Brute force attack Xbox 360 parental controls

brute-force-xbox-360-parental-controls

The Xbox 360 has the option of parental controls. It limits the rating of games which can be played on the system. [Oscar] didn’t really need to remove the lock-out. It was simply an interesting proof of concept for him. In the image above he’s holding up a Vinciduino board. It has an ATmega32u4 chip that can brute-force attack the Xbox 360 parental code (translated).

We’ve seen quite a few of these attacks lately. Like the recent iPad pin attack this uses the microcontroller to emulate a keyboard. As you can see in the video, [Oscar] first navigates the menu system to the unlock code screen, then plugs in his device.

The unlock screen calls for a four-digit numeric PIN. That’s a total of 10000 possible combinations. It looks pretty slow in the demo, but according to his calculations the worst case scenario would still break the code in less than seventeen hours. Apparently there’s no lock-out for the max number of wrong codes.

Comments

  1. david says:

    a simple nand dump and any program to read the 360’s nand will give you the reset code, also just call microsoft and give them the serial and they will give you the reset code to. but ignoring that its pretty impressive

  2. yep says:

    Sometimes I kinda like the hard way of accomplishing something better, especially if it makes a good project.

  3. Slurm McKenzie says:

    why should there be a lock-out for the max number of wrong codes ?
    it’s just a parental control, not protecting any vital data.
    if a kid tries to enter the code, and it locks, the parents are locked out too.
    and if there is a way to reset it, the kid will figure it out.

    besides, any kid that is able to bruteforce it’s way into the console with an arduino has proven itself worthy of unlimited access ;-)

  4. Pedro says:

    good old days. I remember when I was 9 my father used to lock my pc with a password. And he often changed it because once I discovered what it was.
    So I just installed a keylogger and always had access and he just gave up =)

  5. CyberScann says:

    can you smell an update coming soon to your xbox

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 96,376 other followers