Print 31 comment(s) - last by Yames.. on Mar 23 at 3:22 PM

An opened XBOX 360 plays a 1:1 copy of PGR3

Boot screen from the copied game
For those that are still skeptical

Well now it is pretty much official for everyone that either didn't want to believe or those that needed to see it to believe it.  A video of a the Xbox 360 firmware hack announced a few days ago surfaced earlier today with the following message (emphasis ours):

(Months of hard work have come to an end. The 360 FW security details were posted a few days ago already, so why not make it Official It's been done.

Respect to all the people on this board who made it possible with their brilliant contributions:
Just for fun, here's a little video: And no, the team decided not to release a hacked FW. The security details are proof itself. The team advocates hacking, not piracy.)

TheSpecialist and his team was able modify the DVD player firmware. Once the firmware was modified the hackers removed or modified the software that detects the type of media used in the player from the disc's XEX file.  Normally, if the drive reads the type of media as a "dvd+r" or "dvd-r," the media will not boot -- only media with the "dvdxbox" or "dvdxbox360" are supposed to boot.  A user on the Maxconsole forums (Arakon) close to the source has stated that this hack does not circumvent region protection and only 1:1 copies of games of the same region will work.

The team insists they will not release the hacked firmware as not to advocate piracy.  TheSpecialist has a bit of a professional reputation in the Xbox scene, which also gives him some credibility to the legitimacy of this hack. 

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

More Evidence
By TomZ on 3/19/2006 10:26:50 AM , Rating: 2
Wow, more evidence for the FBI to prosecute these guys under the DMCA. Wonder if they live in the US?

RE: More Evidence
By saratoga on 3/19/2006 5:40:57 PM , Rating: 3
AFAIK the DMCA only applies if they distribute the hack. As long as hes just sitting in his living room LOLing at MS and tossing DVD-Rs in his Xbox, I think hes OK.

RE: More Evidence
By Xenoterranos on 3/19/2006 7:28:33 PM , Rating: 2
LOL ~~~~~> MS

RE: More Evidence
By johnsonx on 3/20/2006 2:03:56 PM , Rating: 2
Actually I think the act of circumventing the protection is itself a violation according to the DMCA, nevermind what is done after that.
I could be wrong of course!

RE: More Evidence
By Yames on 3/23/2006 3:22:24 PM , Rating: 2
Yep, Just attempting to hack it is a crime. Hell just trying to see what encrpytion is in place could land your tail in jail.

That video is NOT proof
By mb on 3/19/2006 11:35:49 AM , Rating: 2
I don't know who TheSpecialist is or care how much credibility he has among his peers, but as I said in the AT forums, that video is not valid proof.
There easily could have been an xbox360 hooked up to the back of the TV. Hell, you could hook a PSone to the front of the TV and a xbox360 to the back of the TV. Place a DVD labed "xxxxx360 game" in the PSone and turn it on. Show it spinning. Now show it on the tv. Hide the fact that the video is really coming from the back of the TV from a real xbox360 with a retail copy of the game.
Much like the WinXP on a IntelMac situation, I refuse to believe this video is concrete proof until it can be duplicated. It looks valid, but with how easy it would be to fake it, I am skeptical.

RE: That video is NOT proof
By mb on 3/19/2006 12:00:20 PM , Rating: 2
I just watched his 100mb original video. If in fact the 360 will not spin a copied game like that without being hacked, then it certainly appears more credible. It also sounds like the machine is properly reading the copied disc.
So, either TheSpecialist is excellent at making spoof videos, or he did indeed hack the 360. Kudos either way, because the original video would have to be one hell of a fake!

RE: That video is NOT proof
By obeseotron on 3/19/2006 2:13:36 PM , Rating: 2
Any disc should spin, unless the the 360 has telekenesis drm. How else would an uncracked 360 determine whether a disc was signed before spinning (reading) something from it. For those unsure of what this does, it allows them to modify the firmware, which is what every modchip in existence does. A modchip is nothing more than firmware that supercedes the firmware on the motherboard, with a modified bios copy protection can basically be broken. This has happened on every system in the last 10 years, it has happened for the 360 now. nothing too hard to accept there, even microsoft said of course the 360 will be cracked, it will just be hard and they'll keep it out of the hands of casual users.

