
310
Sin$
7
It's not really unsigned code. You won't get anywhere. Devkits that are SRA or UWP (UWP is kinda SRA but has it's own capabilities in the boot cert.) are useless.
There are some dev kits that are sent out to ID devs, and with the right requirements you can get one. (im hoping i meet those requirements)
 
S

Sketch

Enthusiast
Messages
531
Reaction score
278
Points
170
Sin$
7
There are some dev kits that are sent out to ID devs, and with the right requirements you can get one. (im hoping i meet those requirements)
Those kits are useless too. You want an internal kit. Unlikely anybody unless lucky would get one.
 
Orginal

Orginal

Minecraft Maniac
Grizzled Veteran 10th Anniversary Contest Sponsor
Messages
1,229
Solutions
2
Reaction score
374
Points
310
Sin$
7
Those kits are useless too. You want an internal kit. Unlikely anybody unless lucky would get one.
Were outta luck. If this never gets through we will be stuck with xbox play anywhere
mods for the cloud.
 
3

343N

Newbie
Messages
7
Reaction score
0
Points
35
Sin$
0
people tease save-game exploits, i'm sitting here twiddling my thumbs on what this exploit is, trying to figure it out myself but i'm an idiot so i doubt that'll ever happen
 
Last edited:
Top Bottom
Login
Register