Hacking Softmod 360 using USB?

lisreal2401

Well-Known Member
Member
Joined
Jun 4, 2013
Messages
858
Trophies
1
Age
27
XP
2,974
Country
United States
Nope.

With that said, there is a ton of stuff from XBL that isn't signed - demos, XBL trial games, a bunch of DLC from discs and some full arcade games that will load on retail. You can also go ahead and flash the DVD drive easily enough if you have a phat and really any desktop PC.

Typing this as my retail and RGH are running... I wanted to play TGM quick.
 

QuazaRayy

OP
Member
Joined
Feb 3, 2019
Messages
110
Trophies
0
Location
your mind.
XP
611
Country
United Kingdom
There's no softmod for the 360 like that and likely never will be.
You'll need to install an Xkey or have it RGH'd.

Nope.

With that said, there is a ton of stuff from XBL that isn't signed - demos, XBL trial games, a bunch of DLC from discs and some full arcade games that will load on retail. You can also go ahead and flash the DVD drive easily enough if you have a phat and really any desktop PC.

Typing this as my retail and RGH are running... I wanted to play TGM quick.

thanks!
 

Deleted member 668561

GBAtemp Official Psychonaut
Banned
Joined
Jan 29, 2008
Messages
1,875
Trophies
0
Location
somewhere within 4 dimensional space-time
XP
2,654
Country
United States
I'm going to quote my reply from a recent thread to the same question, note the 360 is not a (3)Ds(i) Wii(u), or a Nintendo console, look at the price difference, there is a reason you pay more for one.... better hardware = better security ( more space and ability to implement things),

no USB jtag, softmod will exist, if there was such an exploit it would have been found already, again the Homebrew scene on the 360 was due to a very subtle programming fuck up in the 360 bootloader from update 4532-7371...you could call it a "manufacturer error" since in the end it was truly Microsofts own fault their console was exploited as they coded the exploit vector without realizing it.



Due to how the hardware is designed on the 360 and the security structure, NO not possible, the only SOFTMOD was the King Kong or really the 4532 syscall exploit which required you to still have a flashed dvd drive, that was patched in dashboard 4552, they patched king Kong, but not the actual syscall exploit itself, they just patched you from accessing it through king Kong method, jtag was the the replacement to that issue (which is kinda both a soft and hard mod again due to how the hardware works) since the syscall exploit essentially is in the second stage bootloader (2bl) this was not updated from dashboard 2.4532.xx to 2.7371.xx, your dashboard version (CF lockdown) is signed using your console cpu key which is why you could downgrade between these dashes if you have the cpu key, once 8955 came out they updated the 2bl (8458) also has its own lock down counter, but this value is not signed using your cpu key, it uses Microsofts private key, and if we knew this key then jtag and rgh would be going around your ass to get to your elbow, so once they update the bootloader you cannot downgrade it, as this is the lowest version you would be able to downgrade to. This is how rgh works, rgh is the exploit that does exactly what we want, it allows you to bypass your lock down values, rgh still runs a modified 8955 dashboard that boots using the 4532 kernel iirc to use the syscall exploit. The 360 is specifically designed against softmodding from the cpu die up.

Tldr all 360 exploits rely on booting in some form of 4532 based kernel to run usigned code, the only reason homebrew existed is because of a extremely subtle flaw in programming that was introduced in this kernel and never again since appeared, rgh is the exploit that is the "downgrade" everyone hoped for, it still uses the 4532 syscall exploit by allowing you to bypass your lockdown values.

Really the softmod for the 360 would be the leaking of the private signing key like ps3
 
Last edited by Deleted member 668561,
D

Deleted-401606

Guest
I'm going to quote my reply from a recent thread to the same question, note the 360 is not a (3)Ds(i) Wii(u), or a Nintendo console, look at the price difference, there is a reason you pay more for one.... better hardware = better security ( more space and ability to implement things),

no USB jtag, softmod will exist, if there was such an exploit it would have been found already, again the Homebrew scene on the 360 was due to a very subtle programming fuck up in the 360 bootloader from update 4532-7371...you could call it a "manufacturer error" since in the end it was truly Microsofts own fault their console was exploited as they coded the exploit vector without realizing it.

So people on this old dashboard with a flashed dvd drive can "softmod" their xbox 360? Can they update the dashboard once the softmod is installed?
 

EmulateLife

Well-Known Member
Member
Joined
May 30, 2016
Messages
3,979
Trophies
0
Age
42
XP
1,889
Country
United States
So people on this old dashboard with a flashed dvd drive can "softmod" their xbox 360? Can they update the dashboard once the softmod is installed?

As like 3 people have already said there is no softmod. What lisreal was talking about was Xbox Live stuff that isn't signed. You don't need any mod for those particular items and a few games.
 

