Yo, check this out. After 12 years of being literally the most secure console out there, the Xbox One finally got cracked wide open at the deepest level possible. This isnt just some basic software exploit either, it’s a "God Mode" hardware attack on the Boot ROM. Basically, Microsoft is cooked because they cant even patch it with an update.
So after watching an hour of that video, this is what I have gathered
The dev, Markus Gaasedelen (doom), basically went on a "dragon hunt" to make this happen. Heres the simple breakdown of how he did it:
1. Getting a "Look" Inside
The biggest issue was that the Xbox One is a total black box—no debug ports, no error codes, and zero ways to see what the processor is doing. To fix that, he:
-Tapped the Power: He started monitoring the power draw on the North Bridge just to see the "heartbeat" of the security chip.
-Built a Side Channel: He found a tiny trace on the mobo for the eFuses (where the secret keys live). By watching tiny voltage dips while the console reads the fuses, he finally got the timing perfect.
- Bypassed the "Stalls": MS added random delays (stalls) in the boot to make glitching impossible. He found "digital anchors" like the GPIO init to reset his timing and skip the random delays.
2. The Double-Glitch Attack
The "Bliss Hack" works by hitting the console with two super precise voltage drops (glitches) at the exact right microsecond:
- Glitch #1: Breaking the Jail
The Xbox uses a "Memory Protection Unit" (MPU) to keep everything in a "user jail" so it cant touch sensitive stuff. By glitching right when it turns that protection on, he tricked it into skipping the setup entirely. Basically "collapsed the jail" and gave him full supervisor access.
- Glitch #2: Taking the Wheel
While it was busy copying the next bootloader (SP1) into memory, he hit it with the second glitch. This caused a "memcpy" error that messed up the processors instructions. Instead of running the official code, it jumped straight to a custom payload he hid in the flash memory.
3. Why this is huge
-This is the ultimate win for preservation and repair:
Full Decryption: We got "Oracle access" now. Means we can decrypt every game, firmware, and system update from the past, present, and even future.
- Unpairing Hardware: You can actually unpair a disc drive or HDD from a dead console and move it to a new one—literally impossible until now.
-Unpatchable: Its a flaw in the actual silicon of the chip, so its a permanent hardware vulnerability.
Is it a Modchip??
Not yet. The research looks like a messy spiderweb of wires, but the actual exploit only needs like 3 wires to the motherboard. Its still super technical and u need a steady hand for soldering + an oscilloscope, but it proves even the "most secure" console has its limits.
What do u guys think, is this gonna lead to some crazy homebrew soon or what??
But I believe by the end of 2026 will probably have a jailbreak
So after watching an hour of that video, this is what I have gathered
The dev, Markus Gaasedelen (doom), basically went on a "dragon hunt" to make this happen. Heres the simple breakdown of how he did it:
1. Getting a "Look" Inside
The biggest issue was that the Xbox One is a total black box—no debug ports, no error codes, and zero ways to see what the processor is doing. To fix that, he:
-Tapped the Power: He started monitoring the power draw on the North Bridge just to see the "heartbeat" of the security chip.
-Built a Side Channel: He found a tiny trace on the mobo for the eFuses (where the secret keys live). By watching tiny voltage dips while the console reads the fuses, he finally got the timing perfect.
- Bypassed the "Stalls": MS added random delays (stalls) in the boot to make glitching impossible. He found "digital anchors" like the GPIO init to reset his timing and skip the random delays.
2. The Double-Glitch Attack
The "Bliss Hack" works by hitting the console with two super precise voltage drops (glitches) at the exact right microsecond:
- Glitch #1: Breaking the Jail
The Xbox uses a "Memory Protection Unit" (MPU) to keep everything in a "user jail" so it cant touch sensitive stuff. By glitching right when it turns that protection on, he tricked it into skipping the setup entirely. Basically "collapsed the jail" and gave him full supervisor access.
- Glitch #2: Taking the Wheel
While it was busy copying the next bootloader (SP1) into memory, he hit it with the second glitch. This caused a "memcpy" error that messed up the processors instructions. Instead of running the official code, it jumped straight to a custom payload he hid in the flash memory.
3. Why this is huge
-This is the ultimate win for preservation and repair:
Full Decryption: We got "Oracle access" now. Means we can decrypt every game, firmware, and system update from the past, present, and even future.
- Unpairing Hardware: You can actually unpair a disc drive or HDD from a dead console and move it to a new one—literally impossible until now.
-Unpatchable: Its a flaw in the actual silicon of the chip, so its a permanent hardware vulnerability.
Is it a Modchip??
Not yet. The research looks like a messy spiderweb of wires, but the actual exploit only needs like 3 wires to the motherboard. Its still super technical and u need a steady hand for soldering + an oscilloscope, but it proves even the "most secure" console has its limits.
What do u guys think, is this gonna lead to some crazy homebrew soon or what??
But I believe by the end of 2026 will probably have a jailbreak