And before you compare it to the XP on Mac thing, realize that the xp on mac thing has been published publicly and confirmed by others. That one isn't a violation of the DMCA, no copy protection was circumvented, no laws were broken (provided that is a legal copy of XP he used). The Mac thing just overcomes technical (not drm) issues.

RE: That video is NOT proof
By mb on 3/19/2006 3:07:20 PM , Rating: 2
Any disc should spin, unless the the 360 has telekenesis drm.
It will spin to read it, but if it's a copy, will it continue to spin/read it, or will it reject it? I know if you put a copied game in an unmodded PS2, it will spin/read it, but once it identifies it as a copy, it will stop. In this video, the 360 continues to spin/read the game.
And before you compare it to the XP on Mac thing, realize that the xp on mac thing has been published publicly and confirmed by others. That one isn't a violation of the DMCA, no copy protection was circumvented, no laws were broken (provided that is a legal copy of XP he used). The Mac thing just overcomes technical (not drm) issues.

Umm... duh. I meant while it was still on-going, not now. When the video was first released, there were no details yet published, and there were ways that the video could have been faked, even though it appeared valid.
Of course I know it's been published publicly and confirmed by others.

DVD on Heat sink.
By willow01 on 3/19/2006 6:19:09 PM , Rating: 2
Don't know about you guys but I don't think that I would leave a DVD on the heat sink.

RE: DVD on Heat sink.
By Xenoterranos on 3/19/2006 7:30:51 PM , Rating: 4
Why? even if it messes up the disk, he's got a backup ;)

RE: DVD on Heat sink.
By willow01 on 3/20/2006 9:59:00 PM , Rating: 2
So in one fell swoop he is proving and justifying the need for the hack.

By obeseotron on 3/19/2006 3:51:45 AM , Rating: 2
Even if TheSpecialist doesn't publish the hack, it's only a matter of time before someone with less honorable intentions figures it out based on the information released. Any DRM with a target this size on it (and potential financial gain for organized counterfeiters) is gonna get cracked, that's just the way it is.

RE: Inevitable
By Googer on 3/19/2006 2:19:30 PM , Rating: 2
Downloadable MPG version of this video, it is much better quality. 4/

By hans007 on 3/19/2006 8:36:18 AM , Rating: 2
the hack is that the dvdrom drive in the xbox checks to see what type of media signed code is being run from.

if the media code is dvd-r/rw or dvd+r etc it wont work.

what they did was hack the firmware on the dvdrom to just basically say that whatever is in the drive is always xbox360 dvd pressed CDs even if its not a pressed cd.

RE: .
By armagedon on 3/19/2006 9:14:25 AM , Rating: 2
thank hans !
for solenely my knowledge, beside the sig, is a 360 DVD reproduceable on any PC dvd burner with no special software beside the standard copy software (Nero ...)?

By Zelvek on 3/19/2006 1:00:06 PM , Rating: 2
I love how they are using a Sony tv seems ironic.

By mb on 3/19/2006 1:47:56 PM , Rating: 2
Opposed to a Microsoft TV?

Did anybody notice...
By MisterBill on 3/19/2006 3:31:34 PM , Rating: 2
Did anybody notice that the DVD drive was not cycled through an eject/load cycle? Is it possible that he loaded the signed copy, suspended the drive, took out the signed copy and then started video recording? Now he loads the copy, but since no eject/load occurred and the title hasn't changed, why would the system need to verify.

RE: Did anybody notice...
By Scabies on 3/23/2006 9:26:23 AM , Rating: 2
You can turn off the system with a disc inside. This also begs the question... Is the system intelligent enough (or does it care enough) to think that if the system was turned off with a game inside, it will be turned on with the same game?
With the above assumption, you could place any disc in without using conventional loading, then the system would be like "wtf, where's the game you were playing last night?"
something to consider... that would lend an easy backdoor.

