Hacking Any Softmod For The Xbox 360 Yet

[jamespoo]

back about 2012-2014 or so and off and on since then i used to keep up with the xbox hacking scene and wanted to know if there was any softmod yet

just recently i saw there was a softmod for the ps3 now so i was hoping the xbox 360 also had a soft mod

 

[EmulateLife]

Nope, probably never gonna happen.

 

[godreborn]

just flash your dvd drive, very easy. jungleflasher may look daunting, since last I checked, it was around 160-170 pages long, but you only need the part about your make/model drive.

 

[EmulateLife]

Or find someone to rgh it if you don't feel comfortable doing it yourself. I know playing games off hard drives is my jam though v.s. burning discs. I used to be all about burning discs but they just end up eventually going bad usually and I love just being able to sit back on my couch without having to get up and switch games (yes I'm lazy).

 

[morvoran]

Nope, probably never gonna happen.

People said the same thing about the DSi but look what's going on with that scene now. Same thing happened with the original Xbox. I wouldn't hold my breath waiting for a soft mod in the 360, but I feel it will happen one day.

 

[EmulateLife]

People said the same thing about the DSi but look what's going on with that scene now. Same thing happened with the original Xbox. I wouldn't hold my breath waiting for a soft mod in the 360, but I feel it will happen one day.

Well you can point to a Nintendo system in which every Nintendo system gets a softmod I'll point to another Xbox system since we're talking about Xbox the Xbox One it still can't even play backups. I believe Microsoft's security is the best and I don't believe there's going to be a softmod. Maybe it will happen one day maybe not but instead of hoping why not just get it rgh'd and enjoy it instead of just waiting maybe forever?

 

[DinohScene]

There's no softmod for the 360.
If there was, the hacking guide would've told you.

Only thing close to a softmod we have now is flashing the DVD drive.

 

[DSUPERY92]

People said the same thing about the DSi but look what's going on with that scene now. Same thing happened with the original Xbox. I wouldn't hold my breath waiting for a soft mod in the 360, but I feel it will happen one day.

Sorry for the necroposting, the DSi was hacked now because before it was thought that the only change was only an R4, now everyone is understanding that this is not the case, Nintendo in terms of security is not as good as Xbox, see Nintendo switch and 3ds, those were hacked after a few years, because already from 3ds they realized that modifying the NAND is perhaps useful. The Xbox has never existed a free and REALLY softmod way in order to have the modification. (Useless you do, the LT 3.0 is not software, always touches the hardware.)
On Xbox one you have to pay to have the dev mode.
Obviously we hope a softmod for the 360 comes out, it's difficult if not impossible.

 

[godreborn]

the 360's exploit relies on the hypervisor from kernel 4xxx. it allowed unsigned code. the 360 also relies on efuses (Just like the switch) to prevent downgrading.

 

[Deleted member 668561]

Due to how the hardware is designed on the 360 and the security structure, NO not possible, the only SOFTMOD was the King Kong or really the 4532 syscall exploit which required you'd to still have a flashed dvd drive, that was patched in 4552, they patched king Kong, but not the syscall exploit, jtag was the the replacement (which is kinda both a soft and hard mod again due to how the hardware works) since the syscall exploit essentially is in the second stage bootloader (2bl) this was not updated from 4532 to 7371, your dashboard version (CF lockdown) are signed using the cpu key which is why you could downgrade between these dashes, once dash 2.8955.xx came out they updated the 2bl which also has its own lock down counter, but this value is not signed using your cpu key, it uses Microsofts private key, and if we knew this key then jtag and rgh would be going around your ass to get to your elbow, so once they update the bootloader you cannot downgrade it, as this is the lowest version you would be able to downgrade to. This is how rgh works, rgh is the exploit that does exactly what we want, it allows youto bypass your lock down values, rgh still runs a modified 8955 dashboard that boots using the 4532 kernel iirc to use the syscall exploit. The 360 is specifically designed against softmodding from the cpu die up.

Tldr all 360 exploits rely on booting in some form of 4532 based kernel to run usigned code, the only reason homebrew existed is because of a extremely subtle flaw in programming that was introduced in this kernel and never again since appeared, rgh is the exploit that is the "downgrade" everyone hoped for, it still uses the 4532 syscall exploit by allowing you to bypass your lockdown values.

Really the softmod for the 360 would be the leaking of the private signing key like ps3

 

[Moddetboy221]

I wonder if the Windows Media Center MCEBrowser can lead to a potential exploit since it has Scripting

 

[Deleted member 668561]

I wonder if the Windows Media Center MCEBrowser can lead to a potential exploit since it has Scripting

No

 

[Dontwait00]

I triggered an unknown sc from internet explorer (from x360). He did relaunch the dashboard.

 

[lisreal2401]

I triggered an unknown sc from internet explorer (from x360). He did relaunch the dashboard.

Explain some more?

I messed around with the IE9 client to see if you could trigger it to jump to (signed) code, but didn't get very far.

I'm not attempting to hack anything, just toying with the amount of access it has to storage, execution etc.

 

[Dontwait00]

Explain some more?

I messed around with the IE9 client to see if you could trigger it to jump to (signed) code, but didn't get very far.

I'm not attempting to hack anything, just toying with the amount of access it has to storage, execution etc.

Few years ago, which i did lots of research, and which i was already hesitated, i was playing with some old vunlerabilities. One day, i tested an (really) old JavaScript escalation, and played a bit. Till i triggered an invalid value, and which the kernel panic.

Nothing too funcy. If you want to know more, PM me.

 

[Moddetboy221]

JavaScript was removed and the dll are xex plugins I looked at the files using velocity we should be working on getting the browser and other apps to work without Xbox Live so we can use older versions of apps without Live but you should first test on a RGH

 

[Dontwait00]

JavaScript was removed and the dll are xex plugins I looked at the files using velocity we should be working on getting the browser and other apps to work without Xbox Live so we can use older versions of apps without Live but you should first test on a RGH

If that would work, that Will help a lot. Userland code exec
At least homebrew will exist if possible

 

[lisreal2401]

JavaScript was removed and the dll are xex plugins I looked at the files using velocity we should be working on getting the browser and other apps to work without Xbox Live so we can use older versions of apps without Live but you should first test on a RGH

The problem here is the app doesn't work without Xbox Live sign in - so, stealth servers etc. and Live required xex flags are a thing so I have no idea how you'd get past that on retail.

The only app I'm positive you can actually get anything over a non local connection is Windows Media Center without being online - and it's simply minor video streaming, at that.

 

[Dontwait00]

The only app I'm positive you can actually get anything over a non local connection is Windows Media Center without being online - and it's simply minor video streaming, at that.

Are any CVE already existing use the same crafts? Something like this?

 

[jamespoo]

well that sucks that there will never be a softmod for the xbox 360

my friend did tell me the other that you can flash the disc drive then using a special burnt disc you could run games you installed to the hdd without needing the original disc

but im not sure if that is true