This forum is in archive mode. You will not be able to post new content.

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - J3rk My Turk3y

Pages: [1]
1
C - C++ / Re: Nand.Bin File
« on: April 01, 2011, 07:48:10 AM »
Thank you debug for the information, i think you are probably right. Im in over my head here, i just keep seing people online with there jtag's. I thaught this would give me something new to learn and make alot of money when i did get my jtag online. Simple fact is its to darn complicated. ;)

2
C - C++ / Re: Nand.Bin File
« on: March 31, 2011, 11:16:03 AM »
Yeah i agree this is going to be alot to learn. With little and no understanding i have figured how to edit the xam.xex and change the kernal version to the latest. This will allow me to conect on a older dashboard and spoof as the 12625 while having the 12611 kernal.

I have been scrolling through the data looking for anything that pops out, a shot in the dark to be honest. I have found these challenges and think they are the correct ones.

Im rather exited and started to learn ppc but it mega hard, if anyone wants to take a look and maybe give some advice if im right or wrong i have attatched my xam.xex below to look at.
http://www.megaupload.com/?d=DXRCQAD1
The information i have been using is his quote

"More for you guys to look at,

The challenges are sent back to M$ and it carries them info to do checks on your console.

There is value's in place, look into the challenges, one challenge should be getting edited with alot of sub routes that lead up to that one challenge, there is challenges in more areas then the hypervisor.

Console return value's it may be the value being a mis match which then leads to your JTAG not connecting at all.

They can detect everything on your console unless removed/spoofed so the value's get detected, if it is a match to the set default value then connecting will occur, if say there was a modified console and it tries to connect, it is modified and the server checks would be able to detect it considering its modded, it is sending back a different value.

That is just another thing for you guys to look into, look into what info is being sent back from the challenges, and where they are being executes, where the return and response take place also.

There is many many things that need to be looked at, the only way you will find the exploit is through testing and searching.

+All the hypervisor talk does not mean the actual function getting modded is pulled directly from the hypervisor, the hypervisor contains no actual online whole functions. Other functions from places out side the hypervisor use its imports. Some functions grab info out of the hypervisor but the whole function is not directly locate din the hypervisor, it is just re directing info from it".

Thanks, Ketchup

3
Found it on the Webs / Re: Starcraft II commentator must watch!
« on: March 29, 2011, 10:36:28 AM »
I been watching his videos for a hour or so now. Im impressed with starcraft 2. Thank you for this channel.

4
Hacking and Security / Re: Evilzone Xp Lobbies
« on: March 27, 2011, 08:25:04 PM »
Huh? maybe explain little NOT in gamer-speak? not all people might understand :P

Xp lobbys are 1 suiside = 1 prestege on mw2
xp lobbys are 1 suicede = 5000 xp on cod 4 (rank up 1 level per suicide)
xp lobbys are 1 suicede += 5000 xp on cod ((rank up 1 level per suicide)
Or everything unlocked for online gameing on Mw2 i have to recover your xbox live account

5
Hardware / Re: Flashing The Xbox 360 BenQ Drive
« on: March 27, 2011, 07:53:14 PM »
Very well written! If only i had the will to try..

+1

Like i said all you need is a sata cable and you 360 to power the drive. Ill help you with whatever drive you have. You may need a probe for the lite-on drives but i have one and know how to build one. Could post a tut on that next :P

6
Hacking and Security / Evilzone Xp Lobbies
« on: March 27, 2011, 07:43:37 PM »
I can host on xp lobbies on cod 4/cod5/cod6 i have a jtag xbox. I have to infect myself then go online and the infection carries over. I can infect people through xlink kai also. I will host for free for here if anyone interested. Or 10th pluss all camos weponc ect, but ill have to recover the account.
Proof:

http://www.youtube.com/user/360sully360?feature=mhum#p/a/u/0/RBLF3dIhEpA
http://www.youtube.com/user/360sully360?feature=mhum#p/a/u/2/qkHuPYfrCsI
http://www.youtube.com/user/360sully360?feature=mhum#p/a/u/1/AWUWay07Ql8

