Is Xbox One hackable? Any improvement hacking it?

Discussion in 'Xbox One - Hacking & Homebrew' started by hiphopmanoj, Nov 11, 2018.

  1. Oh, I agree. The XB1 was done properly. Security was the first thing Microsoft thought about with this console and user experience second.

    My interest in exploiting the Xbox One isn't for piracy. I'm quite happy buying games. My interest is mainly in unsigned code execution by way of a non-sandboxed environment. Because let's face it, while devmode is great, it's still only polished turd compared to what the Xbox One is capable of being able to do.

    And while you are correct in that as of right now, nobody with the right skill set are looking into the Xbox, I believe they will eventually. I think they're waiting patiently for Microsoft to lose interest in the console. Because at some point in the near future, it will lose their interest. Backwards compatibility only goes so far, and eventually this console will cease to be profitable.

    I think (I guess I should say hope) that the people with the proper skills will then take a look at it if for no other reason than to evaluate how Microsoft achieved a hardened console.

    But I don't expect any of this to happen in the next 5 years.
     
  2. blahblah

    blahblah GBAtemp Maniac

    Member
    8
    May 16, 2018
    United States
    Microsoft hasn't lost interest in updating the 360. So long as there is one Xbox Live, everyone playing in one pool, Microsoft will bother to patch out exploits to the extent they can.

    Doesn't matter if the console itself is profitable or not. Backwards compatibility is part of their broader strategy, and piracy (and the associated cheating that unsigned code execution allows) reduces the value of the BC functionality.
     
    Deleted-351540 likes this.
  3. Ominous66521

    Ominous66521 GBAtemp Advanced Maniac

    Member
    7
    Feb 7, 2016
    United States
    Nobody wants to hack it because it sucks
     
  4. aadz93

    aadz93 GBAtemp Regular

    Member
    4
    Jan 29, 2008
    United States
    South Carolina
    I was point out the fact the exploiting the console would be likely piracy/money driven since you could just not release the exploit publicly and just sell it, like tx switch dongle (or the dgx back when Microsoft had the split cb's) before the hardware exploit was used, though Ninty took from Microsoft and implemented efuses for the CPU AND cartridge, you may be able to downgrade but if you cartridge efuese have been blown, the system will still downgrade but cartridges will not work

    Well sine xbone seems to essentially be 3 virtual machines, dev mode, kernel/hypervisor, and game, I would start with looking into sandboxes and virtual machine software on x86-64 (iirc .vhd is used by other virtual machine emulators not encrypted) PC's and see if there would be a flaws in actual implementation of the backend, or code specific flaws lol it's a matter of thinking outside the box and attack in places Microsoft may have missed
     
    Last edited by aadz93, Feb 28, 2019
  5. blahblah

    blahblah GBAtemp Maniac

    Member
    8
    May 16, 2018
    United States
    This is more nonsense. You can't effectively hide exploits that way. The dongle (and, more importantly, the software the dongle unlocks, which contains the exploit chain) will get reverse engineered. It'll be free.

    But it won't exist in the first place due the reasons I've stated above.
     
  6. aadz93

    aadz93 GBAtemp Regular

    Member
    4
    Jan 29, 2008
    United States
    South Carolina
    But someone still had pay money for such exploit, not saying one is hiding it, more that some will make a quick buck, I understand from the hardware engineers and devs may profit from R&D and I'm fine with that, as long you're not charging an arm and leg for it, the actual userbase that would use it for Homebrew is smaller than piracy, and honestly it's more of an overlap of Homebrew computer hobbyists/enthusists and ppl who don't work and want free games cuzfukkititsfreegeamzandmodzomg (no disrespect) is it really that much of a struggle in the end it's just a computer ..sand.. plastic..fiberglsss,theres some copper even gold and silver in Trace amounts and tin and lead holding all together)) if you want mods buy a PS4 they literally turned it into a Linux steam box, I meant they both use the the same(similar) hardware (amd SOC...8gb ram) one in Japanese flavor (PS4) and American flavor (xbone), seems people like the Japanese flavor so far
     
    Last edited by aadz93, Mar 1, 2019
  7. aadz93

    aadz93 GBAtemp Regular

    Member
    4
    Jan 29, 2008
    United States
    South Carolina
    Plus even though the vhds are encrypted the console still needs to decrypt it, this is certainly an area Microsoft had tested when development of xbone was in progress, the security is likely to have much more flexibility, authentication, and hardware checks which get sent to Microsoft, if you use Xbox live youve agreed to terms of service and I'm sure theyve included the use of "unauthorized access or unauthorized consolc/devkit" clause so they can monitor your console to an extent and once you cause a specific flag to register Microsof could just dump info about that console use it and ban it when done and release and update, really some sort of privilege escalation in dev mode (Microsoft has likely checked this? wonder if one could use rops..) Kinda sounds like the 360 as you needed 1BL to decrypt the nand iirc and the 1bl key was an exploit in itself, so vhd key is not going to obtained, really it Boils down to a combination of exploits hardware is likely, and would have to be triggered by some bug in hardware or something that could be attacked in software if possible, well to crack it and then actually get people to develop USEFUL Homebrew for it...once it's exploited it could allow for people to find different things that could be exploited as they can SEE code now, odds are in Microsofts favor and they have money to bet.. I'm pretty sure they wouldn't just want us dumping our consoles nand in dev mode either surprised you could still dump from the mobo could be them saying go ahead try ain't gonna work
     
    Last edited by aadz93, Mar 1, 2019
  8. blahblah

    blahblah GBAtemp Maniac

    Member
    8
    May 16, 2018
    United States
    Where’s the roll eyes emoji when you need it.
     
    aadz93 likes this.
  9. aadz93

    aadz93 GBAtemp Regular

    Member
    4
    Jan 29, 2008
    United States
    South Carolina
    Hmm I don't pay for game pass, only for gold, unless Microsoft has a promo, my xbone now allows me to play bo4 without disc, all other ask for my license...tripped me out cause I tried launching battlefield v and got the message and then booted bo4 and I was like hold on I still have just cause 3 in the drive....ig it's a promo thoigh I haven't been notified of this
     
  10. retrofan_k

    retrofan_k GBAtemp Addict

    Member
    10
    May 31, 2013
    Belarus
    Caves
    I use my XB1 to play the latest games that my PS4 cannot do on the current 5.05 Kernel Exploit, instead of buying another PS4:P
     
  11. aadz93

    aadz93 GBAtemp Regular

    Member
    4
    Jan 29, 2008
    United States
    South Carolina
    So it's seems you can't spoof fw Version, obviously no online access, I did see something on another forum that claims to showcase PS4 game modding but it seems to be apart of a talk or conference at the end of this year, if you had the same people on xb1 we'd probably have more than just edge exploit (wonder how the edge exploit would work running dev mode iirc don't believe you can run it) dev mode, I feel that any exploit may utilize dev mode (like other os) on xb1, xb1 will require some hardware back engineering, tbh compared to Sony is more secure at this point
     
  12. aadz93

    aadz93 GBAtemp Regular

    Member
    4
    Jan 29, 2008
    United States
    South Carolina
    I ended up unplugging xbox and hard reset it bo4 started requesting my disc, the console may have glitched and didn't check for license I recorded footage but deleted it unfortunately
     
Quick Reply
Draft saved Draft deleted
Loading...