A Robust Guide To The Xbox 360 Glitch Hack

October 19, 2024 by Lewin Day 16 Comments

The Xbox 360 was a difficult console to jailbreak. Microsoft didn’t want anyone running unsigned code, and darn if they didn’t make it difficult to do so. However, some nifty out of the box thinking and tricky techniques cracked it open like a coconut with a crack in it. For the low down, [15432] has a great in-depth article on how it was achieved. The article is in Russian, so you’ll want to be armed with Google Translate for this one.

The article gets right into the juice of how glitch attacks work—in general, and with regards to the Xbox 360. In the specific case of the console, it was all down to the processor’s RESET line. Flicker it quickly enough, and the processor doesn’t actually reset, but nonetheless its behavior changes. If you time the glitch right, you can get the processor to continue running through the bootloader’s instructions even if a hash check instruction failed. Of course, timing it right was hard, so it helps to temporarily slow down the processor.

From there, the article continues to explore the many and varied ways this hack played out against Microsoft’s copy protection across multiple models and revisions of the Xbox 360. The bit with the BGA ball connections is particularly inspired. [15432] also goes even deeper into a look at how the battle around the Xb0x 360’s DVD-ROM drive got heated.

We seldom talk about the Xbox 360 these days, but they used to grace these pages on the regular. Video after the break.

Continue reading “A Robust Guide To The Xbox 360 Glitch Hack” →

Hackaday Hacked!

October 19, 2024 by Elliot Williams 206 Comments

Well, that was “fun”. Last week, we wrote a newsletter post about the state of Hackaday’s comments. We get good ones and bad ones, and almost all the time, we leave you all up to your own devices. But every once in a while, it’s good to remind people to be nice to our fellow hackers who get featured here, because after all they are the people doing the work that gives us something to read and write about. The whole point of the comment section is for you all to help them, or other Hackaday readers who want to follow in their footsteps.

Someone decided to let loose a comment-reporting attack. It works like this: you hit the “report comment” button on a given comment multiple times from multiple different IP addresses, and our system sends the comments back to moderation until a human editor can re-approve them. Given the context of an article about moderation, most everyone whose comment disappeared thought that we were behind it. When more than 300 comments were suddenly sitting in the moderation queue, our weekend editors figured something was up and started un-flagging comments as fast as they could. Order was eventually restored, but it was ugly for a while.

We’ve had these attacks before, but probably only a handful of times over the last ten years, and there’s basically nothing we can do to prevent them that won’t also prevent you all from flagging honestly abusive or spammy comments. (For which, thanks! It helps keep Hackaday’s comments clean.) Why doesn’t it happen all the time? Most of you all are just good people. Thanks for that, too!

But despite the interruption, we got a good discussion started about how to make a comment section thrive. A valid critique of our current system that was particularly evident during the hack is that the reported comment mechanism is entirely opaque. A “your comment is being moderated” placeholder would be a lot nicer than simply having the comment disappear. We’ll have to look into that.

You were basically divided down the middle about whether an upvote/downvote system like on Reddit or Slashdot would serve us well. Those tend to push more constructive comments up to the top, but they also create a popularity contest that can become its own mini-game, and that’s not necessarily always a good thing. Everyone seemed pretty convinced that our continuing to allow anonymous comments is the right choice, and we think it is simply because it removes a registration burden when someone new wants to write something insightful.

What else? If you could re-design the Hackaday comment section from scratch, what would you do? Or better yet, do you have any examples of similar (tech) communities that are particularly well run? How do they do it?

We spend our time either writing and searching for cool hacks, or moderating, and you can guess which we’d rather. At the end of the day, our comments are made up of Hackaday readers. So thanks to all of you who have, over the last week, thought twice and kept it nice.

Hack All The Things, Get All The Schematics

July 8, 2024 by Arya Voronova 32 Comments

When I was growing up, about 4 or 5 years old, I had an unorthodox favourite type of reading material: service manuals for my dad’s audio equipment. This got to the point that I kept asking my parents for more service manuals, and it became a running joke in our family for a bit. Since then, I’ve spent time repairing tech and laptops in particular as a way of earning money, hanging out at a flea market in the tech section, then spending tons of time at our hackerspace. Nowadays, I’m active in online hacker groups, and I have built series of projects closely interlinked with modern-day consumer-facing tech.

Twenty three years later, is it a wonder I have a soft spot in my heart for schematics? You might not realize this if you’re only upcoming in the hardware hacking scene, but device schematics, whichever way you get them, are a goldmine of information you can use to supercharge your projects, whether you’re hacking on the schematic-ed device itself or not. What’s funny is, not every company wants their schematics to be published, but it’s ultimately helpful for the company in question, anyway.

If you think it’s just about repair – it’s that, sure, but there’s also a number of other things you might’ve never imagined you can do. Still, repair is the most popular one.
Continue reading “Hack All The Things, Get All The Schematics” →

Human-Interfacing Devices: HID Over I2C

April 17, 2024 by Arya Voronova 16 Comments

In the previous two HID articles, we talked about stealing HID descriptors, learned about a number of cool tools you can use for HID hacking on Linux, and created a touchscreen device. This time, let’s talk about an underappreciated HID standard, but one that you might be using right now as you’re reading this article – I2C-HID, or HID over I2C.

