Hacking Xbox One OS system files retrieved

[Deleted User]

This has been possible from day one with the Developer Mode. Anyone can do it on both retail and Dev Mode. It's most definitely real. I may have to update the wiki but we did show and demonstrate how to do it:

https://xosft.dev/wiki/setup-dev-mode/

Read the bottom.

Also to answer this specific question: the main operating system files that are interesting are outside the system apps are more so system services, libraries and drivers.

They are not encrypted when they are mounted and accessed at runtime. This can depend on your application and user privileges and also depending on what flags the target Xbox Virtual Drive is given.

 

[hullpop]

How Do you run it do you have to run it on dev mode?

 

[MeAndHax]

This has been possible from day one with the Developer Mode. Anyone can do it on both retail and Dev Mode. It's most definitely real. I may have to update the wiki but we did show and demonstrate how to do it:

https://xosft.dev/wiki/setup-dev-mode/

Read the bottom.

Also to answer this specific question: the main operating system files that are interesting are outside the system apps are more so system services, libraries and drivers.

They are not encrypted when they are mounted and accessed at runtime. This can depend on your application and user privileges and also depending on what flags the target Xbox Virtual Drive is given.

Can you replace them with other files tho? Probably not, right?

 

[Deleted User]

Can you replace them with other files tho? Probably not, right?

No, any executable or any data located on a read-only mounted XVD cannot be tampered. Only temporary data. This can't be bypassed normally and would, as usual, require a much more lower-level exploit.

 

[hullpop]

No, any executable or any data located on a read-only mounted XVD cannot be tampered. Only temporary data. This can't be bypassed normally and would, as usual, require a much more lower-level exploit.

Do you know any exploits that can bypass a read only mounted partition and make it a writable partition?

 

[Deleted User]

Do you know any exploits that can bypass a read only mounted partition and make it a writable partition?

It's not possible. There's a "bug" within Developer Mode to trick Windows to mount another disk on the same volume but ultimately, there's nothing. Again, without any low-level exploit you can't.

 

[hullpop]

It's not possible. There's a "bug" within Developer Mode to trick Windows to mount another disk on the same volume but ultimately, there's nothing. Again, without any low-level exploit you can't.

Have you looked tho any of the files yet maybe you can find something wait does this mean dev mode is not sandbox?

 

[hullpop]

It's not possible. There's a "bug" within Developer Mode to trick Windows to mount another disk on the same volume but ultimately, there's nothing. Again, without any low-level exploit you can't.

and one more thing there maybe a vulnerability in the hardware that might allow you to flash files but I think that is unlikely especially if it's unsigned code.

 

[Deleted User]

Have you looked tho any of the files yet maybe you can find something wait does this mean dev mode is not sandbox?

I've been reversing a lot of the OS when I can and sometimes I might come across a couple minor exploits but it's difficult to pull off in retail scenarios. Also, Developer Mode is essentially sandboxed. While it can use the same host, system and game OS XVD's, they use a separate set of other XVD's for storing other temporary data. Sure, it's a little bit more open but it also has certain limited capabilities - even more so limited in retail except certain scenarios.

and one more thing there maybe a vulnerability in the hardware that might allow you to flash files but I think that is unlikely especially if it's unsigned code.

You can modify your flash but there are certain critical, encrypted and signed data such as: host.xvd, system,xvd, boot.bin and more. Some files are readable and some are not.

 

[hullpop]

I've been reversing a lot of the OS when I can and sometimes I might come across a couple minor exploits but it's difficult to pull off in retail scenarios. Also, Developer Mode is essentially sandboxed. While it can use the same host, system and game OS XVD's, they use a separate set of other XVD's for storing other temporary data. Sure, it's a little bit more open but it also has certain limited capabilities - even more so limited in retail except certain scenarios.


You can modify your flash but there are certain critical, encrypted and signed data such as: host.xvd, system,xvd, boot.bin and more. Some files are readable and some are not.

Try to find a buffer overflow exploit best case scenario in my opinion.

--------------------- MERGED ---------------------------

I've been reversing a lot of the OS when I can and sometimes I might come across a couple minor exploits but it's difficult to pull off in retail scenarios. Also, Developer Mode is essentially sandboxed. While it can use the same host, system and game OS XVD's, they use a separate set of other XVD's for storing other temporary data. Sure, it's a little bit more open but it also has certain limited capabilities - even more so limited in retail except certain scenarios.


You can modify your flash but there are certain critical, encrypted and signed data such as: host.xvd, system,xvd, boot.bin and more. Some files are readable and some are not.

Maybe you can dump the hypervisor sorry if I don't know what I'm talking about but I'm only use to the ps3 system I was one of the first ones to flash a patched nand to my ps3 system.

Is the kernel readable?

 

[Deleted User]

Try to find a buffer overflow exploit best case scenario in my opinion.

It's not quite as simple. Even with execution in System OS, you now have to find another exploit in Host. Even then, it becomes more diluted.

 

[rommy667]

Looks like the old onesise is going to make it through the 8th gen unblemished well done M$ but id sure still love to brew the dam thing.

 

[trav57]

so im trying to get my xbox working again, and if you still have these files can you upload them again?
links are dead, sorry for necro post