New Xbox 360 Hypervisor exploit (software based)

[BigOnYa]

but waiting 20mins for it to exploit... That's a long wait

That's each attempt, it can take up to 7 attempts (20 minute wait each attempt) before it works even = 140 minutes. When I tried it on my Winchester model, First time took 3 attempts, second time took 5 attempts. Its only a 30% success rate.

 

[Xyphoseos]

Hi, i never done things on my 360. With this exploit, what can I do ? In term of hacking I only know things about nintendo consoles so sorry if my question sound stupid or not accurate

 

[FR0ZN]

Hi, i never done things on my 360. With this exploit, what can I do ? In term of hacking I only know things about nintendo consoles so sorry if my question sound stupid or not accurate

Watch these videos

 

[Blythe93]

Think I'll give it a try, but waiting 20mins for it to exploit... That's a long wait and I thought a few seconds on PS4 9.00 was long.

It took me 17 attempts (around 150 minutes) to successfully trigger the exploit on my "first try". Others around here had way better luck than I did.

 

[Marc_LFD]

It took me 17 attempts (around 150 minutes) to successfully trigger the exploit on my "first try". Others around here had way better luck than I did.

I'm just gonna wait until it's more stable, I have plenty of XBLA games installed on there, anyway. When that happens, I'll switch from a 250GB to a 500GB or a 1TB HDD.

Edit: I own a kinda rare edition of Dragon Ball Raging Blast 2 NTSC-J with English text (according to the cover) so I might eventually open it and play it when the hack is stable.

 

[SylverReZ]

It took me 17 attempts (around 150 minutes) to successfully trigger the exploit on my "first try". Others around here had way better luck than I did.

Here's my experience with this exploit. Sometimes, if you try to press (A) immediately when it reaches the title screen, or wait about 5 seconds into the title screen, then there's a chance that the exploit might take around 7 or 10 minutes to execute. Since this exploit has 30% success rate then there's no guarantee about it. I've gotten this much success on my Trinity 360.

It's just a demo so surely it's fine to share here? I already posted the link above.

This has been already said. Since it's a demo, it's alright to share.

Think I'll give it a try, but waiting 20mins for it to exploit... That's a long wait and I thought a few seconds on PS4 9.00 was long.

It's all about timing and you will have to run the demo each and every time it fails.

 

[wurstpistole]

just rgh your 360

 

[Ryccardo]

I would be surprised if you could write to NAND without bricking, at least not without an additional exploit to deal with the bootloaders/security.

Isn't that the point?
If this gives reliable flash dumping (hmmmm, savestates of a running system) and writing (it seems that Xell works according to following posts) it means the remaining materials for RGH3 are 2 wires, how's that for cutting the cost of a flashed console

 

[tech3475]

Isn't that the point?
If this gives reliable flash dumping (hmmmm, savestates of a running system) and writing (it seems that Xell works according to following posts) it means the remaining materials for RGH3 are 2 wires, how's that for cutting the cost of a flashed console

My post was about writing off the idea that a permanent softmod was possible as is by simply writing a patched nand.

Your idea falls under 'additional exploit'.

 

[BigOnYa]

Isn't that the point?
If this gives reliable flash dumping (hmmmm, savestates of a running system) and writing (it seems that Xell works according to following posts) it means the remaining materials for RGH3 are 2 wires, how's that for cutting the cost of a flashed console

You can use a raspberry pi pico to read/write the nand, which is only like $5.

 

[Retrojunkies]

God I remember the old days having to buy a DVD DL burner and flash it so it can read Xbox360 game discs then dumping them using a PC tool and checking the iso for its disc type to patch before burning so it'll work on your console.

I still have that drive in my old pc, back when I used to play games using Nvidia 3D.... God I miss playing games in 3D, shame I can't use my kit on today's hardware.

 

[BigOnYa]

God I remember the old days having to buy a DVD DL burner and flash it so it can read Xbox360 game discs then dumping them using a PC tool and checking the iso for its disc type to patch before burning so it'll work on your console

Yea a iHAS burner, with Verbatim dual layer dvds, running thru abgx360 first before burning... Those were the days.

 

[Armadillo]

Horrible days. I tapped out of that in 2010 with my Jtag console & never missed messing around with discs and all the faff that went with them

 

[Pismire]

Yea a iHAS burner, with Verbatim dual layer dvds, running thru abgx360 first before burning... Those were the days.

ABGX just sent me down memory lane. I remember the xk3y wave coming out and how cool the tech was, I still have mine installed on my Jasper even though I've got a RGH too, just for nostalgia purposes. The 360 had some of the most innovative hacks out there for sure.

 

[raxadian]

Wish the PS3 had a similar exploit.

 

[TcpLink]

in early days there's hot swap dvd method to load games with mods ( gta iv, cod waw ) so probably these mods could be abused

something like:

1. Use Rock Band Blitz to run BadUpdate exploit
2. Flash DVD drive enabling DVD-R support
4. Insert DVD-R GTA IV with mods
5. Enable Disk Autoplay
6. Reboot
7. Xbox 360 starts GTA IV with mods that contains some exploitable bug

it would be almost like softmod in a sense that after installing it doesn't require user interaction and would run automatically on each reboot ( as I remember GTA IV autoload last save )

of course for this behavior such exploit should be made for gta iv or cod waw first

difference of this possible method that for rock band blitz user must choose a game from list and press a to start exploit, and for tony hawk user must load custom track pressing bunch of keys

 

[Deet0101010]

Wonder if its possible to trick any skylanders game into running a payload. Not sure how it'll work but i think hopefully if a nfc tag that at first glance of the game is a specific skylander once it tries to load it might load the payload. Yes ik it wont be easy and itll require a portal, just a thought

 

[Afeohtan]

Wish the PS3 had a similar exploit.

It does. It it much easier because the PS3 is a lot less secure as Sony is not as good at that, or even software programming in general as MS is.

Not to mention most third party games on PS3 run badly because of over convoluted programming software as well as hardware. People when developing a game are not going to spend 5 years trying to figure out how how to optimize when they can port their game to a system that has proper documentation.

 

[BigOnYa]

It does. It it much easier because the PS3 is a lot less secure as Sony is not as good at that, or even software programming in general as MS is.

Not to mention most third party games on PS3 run badly because of over convoluted programming software as well as hardware. People when developing a game are not going to spend 5 years trying to figure out how how to optimize when they can port their game to a system that has proper documentation.

I think they were being sarcastic.

 

[KirovAir]

This is AMAZING to see in my time. Absolute godlike reverse engineering. Even though the usability from a user standpoint is a bit low this is such a huge technical feat and would break the internet back in the day. Absolute god tier skills and such an interesting readup.
https://icode4.coffee/?p=1081