7
Hardware / Re: My new toy I just ordered
« on: March 27, 2011, 07:29:44 PM »
They do, world wide, and no shipping charge :D

Thank you sir im ordering one now :P

8
Hardware / Re: My new toy I just ordered
« on: March 27, 2011, 07:23:06 PM »
Well I love wireless security, but I always hated the limited range. So I decided to get one of these puppies:

http://www.dealextreme.com/p/2000mw-high-power-802-11b-g-54mbps-usb-2-0-wireless-network-dongle-with-dual-high-gain-antenna-44929

I'm sure its not a true 2000mw, but its a hell of a lot more powerful then what I have now. The chipset supports injection and monitor mode. I can't wait to try it out and see what kind of networks I can pick up. Possibly start my venture into WPA/WPA2 cracking without bruteforcing (turn it into an AP and have the users connect to me) maybe also try out some MitM attacks. I'll keep you updated and let you know how pleased/displeased in this item ;)

Im extreemly impressed with what you got for the price im gona find out if they ship to the uk.

9
Hardware / Re: Flashing The Xbox 360 BenQ Drive
« on: March 27, 2011, 07:11:44 PM »
Thank you, if anyone gets stuck flashing any xbox drive i can help through teamviewer. I would prefer to talk people through so they understand the method more as nearly every drive is different and some are more tempramental than outhers. Pluss you never learn anything if someone does for you :P

10
Hardware / Flashing The Xbox 360 BenQ Drive
« on: March 27, 2011, 07:06:14 PM »
BenQ VAD6038 (62430c and 64930c)

To start of with you will need to download jungleflasher. This Utilitie will allow you to flash all drives pre to the slim. The slim firmware has not yet been relesed as of yet.
Next you will ned the firmware pack.
http://hotfile.com/dl/106393480/2a33650/JungleFlasher.0.1.79.Beta%28208%29.rar.html
http://www.megaupload.com/?d=ORKGK4HH

What is AP 2.5?

Anti-Piracy version 2.5 is the newest addition by Microsoft to detect custom DVD Drive firmware and is included in the new Kinect dashboard. This check has been included for some time but hasn't been activated until Kinect. This authentication blocks backups from being loaded and displays a message that states " This disc is unreadable."
If you get this message and you will be flagged to be banned.

Your drive needs to be conected to your pc via sata port and in the main port.The drive also needs to be have power. You can use a conectivity kit or power via the xbox 360 itself.

Now we have junglflasher and the firmware pack lets get started.
First we need to put our firmware pack into the jungleflasher app. We do this by unraring the firmware to desktop, rename from "iXtreme-LT_Plus_Firmware_Pack" to "Firmware" and placing in the jungleflasher folder like below. Just makes things more simple.


Now we need to run jungleflasher we must run jungleflasher as admin or it will not install the port I0 drivers. You should get this message.

Then click ok and you will see the application open.


The next steps are

 Unlocking the Drive
 Reading the Original firmware
 Patching Key into hacked Firmware
 Erasing Drive
 Writing Drive

Now we need to set the drive to vendor mode. This allows us to read, write erase ect.
Eject the drive and then power of the xbox360 via the power cord. Push the dvd tray halfway in and power back on. Most cases you will have to hold the tray so it does not retun into the xbox. Its kinda tricky first time round but acomplishable on your own. This may take a try or two but its not hard.

Now click on the MTKFlash32 Tab, select you port I0 port and your drive will be shown and display in the drive properties as "Drive in vendor mode" and in the flash properties "Type serial flash with status 0x73


Next we need to reads the drives firmware. To do this we click "Read". Make sure you save this as if any of the next steps go wrong you will ned this to flash back to the drive. If you do not save this you will brick your drive and render your xbox 360 as a dvd player.
Once clicked save it should auto ask to to auto load iXtreme Click Yes. This will load to the source buffer.
Now click "firmware32" tab and check the dvd keys match in the source firmware and the target firmware. If they do not match click the spoof source to taget button in the middle of the screen. When they match proceed to the next step of writing  the drive.