EmulateLife

Well-Known Member
Member
Joined
May 30, 2016
Messages
3,979
Trophies
0
Age
42
XP
1,889
Country
United States
Flash is a PITA because you have to burn discs and need a special burner to burn the discs, but you can play online.

If you don't care about playing online, RGH does everything else. Can play games from hard drive both full games and arcade games.

Unity has set up servers for rgh to play online but of course it's nothing like the amount of players on XBL, and not as many games are setup to work with it. But who knows how long Xbox Live will support the 360 anyway.
 
Last edited by EmulateLife,
D

Deleted-401606

Guest
As like 3 people have already said there is no softmod. What lisreal was talking about was Xbox Live stuff that isn't signed. You don't need any mod for those particular items and a few games.

I don't think you bothered to read the post I quoted at all. I never even quoted lisreal, I quoted aadz93. You should actually read what you are replying to before you imply that someone else is the idiot.
 

Deleted member 668561

GBAtemp Official Psychonaut
Banned
Joined
Jan 29, 2008
Messages
1,875
Trophies
0
Location
somewhere within 4 dimensional space-time
XP
2,654
Country
United States
So people on this old dashboard with a flashed dvd drive can "softmod" their xbox 360? Can they update the dashboard once the softmod is installed?

Technically speaking yes,, though we are talking about a very obsolete exploit, you'd need a xenon or a zephyr, that has not been updated since 7371 if you have a (keyword) jtaggable xenon or zephyr you can downgrade it with your cpu key to 4532 (at the cost of efuses), flash cfw to the DVD drive and do the king Kong exploit, all this does is eject your DVD drive (with king Kong) and you had to insert a specifically made (burned) cd/dvd, which is where you stored homebrew. You dont install the king Kong exploit you have to run king kong at every boot just to get homebrew running, there is no 1 click install exploit for the 360, no USB update, or USB jtag.
disc swapping and drag n drop exploits are old tricks of 2003 that isn't gonna work nowadays, it's 2019 and these companies have smelled the coffee, it's more about reverse engineering code and memory map and the hardware design


if you want homebrew the 360 will have to be jtaggable or you have to rgh, you will have to solder, you Will have to dissassemble the console, i like it because most people don't have the electronic skills to diy the install themselves (most people don't know how to use one outside of piracy anyway) , so they have to find a way to get someone who can or buy a premodded console



You technically can use the King kong to flash your nand and solder jtag wires, which was just jtagging without needing DB25 or jrprogrammer or a separate PC.

again the king kong Method is OBSOLETE, if the Xbox is this old, just jtag it as this is the improved and the replacement to the issues with the old king Kong method, with jtag you have unsigned execution at startup and instant boot you can instaboot directly into a rebooter and have 17526 dash with unsigned execution booting just as quick as it would stock without jtag , with the 360 the king Kong method you would always boot into the old 4532 blades (it's like cubic ninja but only works on two dashboard versions from 2006) have to boot king Kong everytime to boot homebrew, you could use a rebooter into a newer dash though I doubt you load any thing newer than 8955 and iirc it was using xbr , there is no point to use the king Kong method at all, you're going around your ass to get to your elbow if you're trying to attempt the king Kong method, jtag is the the succesor and the replacement and works on all phats that haven't been updated since 2008 (only zephyrs and xenons ran 4532 anyway)



To be clear king Kong, jtag, rgh all have your 360 boot on a 4532 kernel, they all utilize the same exploit in the hypervisor of this specific dashboard is running since it had a exploitable flaw in it's syscall handler, but achieve the exploit with different means.

The reason you cant downgrade is that how Microsoft designed the boot process of the 360 where it essentially builds its own chain of trust based on what the efuses tell it, they aren't complex, they literally just tell the console whether if it's a devkit or retail, counts what 2bl version is allowed (this is the second stage bootloader it is the first thing the 360 executes after it's internal bootloader on the cpu die (1bl), and counts how dashboard updates have been applied, which are applied after 2bl has executed (2bl loads and initializes the hypervisor and some system resources), they can update the dashboard fuse counter without updating the 2bl fuse counter, they encrypt your dashboard version with your cpu key which you can obtain, they encrypt your 2nd stage bootloader counter with their secret key locked in a safe in bumblefuck, somewhere, if you have this key then yes can then just flash the nand froma USB stick and have "custom firmware" since it would look no difference from a M$ official release..

The 360 was specifically designed against softmodding from the cpu silicon design up

Watch these videos, they lay out pretty much everything till before rgh, and literally every about how security actually works, I recommend watching this over modern vintage gamer (he isn't bad but his info is a bit mixed up and skips alot) which is straight from people who started the Homebrew scene for 360 and they better explain everything, 360 security is not something a 15 min vid is gonna cover efficiently


 
Last edited by Deleted member 668561,

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
    SylverReZ @ SylverReZ: @K3Nv2, Thought uremum joined the clubs.