Toggle sidebar

Front-page

Modders hint at potential kernel exploit hack for Xbox One consoles

xbawks.png

It's been a while since Microsoft released the Xbox One, and despite its age, there haven't been any reliable softmod methods to hack the console. Until now. A post started making the rounds, saying that a method for executing kernel level code on the Xbox One had been found. A list of instructions for preparing Xbox One systems to be hacked was also provided, with the process being as follows:

  1. Ensure your Xbox Live account Login-Type is configured as “No barriers” aka. auto-login with no password prompt
  2. Set your console as “Home Console” for this account
  3. Download the App Game Script
  4. Start the app (to ensure license is downloaded/cached)
  5. Take your console offline! To make extra sure it cannot reach the internet, set a manual primary DNS address of 127.0.0.1
  6. Get a device/microcontroller that can simulate a Keyboard (rubber ducky or similar) - otherwise you have to type a lot manually :D
Click to expand...

This method appears to use a UWP app called Game Script on the Xbox One to execute the code, and was discovered by a user named carrot_c4k3. It seems as though the hack will require a lot of manual typing, unless you have a device that can simulate a keyboard, according to the preparation instructions. Reportedly, the latest firmware update for the Xbox One has already patched the exploit out, with the last exploitable firmware being 10.0.25398.4478.

:arrow: Source
:arrow: Video guide on how to prepare your system
:arrow: Proof of concept code
 
  • Like
  • Love
  • Haha
Reactions: mtxn, PandaPandel, jeffyTheHomebrewer and 36 others
Click to expand...
  • Like
  • Love
Reactions: MasterJ360 and BigOnYa
From what I gather, this exploit... lets you break into the developer mode? That's all? Would be good if that wasn't so readily accessible...

I'll keep my raft hooked. (Not going into more detail than that, so don't bother asking! It's not a code exploit I'm referring to.)
 
if anything like the retail emulator fiaso like most devs say keep you system offline because if an update is installed and you go online say goodbye to online console use console banned (trust me there perm banning people who f-bomb so banning consoles for this is no problem)
 
  • Like
Reactions: BigOnYa
chrisrlink said:
if anything like the retail emulator fiaso like most devs say keep you system offline because if an update is installed and you go online say goodbye to online console use console banned (trust me there perm banning people who f-bomb so banning consoles for this is no problem)
Click to expand...
There's no chance of installing the Game Script on a 4908 at this point? I picked up a Project Scorpio on Friday, looking to install Game Script.
 
HawaiianInTown said:
There's no chance of installing the Game Script on a 4908 at this point? I picked up a Project Scorpio on Friday, looking to install Game Script.
Click to expand...
I personally would not risk getting that banned already, but instead use a old xbone and delink your MS account, and create a new dummy one to be safe. Be sad if a new $500 series x got banned already.
 
BigOnYa said:
I personally would not risk getting that banned already, but instead use a old xbone and delink your MS account, and create a new dummy one to be safe. Be sad if a new $500 series x got banned already.
Click to expand...
Project Scorpio is a limited edition X1X. I picked up in case there are motherboard revisions... for hard modding.
 
  • Like
Reactions: BigOnYa
I recently came across an old VCR Xbox One in storage. This is enticing, but the more I think about it, the less I'm sure of what I'd even do with the thing at this point compared to my Switch, PS4 Pro, Steam Deck, and bigass PC.
 
BasedKiliK said:
I recently came across an old VCR Xbox One in storage. This is enticing, but the more I think about it, the less I'm sure of what I'd even do with the thing at this point compared to my Switch, PS4 Pro, Steam Deck, and bigass PC.
Click to expand...
I'd swap out the PS4 Pro for the X1X... 6 teraflops for gpu, 12GB GDDR5 memory, and 2.3GHz cpu.
 
nickolag said:
you still need to open the console.. what's your point? it's also pretty crappy compared to RGH/JTAG..
Click to expand...
I know it sounds easier than it looks it’s understandable but I was just like you I didn’t have a clue what to do at first but if you do some research online watch some YouTube videos it really is easy to open an xbox360 case and mod the drive also unlike jtags “which the 360 has to be on a certain low firmware” you can burn games straight to disc with a little assistance and use them for online gaming I have done for years now without any problems or a banned account
 
ebussy_foot said:
I'll be honest then. What's the point? Dev mode already exists.
Click to expand...
While this won't allow touching retail games directly, it will make it possible to modify their save files. That can open up further exploits.

From what I can gather, this article here describes such an exploit: https://xboxoneresearch.github.io/games/2024/05/15/xbox-dump-games.html It's apparently for the game Warhammer: Vermintide 2 and will enable dumping games. Those dumps still can't be played on consoles, but they can at least be datamined. They might also assist in the development of emulators or other methods to make the games playable on PCs.
 
Dev mode is in a sandbox. If this exsploit is enabling outside of the sandbox this gives access to offical games . And will eventualy there will be game backups. And new homebrew to play them. Leads me to beleve the main reason MS patched it so fast. They would have do problem if it only enables dev mode inside of the sandbox. They already alow this.
 
justencase6 said:
Dev mode is in a sandbox. If this exsploit is enabling outside of the sandbox this gives access to offical games . And will eventualy there will be game backups. And new homebrew to play them. Leads me to beleve the main reason MS patched it so fast. They would have do problem if it only enables dev mode inside of the sandbox. They already alow this.
Click to expand...
Not directly. This exploit only affects one of the operating systems, and it's not the one that runs retail games. But it can access their save data to set up exploits in them.
 
justencase6 said:
Dev mode is in a sandbox. If this exsploit is enabling outside of the sandbox this gives access to offical games . And will eventualy there will be game backups. And new homebrew to play them. Leads me to beleve the main reason MS patched it so fast. They would have do problem if it only enables dev mode inside of the sandbox. They already alow this.
Click to expand...

I don't think it's patched. Only game script isn't one the store anymore.
 
Last edited by stardaddler,
  • Like
Reactions: djinc91, FFTW, Deleted member 681324 and 1 other person

Site & Scene News

Go to forum More news

Popular threads in this forum

Pokemon Platinum PC port gets a surprise release

Steam Deck gets a major price bump, more than 40% increase for US buyers

Sony announces PlayStation Plus price increase for new customers starting May 20

Nintendo Direct June 9, 2026 roundup - Ocarina of Time remake announced, Kingdom Hearts IV trailer

Pokémon Crystal gets a PC port titled "suiCune" based on C/C++ language

Paper Mario PC recompilation "ReCut" gets its first pre-release build

Low-level 3DS emulator 3Beans released alongside setup tutorial video

PlayStation State of Play June 2, 2026 broadcast - new God of War announced