The XBOX hacked without using hardware tricks

I known it’s on the newspage as well, but some forum users might not read the newspage.

Source :

Overview:

The XBOX Dashboard is what appears when you turn the XBOX on without a disc in the DVD drive. It will let you adjust system settings, manage your save games, play and rip audio CDs and configure your XBOX Live account. It is the heart of the XBOX and its most vulnerable point, because it lacks several security restrictions which are enforced on games. This includes the lack of the reboot-on-eject-button “feature”, which is obligatory for all games.

The existance of an exploitable vulnerability within the dashboard could totally compromises the XBOX security system. It will make the box independent from Microsoft signed code and therefore this information is released to the public now on the 4th of July 2003, the day of the XBOX Independence.

Microsoft knows that a vulnerability within the XBOX dashboard could have serious impact. This is underlined by the fact that the dashboard checks most of its files against an internal stored SHA1 hash value before it uses them.

For an unknown reason this check is not performed on the audio (.wav) and font (.xtf) files. Unfourtunately for Microsoft there exists an exploitable integer underflow vulnerabilitiy within the font file loader which can be exploited with a malformed font file.


Find the .tgz file in the source mentioned above.

Poor MS :stuck_out_tongue:

yes, what appears to look like the innocent save game of James bond, 007 nightfire, is actually a key to installing linux.

www.xbox-scene.com is following this, they also have a list of savegames that this buffer trick works on, and for the lazy…save game downloads.

best of all…its all legal,

Originally posted by Huzzy
[B]yes, what appears to look like the innocent save game of James bond, 007 nightfire, is actually a key to installing linux.

www.xbox-scene.com is following this, they also have a list of savegames that this buffer trick works on, and for the lazy…save game downloads.

best of all…its all legal, [/B]

There’s MechAssault as well that allows this check it out Here :wink:
and here is where I originally found it

hmmm…wouldn’t call MS poor at all.
if you look at Sony and there PS2 theres more pirating and hacking being done on there system right now.
probably biggest reason Sony is number 1 right now is because of all the pirating and hacking.
this is probably a good thing for MS, probably make them alot more cash in the long run.
maybe MS steal number 1 spot from Sony.

Originally posted by Accel7
hmmm…wouldn’t call MS poor at all.
if you look at Sony and there PS2 theres more pirating and hacking being done on there system right now.
probably biggest reason Sony is number 1 right now is because of all the pirating and hacking.
this is probably a good thing for MS, probably make them alot more cash in the long run.
maybe MS steal number 1 spot from Sony.

A few corrections:

MS sell the xbox at a loss…EG: every xbox they sell they loose 200 - 400$ (depending on country, currency etc etc)

Sony at one point made money on there consoles, and nintendo do this also, im not sure of exact figures but gamecube sells in australia for about 400$, apprently they cost nitendo about 150$.

next point is the xbox mod scene is a lot larger, people are turning xbox’s into linux servers / proxys, home theatre systems etc etc. All you can do with a PS2 is mod chip it and play games. Hence the people who are modding xbox are doing a lot more with it, and depriving MS of a lot more revinue. (but you are correct in saying there are a lot more ps2 mods than xbox, though this is due to there being 50x the amount of ps2 in homes than xbox).