Run Unsigned Code On Any Xbox

A ton of people sent in the latest development on the Xbox homebrew front. A console hacker that goes by the name of [GliGli] released a new exploit that boots any Xbox into a Linux loader.

The hack requires some hardware – in this case an Xilinx CLPD. The hack works by sending a tiny reset pulse (no word on what ‘tiny’ means) that glitches the hardware and gets around the hash checks during boot. If that’s not technical enough for you, check out the readme on the project’s github.

This isn’t a silver bullet to cracking Xboxen wide open. The glitch only has about a 25% chance of success for each boot. The glitch also take a few minutes to boot into unsigned code. This being said, the hack works on all 360s, including the slim models that can’t be opened up with the JTAG method.

Check out the demo of one of the beta testers demonstrating the exploit after the break. Again, thanks to everyone for sending this one in.

[youtube=http://www.youtube.com/watch?v=JyYdL4L6vwE&w=470]

30 thoughts on “Run Unsigned Code On Any Xbox

  1. To get execution they have to setup a page with encryption+no-execute+cache-hashing disabled, this means modifying calls to HV which is the only thing that can modify page tables.

    x360 is far more complex to hack than ps3, psp, apple stuff, wii etc. PS3 is only hardware isolation and crypto on actual binaries.

  2. The 25% boot success isn’t entirely correct.

    The exploit takes roughly 4 attempts to execute – and is all done within a single boot.

    Each attempt takes roughly ~4 seconds. Meaning a 16 second timer from boot to exploit.

    This is the silver bullet you have been waiting for.

    The only boxes this will not work with is xenon (launch models) as it requires the HANA (HDMI) chip.

  3. Yes but if the encryption does not line up exactly with the start of a page table then the HV will throw a protected mode exception, so the Xilinx must really be working overtime to compensate for the instability in the LV stream.

    Anyway the Apple stuff is much cooler, so I think it is worth the extra?

  4. I don’t know VHD (I only use verilog) but I think this is pretty self explainatory, the clpd runs at 48Mhz.

    The pulse lasts 48000 counts at a 48Mhz: 48 000 / 48 000 000 = 0.001 so the tiny pulse is 1ms by my calculations.

    constant WIDTH_RESET_END : integer := 5;
    constant WIDTH_BYPASS_END : integer := 48000;

    constant TIME_RESET_START : integer := WIDTH_RESET_START;
    constant TIME_RESET_END : integer := TIME_RESET_START+WIDTH_RESET_END;

    if (cnt >= TIME_RESET_START) and (cnt < TIME_RESET_END) then
    CPU_RESET = TIME_RESET_END) and (cnt < TIME_BYPASS_END) then
    CPU_RESET <= '1';

  5. They brute the RC4 xor stream to encrypt to NAND without knowing the seed or key.. They use old fat dumps to get the data for their checks.

    They also use HV to do their own pages, basically the old method.

  6. Well i guess microsoft will put up an update, try to arrest an/or sue the maker along with slapping him with a gag order, then the next thing you know the xbox online service will be down for about a month.

      1. These people were also smarter, seriously, who uses their real name to publish tools that obviously infringe IPs and EULAs?

        I guess geohot though he was the only person who knew about RCE..now he got hushmouth and sits in some cubicle making 5 figures at facebook like most devs..

    1. Not sure if your comment is tongue in cheek, but according to those in the know, you cannot patch something like this. It was different with the existing SMC exploit as it was using a hole in the CB loader, which MS patched and then blew the e-fuse to stop you from downgrading it to a previous version.

  7. Come on guys let us not bate over consoles, instead let us masturbate to the potential of this new hack/mod. GliGli thank you for your work. Now if only I could find more specific information on where to obtain these parts. For example Xilinx board he mentions there are 3-4 sub-versions of that will they all work? The manufacturer does not mention the difference without looking at the data sheet. Admittedly I only paid attention to the hardware section because I am trying to calculate the cost and find out how to obtain the parts. Any help would be appreciated.

  8. According to the readme, a “tiny” pulse is about 100ns (20 nS on the slim).

    It doesn’t seem as if a CPLD is actually necessary, you could probably get a uC to do this (maybe with a little hardware). All it has to do is wait for a 520kHz clock speed and monitor bus signals, then make a 100nS pulse. Maybe once they nail this down, they might be able to get it running on something cheaper.

  9. This reminds me of unlooping the old P4 cards back in the DirecTV programmind days. Voltage is pulsed at the card until it bypasses the key check, and allows you to rewrite the EEPROM.

  10. Even older, back in the days when consoles used cartridges, there were some games (eg Zelda) that could be hacked by lifting one edge of the cartridge at a particular time. Manual glitching.

    1. Meh, youngsters… I used to hit my power switch on and off to get cool new modes in Space Invaders!

      Seriously though, power and reset glitches are very old tricks. They’ve probably been around since the 4004 was invented by Intel’s engineers.

      The timing of this exploit’s release is very painful for Microsoft since the XBox 360 is at a point where the redesigned circuits they’ll release as a fix will have little impact. The 3rd XBox should be out before 2013? Either way, expect an invisible fix in the form of revised silicon die from the IC fabs that fits on the same board traces. This sounds like the kind of glitch that a brownout/surge detection could stop dead in it’s tracks. At the least, they could disable video when the glitch is detected. No point in playing games with no video! ;D

  11. This reminds me of something that is suppose to give the impression that I know stuff..har har har

    All it takes is a new efuse config/hash and a updated CB, or CB_A for the slim. If they can’t brute the XOR of the RC4 used on the NAND they have no hack.

    You still can’t leverage piracy with this because of signing. They can’t load second stage loader and HV.

  12. You have to be talking about period 3 cams Dtv, the ones that had the football player on them. That was the best era for sat testing. I wish there was some use for those old cards they werw somfun to work on.

  13. You’d think something this huge would have got a lot more attention. I guess that many people have already ‘googled’ “Xbox 360 softmod” and moved on with their lives and the rest scrounged on ebay for a JTAG compatible box.

    Until this is worked out, I’ll keep playing my original Xbox.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.