Make sure you still have good flash chip properties by clicking back on the "MTKFlash32" tab and look in the flash chip properties. We need 0x73 flash status.
If you have this click "Write". Once the write has finshed we should see "Write Verified Ok"
Now send an Outro to the drive by clicking "Outro/ATA Reset" this will relese the drive from vendor mode.
Power off – connect back to console and test with a backup game you have.

Compatable chipsets for flashing xbox 360 drives. If you do not have one of the following you will need to purchase one or get a VIA 624 chipset they are the cheapest.

-NVIDIA nForce 2 IDE Controller
- NVIDIA nForce 4 IDE Controller
- Intel P45 (ICH10R) ASUS P5QC
- Intel ICH9
- Intel ICH (i810,i815,i840)
- Intel ICH0
- Intel ICH2M
- Intel ICH2 (i810E2,i845,850,860)
- Intel C-ICH (i810E2)
- Intel ICH3M
- Intel ICH3 (E7500/1)
- Intel ICH4 (i845GV,i845E,i852,i855)
- Intel ICH5
- Intel ICH10
- Intel ICH10R (Asus P6T V2 Deluxe)
- Intel ICH10R+P45
- Intel ESB (855GME/875P + 6300ESB)
- Intel ICH6 (and 6) (i915)
- Intel ICH7/7-R (i945, i975,945P with silicon 3231 sata controller)
- Intel ICH9R
- Intel PIIX3 for the 430HX etc
- Intel PIIX4
- Intel PIIX4 for the 430TX/440BX/MX chipset
- Intel PIIX
- Intel 82801EB (ICH5)
- Intel 6300ESB (ICH5)
- Intel 82801FB/FW (ICH6/ICH6W)
- Intel 82801FR/FRW (ICH6R/ICH6RW)
- Intel 82801FBM ICH6M
- Intel Enterprise Southbridge 2 (631xESB/632xESB)
- Intel 82801GB/GR/GH (ICH7, identical to ICH6)
- Intel 2801GBM/GHM (ICH7M, identical to ICH6M)
- Intel SATA Controller IDE (ICH8)
- Intel Mobile SATA Controller IDE (ICH8M)
- Intel SATA Controller IDE (ICH9)
- Intel SATA Controller IDE (ICH9M)
- NVIDIA nForce 4 SATA Controller
- NVIDIA nForce 2 SATA Controller
- NVIDIA nForce 3 SATA Controller
- NVIDIA nForce MCP04 SATA Controller
- NVIDIA nForce MCP51 SATA Controller
- NVIDIA nForce MCP55 SATA Controller
- NVIDIA nForce MCP61 SATA Controller
- NVIDIA 750i
- NVIDIA Nforce630i (flashed a benq and lite-on)
- NVIDIA Nforce570 (Samsung M28)
- Silicon Image SIL-3512
- ATI SB600 (configured to legacy IDE)

Credits to Jungleflasher for some of the images images.
Credits to C4Eva for the public relese of the firmware.
I made this tutorial through my own kwnolage of flashing the benque drive. If you need more documentation look in the folder "Documentation" in the jungleflasher folder and there is a P.D.F there. This tutorial was ment to be a small understaning of what you need to do and how i do it.

*Imprortant Notice* If you ever get a black screen when attempting to play a backup game, this is the A.P 2.5 challenge you have 3 mins to power of the console. You need to disconect the power lead. You have 3 mins to do this or you will be flagged.



11
C - C++ / Re: Nand.Bin File
« on: March 27, 2011, 03:10:37 PM »
Thank you for the information 8) I wanna learn and try to figure the correct method. Just something im interested in.

12
C - C++ / Nand.Bin File
« on: March 27, 2011, 08:51:48 AM »
Im trying to edit my nand dump from my jtag but its encrypted.  I cant seem to decrypt it, im using IDA pro.
I need to null the server side check when my jtag tries to connect to live.
This code i found will enaable me to connect with a older kernal version. Its a start on the road to live.


I posted here as the nand is coded in c++.

Pages: [1]


Want to be here? Contact Ande, Factionwars or Kulverstukas on the forum or at IRC.