Brute force attack Xbox 360 parental controls

brute-force-xbox-360-parental-controls

The Xbox 360 has the option of parental controls. It limits the rating of games which can be played on the system. [Oscar] didn’t really need to remove the lock-out. It was simply an interesting proof of concept for him. In the image above he’s holding up a Vinciduino board. It has an ATmega32u4 chip that can brute-force attack the Xbox 360 parental code (translated).

We’ve seen quite a few of these attacks lately. Like the recent iPad pin attack this uses the microcontroller to emulate a keyboard. As you can see in the video, [Oscar] first navigates the menu system to the unlock code screen, then plugs in his device.

The unlock screen calls for a four-digit numeric PIN. That’s a total of 10000 possible combinations. It looks pretty slow in the demo, but according to his calculations the worst case scenario would still break the code in less than seventeen hours. Apparently there’s no lock-out for the max number of wrong codes.

[Read more...]

The thinnest Xbox laptop yet

box

With every generation of consoles, there comes a time when the price of a new box is cheap enough, and used machines are plentiful enough, that console hackers pull out all the stops before the next generation arrives. For the Xbox 360, that time is now, and with no PS1-like hardware revision on the horizon, it looks like [jhax01]‘s custom Xbox 360 laptop might be the smallest Xbox casemod we’ll see for a very long time.

[jhax01] was inspired by the work of [Yung Jeezus] and [AllYourXboxNeeds]‘ YouTube channels and decided to craft his own custom enclosure for an Xbox 360 slim. The case was made out of aluminum plate cut with a simple angle grinder and bent on a cheap 18″ Harbor Freight brake. Despite these extremely simple tools, [jhax01] managed to fabricate a case that’s right up there with the masters of Xbox laptop craftsmanship.

The CD drive was ditched along with plans for a second hard drive. The display’s enclosure and hinge comes from an ASUS Zenbook, hence this project’s eponym, the ZenBox. The panel from the display was discarded and replaced with one that would work with the LVDS converter [jhax] found, giving the laptop a resolution of 1366×768.

It’s an amazing piece of craftsmanship, and an impressively thin gaming console to boot. Throw in a battery, and we’d be more than happy to carry this one around with us.

“Hacking the Xbox” Released for Free in Honor of [Aaron Swartz]

Hacking the Xbox Cover

[Bunnie], the hardware hacker who first hacked into the original Xbox while at MIT, is releasing his book on the subject for free. The book was originally released in 2003, and delves into both the technical and legal aspects of hacking into the console.

The book is being released along with an open letter from [Bunnie]. He discusses the issues he faced with MIT legal and copyright law when working on the project, and explains that the book is being released to honor [Aaron Swartz]. [Swartz] committed suicide in January following aggressive prosecution by the US government.

The book is a great read on practical applications of hardware hacking. It starts off with simple hacks: installing a blue LED, building a USB adapter for the device’s controller ports, and replacing the power supply. The rest of the book goes over how the security on the device was compromised, and the legal implications of pulling off the hack.

[Bunnie]‘s open letter is worth a read, it explains the legal bullying that hackers deal with from a first hand prospective. The book itself is a fantastic primer on hardware hacking, and with this release anyone who hasn’t read it should grab the free PDF.

Traffic lights tell you when your Xbox Live friends are gaming

It sounds like [Andrew] is trying to build a Pavlovian response into his behavior when it comes to online gaming. He wants to make sure he doesn’t miss out when all his friends are online, so he built this traffic signal to monitor Xbox Live activity. It will illuminate the lights, and drive the meters differently based on which of his friends are currently online. When the light’s green, he drops everything a grabs a controller.

The base of the light is a black project box. Inside you’ll find the Arduino compatible chip which drives the device mounted on a piece of protoboard. A WIZnet W5100 adds network connectivity at the low price of around $25. There is one problem with the setup. The API which [Andrew] found doesn’t use any authentication. This means that he can only see the public status of his friends; anyone who has set their online status set to private will always register as ‘online’. If you know of an existing Xbox Live API that would solve this issue we’d love to hear from you in the comments.

Building an autonomous robot from an Xbox 360 controller

Wow, it’s amazing what [Carl] was able to build using an Xbox 360 control PCB as the base for his robot. His forum posts just touches the surface of the build, but he linked to a PDF file which has the full details.

This build basically attaches sensors and replacement motors to the controller board… and that is it! Some distance sensors are connected to the analog inputs for the left and right trigger. The whiskers use a couple of leaf switches soldered to controller button pads. The motors are geared replacements that use the same connectors as the rumble motors did.

The idea is that the controller is connected to a PC via the wireless radio it has on the PCB. Once the connection is made the PC software can read from all of the sensors and drive the motors accordingly. It would also be really easy to use a single-board solution like the RPi to do away with the need for a remote PC. But this is a fantastic start, and an approach which we had never before considered. See some video of the little guy getting around the room after the break.

[Read more...]

Bricking a Seagate drive while trying to make it work in an Xbox 360

If you’re looking to replace the hard drive in your Xbox 360 without just buying an official unit, you may be out of luck. There is a tool which will let you do it if you are using aWestern Digital drive as the replacement. But if your new drive is a Seagate this tool will not work. [Darth Circuit] set out to make his Seagate work in the Xbox 360, but his manual changes ended up bricking the drive because of just one little error.

The tool that does this with WD drives is called HddHackr. [Darth] started his quest by finding out what the program actually does. In order to stand in for the original drive the new one must have the same model number, serial number, LBA, and firmware revision. Once these values are changed in a binary file it is written to the drive at a specific location. He changed these values on the drive itself, and got pretty far. That is until he tried a new command which ended up locking him out of the drive. Right now it’s pretty much a brick but we hope someone can pick up where he left off and turn this work into something useful for others. Good luck!

Encrypted drive attack hints at original Xbox hacking

[Thice] discovered a vulnerability in encrypted portable storage a few years ago. He’s just pointing about the exploit now. He mentions that he notified manufacturers long ago and we’d guess the wait to publish is to give them a chance to patch the exploit.

He calls it the Plug-Over Attack and for those who were involved with original Xbox hacking, this technique will sound very familiar. The Xbox used hard drive keys to lock the device when not in use. When you booted up the console it checked the hardware signature to make sure it was talking to the right motherboard. But if you booted up the device, then swapped the IDE cable over to a computer without cutting the power you could access the drive without having the password.

This attack is pretty much the same thing. Plug in a drive, unlock it on the victim system the normal way, then replug into the attacking system. In the image above you can see that a USB hub will work for this, but you can also use a hacked USB cable that patches a second jack into the power rail. For some reason the encryption system isn’t able to lock itself when the USB enumerates on the new system, only when power is cycled. Some of them have a timer which watches for drive idle but that still doesn’t protect from this exploit.

Follow

Get every new post delivered to your Inbox.

Join 91,896 other followers