By zabor on 3/19/2006 3:42:03 PM , Rating: 2
TheSpecialist and his team was able upload unsigned code into the firmware using a modified Xbox 360 game that was not signed correctly. Once the firmware was modified the hackers removed or modified the software that detects the signed Microsoft XEX code, thus allowing them able to play unsigned games on that machine.


this is how the hack actually works:

What is this? A bit more info...
The hack is a modified firmware of the Xbox 360 Hitachi-LG GDR-3120L DVD-ROM drive (the security in the Toshiba/Samsung TS-H943 is said to be similar, so it's probably also possible with this drive ... but it does require it's own hacked firmware of course).
As you (should) know, all Xbox 360 executables (XEX files) are signed by Microsoft (with a private key only MS has). This means that if you try to change anything to the XEX file, the signature will be wrong and the file will not boot.
Now ... to protect from booting an exact copy of a game from a DVD-R or other recordable media, microsoft gave each XEX file a 'mediaflag'. This mediaflag tells the Xbox 360 from which media (cd-r, dvd-r, dvd+r, dvd-rw, hdd, dvdxbox, dvdxbox360, ...) the XEX is allowed to boot. Changing this mediaflag in the XEX header is not an option as it'll break the signature of the file (see above), so ... what's done in this firmware hack is 'break' the detection of the disc.
Retail games usually get a mediaflag where they only allow 'dvdxbox360' (Xbox 360 discs - different than a normal DVD because it has some specific bad sectors and special info in lead-in/out that can't be written with a standard dvd burner). The modified firmware will trick the DVD drive into reporting a DVD-R (or other) as a DVDXBOX360 to the Xbox 360. p?newsview=1#new...

RE: ?
By KristopherKubicki on 3/19/2006 3:53:44 PM , Rating: 2
Thanks, I cleaned that up a bit.

Ethically challenged
By DigitalFreak on 3/19/2006 4:47:50 PM , Rating: 2
Now we just need some smart folks who are not Ethically Challenged to make a mod that allows you to flash the hacked firmware into the drive without desoldering the chip.

RE: Ethically challenged
By Samus on 3/20/2006 1:52:24 AM , Rating: 2
to do that you'd need a flash program that was signed ;)

By poohbear on 3/19/06, Rating: 0
RE: cute
By tuteja1986 on 3/19/2006 5:26:12 AM , Rating: 3
Most hackers just want recognition for their skills but some pay a price of a ticket to jail for a long time. To an hacker going to jail is bad but staying away from the computer for years would be hell.

not sure what that means ?
By armagedon on 3/19/2006 7:09:34 AM , Rating: 2
Being not familiar with XBox, i'm not sure what this hack does. If i understant correctly, it means that any 360 dvd can be copied on a PC and they play on this modified machine ? (inside same region id).

"Click Image to Enlarge"....
By granulated on 3/19/2006 7:20:34 AM , Rating: 2
I HATE it when that happens !!

Great Video
By MisterBill on 3/19/2006 11:24:32 AM , Rating: 2
I have a similar one one me playing a cracked copy of Halo on a hacked PS1. (Of course my hack also involved an Xbox sitting behind the TV out of frame)

By pixelslave on 3/20/2006 11:24:46 AM , Rating: 2
The only thing I know is, with so few Xbox 360 out there, and PS3 won't be released until Nov, MS has a lot of times to fix the problem.

Get your hand on the first batch of Xbox 360 before MS fixes it!

-- Now the conspiracy starts. Does MS intentional limit the volume of the initial release to look for mistakes like this? :-)

By willow01 on 3/20/2006 9:53:55 PM , Rating: 2
So does the firmware also allow for there being a lack of bad sectors on the copied dvd? Seeing as though you supposedly cannot recreate the bad sectors unless you have the pressing hardware.

"What would I do? I'd shut it down and give the money back to the shareholders." -- Michael Dell, after being asked what to do with Apple Computer in 1997
Related Articles
Xbox 360's Firmware Hacked
March 16, 2006, 5:57 PM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki