Gaming FreeBOOT


Well-Known Member
Oct 8, 2007
i've just stumbled across something called FreeBOOT, which looks like an early softmod for the 360 or have i got my wires crossed?

nfo below

QUOTE said:
__ ____ ___ ___ _____

/ _|_ __ ___ ___| __ ) / _ \ / _ \_ _|

| |_| '__/ _ \/ _ \ _ \| | | | | | || |

| _| | | __/ __/ |_) | |_| | |_| || |

|_| |_| \___|\___|____/ \___/ \___/ |_|

[v0.01 - coded by ikari]

I. Introduction


Finally, here it is - freeBOOT, a rebooter for the Microsoft Xbox 360. This

version of freeBOOT allows you to reboot into kernel 2.0.8498 on a Xenon

or Falcon console, which can be exploited by the JTAG hack. Support for

Zephyr, Opus, and Jasper consoles will follow shortly.

As freeBOOT needs a second flash memory to store kernel 2.0.8498 and

associated data, a Cygnos360 is required at the moment.

Read through the following instructions carefully. Building your own images

is yet a complicated task involving many steps. Future versions of freeBOOT

will be easier to build.

II. Instructions


1. Extract the contents of this archive to a directory of your choice. All

file and directory names in the proceeding steps will be given relative

to that directory.

2. Update your Xbox 360 to kernel 2.0.7371 (Fall 08 Update). If your Xbox 360

has already been updated to a newer kernel, you can proceed to the next


You can download the update from:

Follow the instructions on this site on how to apply the update. The

update process will not succeed with resistor R6T3 desoldered. Resolder

resistor R6T3 in that case before starting the update process.

3. If present, desolder resistor R6T3 to prevent any accidentally applied

update fixing the JTAG hack vulnerability.

4. Save an image of your flash memory to the file "bin\7371.bin".

5. In case you don't already know your Xbox 360's CPU key, retrieve it now.

There are various ways to accomplish this, but they will not be covered


6. Launch the 360 Flash Tool included in this archive. It incorporates the

fixes proposed by arnezami and thus works with newer dashboard versions.

Aside from that, it can also extract the SMC configuration block.

Click on the "Keys" button and enter the generic 1BL key and the CPU key

matching your "bin\7371.bin" image. Once you have entered the keys, close

the application and launch it again.

Open your "bin\7371.bin" image next and click on the "Extract" button.

Select the options "Cx Sections", "Key Vault", and "Raw File System

(No Unpacking)" from the "Extract Flash" dialog. Choose "data" as output


7. Delete all files from the "data" directory except:

- crl.bin

- extended.bin

- kv.bin

- odd.bin

- secdata.bin

- smc.bin

- smc_config.bin

8. The remaining files necessary to build an image with kernel 2.0.8498 must

be extracted from an image of an updated Xbox 360, further on referred to

as "bin\other8498.bin". Please do *NOT* update your Xbox 360 to kernel

2.0.8498, otherwise you will loose the ability to run the JTAG hack and


Launch 360 Flash Tool included in this archive and click on the "Keys"

button again. Now enter the CPU key corresponding to the "bin\other8498.bin"

image. Afterwards, close the application and launch it again.

Open the "bin\other8498.bin" image next and click on the "Extract" button.

Select the options "Cx Sections", and "Raw File System (No Unpacking)"

from the "Extract Flash" dialog. Choose "tmp" as output directory.

9. Copy the following files from the "tmp" to the "data" directory:

- aac.xexp[1,2]

- bootanim.xex

- bootanim.xexp[1,2]

- cb_1940.bin

- cd_8453.bin

- ce_1888.bin

- cf_8498.bin

- cg_8498.bin

- createprofile.xex

- createprofile.xexp[1,2]

- dash.xex

- deviceselector.xex

- deviceselector.xexp[1,2]

- gamerprofile.xex

- gamerprofile.xexp[1,2]

- hud.xex

- hud.xexp[1,2]

- huduiskin.xex

- mfgbootlauncher.xex

- mfgbootlauncher.xexp[1,2]

- minimediaplayer.xex

- minimediaplayer.xexp[1,2]

- signin.xex

- signin.xexp[1,2]

- updater.xex

- updater.xexp[1,2]

- vk.xex

- vk.xexp[1,2]

- xam.xex

- xam.xexp[1,2]

- xenonclatin.xtt

- xenonclatin.xttp[1,2]

- xenonjklatin.xtt

- xenonjklatin.xttp[1,2]

- ximecore.xex

- ximedic.xex

- ximedic.xexp[1,2]

"[1,2]" means the file name contains either "1" or "2" at that position.

