New Xbox 360 Hypervisor exploit (software based)

[BigOnYa]

I have a Winchester model I tried it on 2 times, 1st time it took 5 attempts at 20min each try, and 2nd time it took 7 attempts also 20min each try. I don't care to continue with this mod as I have RGH modded Xbox360 already, but wanted to try it atleast, and dump the nand. Figured I share my experience though for you @alexfree .

 

[alexfree]

I have a Winchester model I tried it on 2 times, 1st time it took 5 attempts at 20min each try, and 2nd time it took 7 attempts also 20min each try. I don't care to continue with this mod as I have RGH modded Xbox360 already, but wanted to try it atleast, and dump the nand. Figured I share my experience though for you @alexfree .

Thank you for the report. Do you wait the recommended 10 seconds (someone said this right??) after Rock Band Blitz loads or just send it immediately?

Wish someone could do a TAS style thing that just repeats until it works

 

[BigOnYa]

Thank you for the report. Do you wait the recommended 10 seconds (someone said this right??) after Rock Band Blitz loads or just send it immediately?

Wish someone could do a TAS style thing that just repeats until it works

I can't remember tbh, but I think I just sent immediately, don't think I waited 10 sec.

 

[alexfree]

I can't remember tbh, but I think I just sent immediately, don't think I waited 10 sec.

I never wait either which is why I was curious. Forget where I even heard to do that. Again thx for this context. Winchester has massive nostalga for me and I never thought I'd see something like this in my lifetime so idrc but it would be interesting if i.e. Xennon took a much shorter time on average. I still think a community thing showing massive amounts of result data could be interesting but I totally get why you don't care for this with an RGH.

Edit: Sorry for the late edit you already liked but I think you get it.

 

[SylverReZ]

I think we should have a community thing where we say how any attempts, how long per attempt, console model, etc. I know it's completely random but is everyone else really spending hours each time? I think I read somewhere that console model doesn't matter but I'm not exaggerating when I say it takes me 2-4hrs each time. It has worked the first time once, but I just think maybe something weird with Winchesters but I'm not sure. What do you think @SylverReZ ?

That's why I said that I'll compile a list with how long per attempt and how many attempts it takes to get into Bad Update with whatever console is used.

I don't have a Winchester to confirm. Bad Update is not always perfect and it's unclear whether each model of 360 has a different outcome, but somebody might know.

 

[TerryK]

I have a jasper console and the first version of the bad update exploit takes often 3 attemps at most with no more than 20 minutes on the final attemp. When it crashes its usually on the first 15 minutes after executing the exploit.

Also i dont wait any time to press a after loading the rb demo. And even i got the exploit working immediately about 1/10 of the time.

 

[L3gi0n0fh311]

i tried v1.1 and v1.2 like 20 times...only worked once so far.

 

[SylverReZ]

I have a jasper console and the first version of the bad update exploit takes often 3 attemps at most with no more than 20 minutes on the final attemp. When it crashes its usually on the first 15 minutes after executing the exploit.

Also i dont wait any time to press a after loading the rb demo. And even i got the exploit working immediately about 1/10 of the time.

What version of Bad Update are you using? Current v1.1, v1.0, or the unofficial v1.2 fork?

Post automatically merged: Apr 11, 2025

I have a Winchester model I tried it on 2 times, 1st time it took 5 attempts at 20min each try, and 2nd time it took 7 attempts also 20min each try. I don't care to continue with this mod as I have RGH modded Xbox360 already, but wanted to try it atleast, and dump the nand. Figured I share my experience though for you @alexfree .

Original or fork? I'm willing to add this to a spreadsheet.

Was you able to also get into Bad Update after your last attempt?

 

[NoNamida]

did this work any better ? https://github.com/Wamphyre/Xbox360BadUpdate

 

[BigOnYa]

What version of Bad Update are you using? Current v1.1, v1.0, or the unofficial v1.2 fork?

Post automatically merged: Apr 11, 2025

Original or fork? I'm willing to add this to a spreadsheet.

Was you able to also get into Bad Update after your last attempt?

