Hello World Xbox 360!

[BrooksyX]

Following Xbox360 Hypervisor Vulnerability released on Tuesday, Crawler360 just released the first Xbox 360 homebrew app (non XNA). It uses the shader hack found in King Kong and requires kernel 4532 or 4548. This will not work on newer kernel versions and downgrading is no longer possible due to the effuse being blown in the latest kernel update. The source file must be compiled before use, read the readme file for directions.

The readme file

Xbox 360 Hypervisor/King Kong Exploit
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Thanks to Anonymous Hacker's great work, I' m now able to publish my own
little implementation of the exploit.

I've used the full version of the King Kong game, as it has been shown to
work by these anonymous people at 22C3, and it was the first one I found
with editable shaders. Most games have these - KK was just the first one
I've checked.

So you need a KK full (USA or PAL doesn't matter, they are the same) DVD
image (including video partition), and obviously a hacked drive firmware.
You could also try hotswapping from your (hopefully existing!) KK original
to the modified copy. Then you could go with a stock firmware.

Why not using the KK demo? It would work the same (though the shader file
format is different), but requires a firmware hack too, as the possibility
to run it from DVD-R was blacklisted in a very early kernel already, which
doesn't have the vulnerability.

So, how does the hack work? Basically, the bugtraq post
(http://www.securityfocus.com/archive/1/461489 in case you haven't read it
yet) explains it all. All I did was to convert the series of memory writes
into a shader, and writing a small serial loader stub.

You need to connect the serial port to use this hack. Ready Speedy22's
fine "Xbox 360 Motherboards and Headers" documentation, it's on J2B1.

NOTE: It's LVTTL. Do not even think about connecting to an RS232 port
directly.
RS232 is +-12V, LVTTL is 3V. Think about what's happening when you connect
your 110V equipment to 220V. You don't want to happen that on your
southbridge.

For example, use a MAX3232, or just use any of these USB serial port
adapters which already output 3.3V.

Speed is hardcoded to 115200/8N1.

To modify your existing game image, start the "patcher" tool. It will patch
your game image to include the loader. It is a bit lame, but works. The
tool will also remove the three startup videos for a faster boot.

When you launch the modified game, it will directly go to the main screen.
Press start on a controller. It should display "LOADING", and then freeze
while displaying "Acessing Content". If it doesn't freeze, you don't have
the correct kernel version (4532 or 4548, but only 4532 was tested). See
below on how to update.

Now, the serial loader gets active. You should see a "Xe>" on the serial
port. Now, upload your binary code (just as a binary blob). To terminate
your upload, send 16x 'x'. It will be loaded to 0x01300000, and executed.

Be warned, only CPU #0 is trapped. The other threads/cores are still
happily executing, so you need to catch them.

"Hello, world!"
===============

Use the source, luke!

compile with
powerpc64-linux-gcc hello.S -o hello.o -Ttext=0x1300000 -nostdlib
objcopy -O binary hello.o hello.bin

HOWTO UPDATE (to the correct kernel)
============

To clarify things again:

If you have 4552, you are screwed. Sorry.
If you have 4532 or 4548, it has to work. If it doesn' t work, something
else is wrong, but please don't try to update.
If you have pre-4532:

Grab http://assets.xbox.com/en-us/hardwar...VD_10-2006.zip
(check MD5SUM first: microsoft could have changed this file!
the correct md5 is cd4db8e2c94266ab73513c361dd5b8f6)

Burn it to a CD, and start it. It will update your console to 4532.

- crawler360

Source

Download via comments

[Darksaviour69]

sweet!

[mnuhaily22]

Awesome!!!

[Zion]

this is sweet but i really dont want to open my 360 and hack the firmware for it

[gdf]

what exactly will this allow you to do?

[BrooksyX]

This isn't really usefull to the common Xbox 360 like most of us here. But it is really great news, its the first step to great xbox 360 homebrew and emulators (dreamcast, ps2, and gamecube please!). So i think to use homebrew it will be required to have some kind of modchip. Hopefully in the next few weeks there will be a big breakthrough allowing all xbox 360 versions.

[Zion]

This isn't really usefull to the common Xbox 360 like most of us here. But it is really great news, its the first step to great xbox 360 homebrew and emulators (dreamcast, ps2, and gamecube please!). So i think to use homebrew it will be required to have some kind of modchip. Hopefully in the next few weeks there will be a big breakthrough allowing all xbox 360 versions.

i would prefer if they did that but you needed no game to use homebrew and NOT need to have a hacked dvd drive

[BrooksyX]

You don't have to have a hacked dvd drive. It is possible to do some kind of swap trick where you switch a retail king kong with a burnt king kong that has the hacked files. But you also have to understand that this is proof of concept and a more polished version will come out pretty soon, probably like a dashboard replacement or something.

[Lebow]

if i downgrade can i still use xbox live?

[BrooksyX]

You can't downgrade M$ made it impossible in the latest kenrel update. They physicaly damaged part of the cpu that the new kernel no longer uses.