Xbox Hacking

1
Xbox Hacking

• Eric L. Frederich
• COT 4810
• Sept 14 2004

2
Xbox Hacking

• Xbox Overview
• Xbox Hardware Hacking
• Legal Issues
• Software

3
Overview

• 733 MHz Celeron CPU
• Ethernet
• Sound
• Video
• USB
• 8 10 GB hard disk drive
• DVD Rom

4
(No Transcript)
5
Xbox Hardware Hacking
// key initialization routine unsigned char
K256 // 0xFFFFC80 in flash unsigned char
S256 // 0x10000 in SDRAM for( i 0 i lt 256
i ) Si i j 0 for( i 0 i lt 256
i ) // RC-4 would do j (j Ki Si)
256 j (j Ki Sj) 256 // swap
Si, Sj temp Si Si Sj Sj
temp // decryption routine unsigned char
cipherText16384 // 0xFFFFA000 in
FLASH unsigned char plainText16384 //
0x400000 in SDRAM for( index 0x400, i 0, k
0 index gt 0 index-- ) // xbox version t
(Xi cipherTextk) 256 plainTextk
t // swap( Si, St ) temp Si
Si St St temp i (i 1)
256 k

• Boot ROM
• Cipher
• Garbage

6
Xbox Hardware Hacking
Whats with this boot ROM ???

• Address and or data line scrambling
• Secondary crypto processor
• Boot code contained in the processor
• Expensive
• Changed from AMD to Intel at last moment
• Boot code contained in the chipset

7
Xbox Hardware Hacking
Whats with this boot ROM ???

• Extracting the ROM image
• Decrypting it ( RC-4 / 128 )
• Sliding window
• Histogram
• Symmetric Cipher
• Generate your own code

8
Xbox Hardware Hacking
Running your own code

• LPC Bus
• Manufacturing costs
• Development
• Modchips

9
Legal Issues

• Illegal
• Modified Microsoft BIOSs
• Binaries (built with illegal copies of XDK)
• Emulators
• Media Players
• Homemade games
• Legal
• Microsoft-free BIOSs
• Cromwell Linux
• XDK-free Binaries
• Gentoox Linux

10
(No Transcript)
11
(No Transcript)
12
Xbox Software Hacks

• Game save overflows
• Permanent overflows

http//www.xbox-linux.org/docs/007analysis.html
13
Xbox Links / References

• http//www.xbox-scene.com
• http//www.xbox-linux.org/
• http//www.xboxhacker.net
• http//www.modchipman.com
• Hacking the Xbox an introduction to reverse
  engineering
• Andrew bunnie Huang
• No Starch Press, Inc. San Francisco 2003