10. Rename the following files in your "data" directory:

- aac.xexp[1,2] --> aac.xexp

- bootanim.xexp[1,2] --> bootanim.xexp

- createprofile.xexp[1,2] --> createprofile.xexp

- deviceselector.xexp[1,2] --> deviceselector.xexp

- gamerprofile.xexp[1,2] --> gamerprofile.xexp

- hud.xexp[1,2] --> hud.xexp

- mfgbootlauncher.xexp[1,2] --> mfgbootlauncher.xexp

- minimediaplayer.xexp[1,2] --> minimediaplayer.xexp

- signin.xexp[1,2] --> signin.xexp

- updater.xexp[1,2] --> updater.xexp

- vk.xexp[1,2] --> vk.xexp

- xam.xexp[1,2] --> xam.xexp

- xenonclatin.xttp[1,2] --> xenonclatin.xttp

- xenonjklatin.xttp[1,2] --> xenonjklatin.xttp

- ximedic.xexp[1,2] --> ximedic.xexp

You can easily rename the files by entering "ren *p1 *p" or "ren *p2 *p"

at the command prompt.

11. Now you can build your kernel 2.0.8498 image with ibuild. To do so,

launch ibuild with the following parameters:


ibuild -console xenon -dir data\ -1blkey

-cpukey bin\my8498.bin bin\fuses.bin


ibuild -console falcon -dir data\ -1blkey

-cpukey bin\my8498.bin bin\fuses.bin

Enter both 16 byte keys as hexadecimal numbers without leading "0x". The

CPU key in this case is the one matching your "bin\7371.bin" image. When

ibuild completes successfully, you will find two new files in the "bin"

directory. The file "bin\my8498.bin" contains your newly build kernel

2.0.8498 image, that will be booted by freeBOOT. The file "bin\fuses.bin"

contains the virtual fuse settings used by freeBOOT. Please do not mix

images and virtual fuses of different ibuild runs, it won't work


12. In order to build the freeBOOT image, Python is needed. If you already

have Python installed, you can proceed to step 13.

The easiest way to run Python scripts under Windows is to install Cygwin.

You can download the Cygwin setup from here:

Install Cygwin to any directory of your choice along with the these


- python

- python-crypto

13. Open "" with a text editor and look for these two lines:

# you need to fill in this

secret_1BL = None

Replace "None" with the 1BL key. This example shows you the format

in which the key has to be entered. The key itself is wrong.

secret_1BL = "\x01\x0F\x0E\x0C\x0E\xD6\x69\xE7\xB5\x67\x94\xFB\x68\x56\x3E\xFA"

14. The freeBOOT image can now be built. Open a Cygwin shell and change to the

directory where you extracted the contents of this archive into. Launch

the Python build script with the following parameters:


python bin/xenon_hack.bin


python bin/falcon_hack.bin

The "bin\xenon_hack.bin" and "bin\falcon_hack.bin" images are standard

JTAG hack images and can be found at the usual places.

15. Program "bin\my8498.bin" to the Cygnos360 flash memory and "bin\hack.bin"

to the Xbox 360 flash memory.

16. Power on your Xbox 360. If everything went correctly, you should see the

blue LED light up a few seconds later, followed by the usual boot

animation. If you power on your Xbox 360 with the DVD tray eject button,

XeLL will be loaded instead.

III. Credits


Writing freeBOOT would not have been possible without the great work done by

many hackers. Kudoz to arnezami, Redline99, Robinsod, SeventhSon, Tiros,

tmbinc, xorloser, and anyone else I may have missed.

IV. What's next


Features planned for the next release(s):

- support for all consoles

- update to the latest kernel


ikari, 2009/10/15


Well-Known Member
Aug 28, 2003
United Kingdom
It lets you reboot a homebrew capable console into to the latest kernal so you can play the latest games, without having to run the update properly and update the bootloader killing the ability to run hombrew.

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • No one is chatting at the moment.
    T @ Texasauras: if i post it later will you guys help haha