It's been a while since Microsoft released the Xbox One, and despite its age, there haven't been any reliable softmod methods to hack the console. Until now. A post started making the rounds, saying that a method for executing kernel level code on the Xbox One had been found. A list of instructions for preparing Xbox One systems to be hacked was also provided, with the process being as follows:

1. Ensure your Xbox Live account Login-Type is configured as “No barriers” aka. auto-login with no password prompt
2. Set your console as “Home Console” for this account
3. Download the App Game Script
4. Start the app (to ensure license is downloaded/cached)
5. Take your console offline! To make extra sure it cannot reach the internet, set a manual primary DNS address of 127.0.0.1
6. Get a device/microcontroller that can simulate a Keyboard (rubber ducky or similar) - otherwise you have to type a lot manually

This method appears to use a UWP app called Game Script on the Xbox One to execute the code, and was discovered by a user named carrot_c4k3. It seems as though the hack will require a lot of manual typing, unless you have a device that can simulate a keyboard, according to the preparation instructions. Reportedly, the latest firmware update for the Xbox One has already patched the exploit out, with the last exploitable firmware being 10.0.25398.4478.

Source
Video guide on how to prepare your system
Proof of concept code

 

[TheNintendoEnthusiast]

I haven't connected my X1 in a couple years. Another fun project that I can do

 

[Blakejansen]

carrot_c4k3 said its better to stay on 4478, also If the poc prints 1337 it doesnt mean it is exploitable



She also made progress, release is expected early July.



Maybe you can Install Gamescript with this method?


http://gbatemp.net/threads/scarlet-...ool-for-pushing-your-apps-to-xbox-one.584185/

Unfortunately I did have to update to latest FW to set up dev mode. Are there any alternative methods to getting the asp cookie? It appears that the PartnerToken extension is out of date.

 

[BossGamerDK]

Genuine question, is there a need to hack an Xbox One? I thought Dev Mode was essentially an official way to run unauthorized code? I don't have experience with it so I guess I would not know how limited or not limited Dev Mode really is

 

[Deleted member 681324]

I haven't connected my X1 in a couple years. Another fun project that I can do

Too late, you'll have to wait another couple of years before homebrew gets developed to grant r/w access on newer firmwares. Besides, the apps aren't in the store, and hack is only being developed on OS version 4478.

Unfortunately I did have to update to latest FW to set up dev mode. Are there any alternative methods to getting the asp cookie? It appears that the PartnerToken extension is out of date.

Same reply as above

Genuine question, is there a need to hack an Xbox One? I thought Dev Mode was essentially an official way to run unauthorized code? I don't have experience with it so I guess I would not know how limited or not limited Dev Mode really is

A dev mode in retail mode I read grants full power along with r/w access within system OS (dev mode) sandbox... may lead to brake out but still full power dev mode, the more power hungry homebrew can be implemented. This is just the beginning of the r/w kernel access for X1/S/X. Can't say where it'll end up or how far it'll get developed.

 

[TheNintendoEnthusiast]

Too late, you'll have to wait another couple of years before homebrew gets developed to grant r/w access on newer firmwares. Besides, the apps aren't in the store, and hack is only being developed on OS version 4478.


Same reply as above


A dev mode in retail mode I read grants full power along with r/w access within system OS (dev mode) sandbox... may lead to brake out but still full power dev mode, the more power hungry homebrew can be implemented. This is just the beginning of the r/w kernel access for X1/S/X. Can't say where it'll end up or how far it'll get developed.

I saw the video a few hours after posting!

Ehh what’s another few years in storage

 

[Blakejansen]

Too late, you'll have to wait another couple of years before homebrew gets developed to grant r/w access on newer firmwares. Besides, the apps aren't in the store, and hack is only being developed on OS version 4478.


Same reply as above


A dev mode in retail mode I read grants full power along with r/w access within system OS (dev mode) sandbox... may lead to brake out but still full power dev mode, the more power hungry homebrew can be implemented. This is just the beginning of the r/w kernel access for X1/S/X. Can't say where it'll end up or how far it'll get developed.