HID as a protocol can be tunneled over many different channels. If you’ve used a Bluetooth keyboard, for instance, you’ve used tunneled HID. For about ten years now, I2C-HID has been heavily present in laptop space, it was initially used in touchpads, later in touchscreens, and now also in sensor hubs. Yes, you can expose sensor data over HID, and if you have a clamshell (foldable) laptop, that’s how the rotation-determining accelerometer exposes its data to your OS.

This capacitive touchscreen controller is not I2C-HID, even though it is I2C. By [Raymond Spekking], CC-BY-SA 4.0

Not every I2C-connected input device is I2C-HID. For instance, if you’ve seen older tablets with I2C-connected touchscreens, don’t get your hopes up, as they likely don’t use HID – it’s just a complex-ish I2C device, with enough proprietary registers and commands to drive you crazy even if your logic analysis skills are on point. I2C-HID is nowhere near that, and it’s also way better than PS/2 we used before – an x86-only interface with limited capabilities, already almost extinct from even x86 boards, and further threatened in this increasingly RISCy world. I2C-HID is low-power, especially compared to USB, as capable as HID goes, compatible with existing HID software, and ubiquitous enough that you surely already have an I2C port available on your SBC.

In modern world of input devices, I2C-HID is spreading, and the coolest thing is that it’s standardized. The standardization means a lot of great things for us hackers. For one, unlike all of those I2C touchscreen controllers, HID-I2C devices are easier to reuse; as much as information on them might be lacking at the moment, that’s what we’re combating right now as we speak! If you are using a recent laptop, the touchpad is most likely I2C-HID. Today, let’s take a look at converting one of those touchpads to USB HID.

A Hackable Platform

Continue reading “Human-Interfacing Devices: HID Over I2C” →

2022 Hackaday Supercon: Joe [Kingpin] Grand Keynote And Workshops Galore

October 25, 2022 by Elliot Williams 5 Comments

It’s our great pleasure to announce that Joe [Kingpin] Grand is going to be our keynote speaker at the 2022 Supercon!

If you don’t know Joe, he’s a hacker’s hacker. He’s behind the earliest DEFCON electronic badges, to which we can trace our modern #badgelife creative culture. He was at the l0pht when it became the most publicly visible hackerspace in the USA, at the dawn of what we now think of as cybersecurity. And moreover, he’s a tireless teacher of the art of hardware hacking.

Joe’s talk at DEFCON 22 about reverse engineering PCBs on a hacker budget is on our top-10 must watch playlist, and his JTAGulator debug-port enumeration device has been present at the start of countless hacking sessions. But again, it’s his enthusiasm for creating, his inspiring “what if I poke at this thing this way?” attitude, and overwhelming hacker spirit that make Joe a long-overdue speaker at Supercon! Continue reading “2022 Hackaday Supercon: Joe [Kingpin] Grand Keynote And Workshops Galore” →

Ask Hackaday: What Was Your First Electronics Win?

August 1, 2022 by Dan Maloney 74 Comments

Back in high school, I joined the stage crew — because of course I did. As student theater groups go, it was pretty active, and with two shows to produce each year, there was always a lot of work to do. I gravitated to the lighting crew, which was a natural fit for me. Besides the electrical part of the job, there was also a lot of monkeying around on scaffolding and rickety ladders to hang the lights, which was great fun for the young and immortal. Plus there was the lighting console to run during performances, a job I eventually took over for my last two years.

Unfortunately, the lighting system was a bit pathetic. The console was mounted in the stage right wings, rather than out in the front of the house where a sensible person would put it. And despite being only about ten years old, the dimmers were already starting to fail. The board had about 20 channels, but you could always count on one of the channels failing, sometimes during a show, requiring some heroics to repatch the lights into one of the dimmers we always left as a spare, just for the purpose.

Continue reading “Ask Hackaday: What Was Your First Electronics Win?” →

Research: It’s Like Cheating, But Fair

April 23, 2022 by Elliot Williams 53 Comments

My niece’s two favorite classes in high school this year are “Intro to AI” and “Ethical Hacking”. (She goes to a much cooler high school than I did!) In “Hacking”, she had an assignment to figure out some bug in some body of code. She was staring and staring, figuring and figuring. She went to her teacher and said she couldn’t figure it out, and he asked her if she’d tried to search for the right keywords on the Internet.

My niece responded “this is homework, and that’d be cheating”, a line she surely must have learned in her previous not-so-cool high school. When the teacher responded with “but doing research is how you learn to do stuff”, my niece was hooked. The class wasn’t abstract or academic any more; it became real. No arbitrary rules. Game on!

But I know how she feels. Whether it’s stubborn independence, or a feeling that I’m cheating, I sometimes don’t do my research first. But attend any hacker talk, where they talk about how they broke some obscure system or pulled off an epic trick. What is the first step? “I looked all over the Internet for the datasheet.” (Video) “I found the SDK and that made it possible.” (Video) “Would you believe this protocol is already documented?” In any serious hack, there’s always ample room for your creativity and curiosity later on. If others have laid the groundwork for you, get on it.

If you have trouble overcoming your pride, or NIH syndrome, or whatever, bear this in mind: the reason we share information with other hackers is to give them a leg up. Whoever documented that protocol did it to help you. Not only is there no shame in cribbing from them, you’re essentially morally obliged to do so. And to say thanks along the way!