So ever since the days of the KK hack, the 1BL code has been known and used, and is an important part of what the scene knows about the booting of the XBOX. I have been doing some reading lately and pretty much stumbled onto this question; where did tmbinc get this information from? The 1BL is, and quoting from FREE60.org "Stored in CPU rom, decrypts and starts CB bootloader". a better explaination was given again on FREE60.org "Buried deep inside the CPU die, this ~32kb of ROM code is responsible for reading the 2BL from NAND-flash and decrypts it into the embedded SRAM in the CPU" How the crap did he manage to get this code? Dump something from the CPU? use assembly to read back and go through until he found something that might be useful? I have tried to read as best i can about this, but havnt really been able to get any information whatsoever. Its as if he pulled it out of no where. Does anyone know what sort of process was used or what this sort of thing would have you be doing? tmbinc seems like a genius. (and in all cases probably is) Anyone clear even a part of this up for me? Thanks all.