There's a guy on here that managed to install it long after the game script app was removed. He appears to have gone MIA.

 

[almmiron]

Genuine question, is there a need to hack an Xbox One? I thought Dev Mode was essentially an official way to run unauthorized code? I don't have experience with it so I guess I would not know how limited or not limited Dev Mode really is

don't ask the forbidden question, cause we cannot give you the forbidden answer.

 

[NotStupidAhaAha]

just saying you can dump games decrypted because of durango dumplings but not play them, now we can archive halo 5

 

[Rya687]

just saying you can dump games decrypted because of durango dumplings but not play them, now we can archive halo 5

Not quite yet. To my knowledge, this will become possible once Game Script's kernel mode exploit is finished. It seems the people behind the Durango Dumplings exploit used a different method to modify Vermintide 2's save files, but we know nothing about it. Just that this upcoming exploit will also allow pulling it off.

 

[NotStupidAhaAha]

Not quite yet. To my knowledge, this will become possible once Game Script's kernel mode exploit is finished. It seems the people behind the Durango Dumplings exploit used a different method to modify Vermintide 2's save files, but we know nothing about it. Just that this upcoming exploit will also allow pulling it off.

well it isn’t finished till next month so nothing is possible, the game script thing is just user mode and nothing is possible till release. carrot c4k3 or emma has confirmed yeah it’s possible. all we need is just load the xvc into temporary xvd space. by now i meant when it gets released

 

[Blakejansen]

If you can run game script in dev mode can you still install the files necessary to exploit in retail mode?

 

[stardaddler]

Good news: looks like 4909 is also exploitable. There is a new poc, If your xbox hard reboots it means the exploit will work on your console.

New poc

Source:

 

[Blakejansen]

Good news: looks like 4909 is also exploitable. There is a new poc, If your xbox hard reboots it means the exploit will work on your console.

New poc

Source:

So if someone can push the app to the store we could be back in business? I have game script in dev mode but I don't know if that will be able to edit the exploit files for the game.

 

[Deleted member 681324]

So if someone can push the app to the store we could be back in business? I have game script in dev mode but I don't know if that will be able to edit the exploit files for the game.

console is going to update nag before you even touch the store, if you don't have the UWP you're currently outta luck.

 

[FFTW]

Good news: looks like 4909 is also exploitable. There is a new poc, If your xbox hard reboots it means the exploit will work on your console.

New poc

Source:

Has someone tested it and confirmed it? And is 4909 the current one?
If both of the above are true, can I update my system to the current one to download a couple of games I got with no issue?

 

[NotStupidAhaAha]

If you can run game script in dev mode can you still install the files necessary to exploit in retail mode?

no because you need Vernentide 2 to do the exploit retail games can’t be installed in dev mode

 

[Blakejansen]

console is going to update nag before you even touch the store, if you don't have the UWP you're currently outta luck.

I still didn't get a proper explanation on how the gentleman from France managed to install game script 4 days after it was pulled from the store. Im sure quite a few people in this forum know how to push the UWP to the xbox without issue.

 

[NotStupidAhaAha]

I still didn't get a proper explanation on how the gentleman from France managed to install game script 4 days after it was pulled from the store. Im sure quite a few people in this forum know how to push the UWP to the xbox without issue.

Must have been a malicious store app. Can you send me a video?

 

[makinator66]

I still didn't get a proper explanation on how the gentleman from France managed to install game script 4 days after it was pulled from the store. Im sure quite a few people in this forum know how to push the UWP to the xbox without issue.

The application was published by a person with a developer account who whitelists people who can download it

 

[Blakejansen]

The application was published by a person with a developer account who whitelists people who can download it

How can I get ahold of this person so that I can download it?

Post automatically merged: Jul 1, 2024

Must have been a malicious store app. Can you send me a video?

I cannot.Hopefully someone can help me download game script myself since I have been trying for 2 weeks with no guide on how to push the upload. I even spent the money on a developer account and even on this thread I was told I was too late.