Original v 1.0, yes was able to run simple 360 nand flasher even and read my nand, but have not bothered to try again since.

 

[Afeohtan]

I got it (1.1) to work in about 10 seconds once. I pressed A on about 2-3 seconds when it did but so far it hasn't happened again.

 

[gisel213]

Timings are still the same but i come across a plugin called NETISO adds to XeUnshackle does interesting things!!!
Check this out!!!

 

[NoNamida]

the only way to get the timer down would be some how to record the code being sent to the hypervisor that passes the check and only use that . so will be less steps . or am i wrong ?

 

[Afeohtan]

Timings are still the same but i come across a plugin called NETISO adds to XeUnshackle does interesting things!!!
Check this out!!!

You can play Original Xbox backups without that NETISO plugin as long as you have the hacked/unlocked xefu emulator. The backups I made years ago would not be considered proper, as-in, game partition only, without security sectors. However they do work.

But as neat as it is running backups from DVD-R on a stock DVD drive, it would be better to save the laser and run them from USB and/or HDD.

What I personally would like are apps to:

1. Make a full ISO backup for Xbox 360 and Original Xbox games whether to split them on a FAT32 drive or a full ISO to an NTFS/exFAT drive.

2. An app that supports NTFS and exFAT and allows mounting ISO's to boot them from the dashboard's disc menu like a retail disc.

 

[alexfree]

the only way to get the timer down would be some how to record the code being sent to the hypervisor that passes the check and only use that . so will be less steps . or am i wrong ?

I think we need a way to manipulate the whitening value. You know what they say about randomness though.

 

[Afeohtan]

I think we need a way to manipulate the whitening value. You know what they say about randomness though.

I think after a while some will find a way to speed it up. Though it will take some time for R&D.

I would like to ask for some experts' advice on using xeunshackle and Aurora. Since the dashlaunch plugin is active, is it safe to use the settings for games with it? For instance there are things like:

content patching
fake LIVE

And some other things I cannot remember. I will try to take a screenshot of it if I can remember.

 

[gisel213]

You can play Original Xbox backups without that NETISO plugin as long as you have the hacked/unlocked xefu emulator. The backups I made years ago would not be considered proper, as-in, game partition only, without security sectors. However they do work.

But as neat as it is running backups from DVD-R on a stock DVD drive, it would be better to save the laser and run them from USB and/or HDD.

What I personally would like are apps to:

1. Make a full ISO backup for Xbox 360 and Original Xbox games whether to split them on a FAT32 drive or a full ISO to an NTFS/exFAT drive.

2. An app that supports NTFS and exFAT and allows mounting ISO's to boot them from the dashboard's disc menu like a retail disc.

I see your point but and I'm not knocking loading from a hdd it's cool also yes... But playing normal backups from disc without opening a console or flashing a drive is phenomenal!!! It's a milestone compared to all the crazy wild drive flashing methods throughout the years lol... But on that winchester also without using the ltu replacement board it's very close to softmod.... Timing timings timings that's all that's left but to each his or her own disc drive backups or hdd digital... It's just fun all around...

 

[alexfree]

I think after a while some will find a way to speed it up. Though it will take some time for R&D.

I would like to ask for some experts' advice on using xeunshackle and Aurora. Since the dashlaunch plugin is active, is it safe to use the settings for games with it? For instance there are things like:

content patching
fake LIVE

And some other things I cannot remember. I will try to take a screenshot of it if I can remember.

That’s a really good idea. Like port extract-x-iso to the 360. I have a non public fork of extract-x-iso that uses my own build system to compile and cross compile for a bunch of systems so it’s already really portable and it actually does have big endian support and it’s already C. The only things you’d need to do are file system/make an interface. But actually perhaps it’s redundant to rip it iso and then convert it when you could just pull the files from disc? Even so it could be useful when you already have an iso on the HDD.

 

[Afeohtan]

These are the settings I spoke of. Are these safe to use on a stock 360? Do they patch data in memory or the actual files on a storage device?

 

[alexfree]

The fact that this hasn't been patched yet is insanity. Who else thought this would've been patched mid march by latest? I occasionally google search for it to see what the latest dash is.