|
|
尽管上市已经半年有余,但是Slim版的XBOX360破解进程一直停滞,比起PS3的电子狗破解和Wii悲剧式的PC完美模拟,Slim版本应该是家用机中仅存的处女地。各路高手自然不肯放过这个大展拳脚的良机,刚过十月,Slim版破解已经有了转机,首先是XBOX360破解高手Geremia发布了自己在晚上的空闲时间对Slim版光驱固件的研究成果,并称取得了一些进展,据悉目前已经可以读取DVD KEY,读取固件并进行刷写。尽管该固件并不完善,但是这已经在XBOX360破解的道路上前进了一大步。原文如下:
Thanks for running the test app, i figured out nothing interesting from it but thanks for doing it anyway, ehehheeh
http://www.megaupload.com/?d=40NWA8ZZ
I had no time, no will and no more than 2 drive to test, and i'm not willing to support it too much, it's just a proof of concept.
It can contain bugs and it's not an idiot proof app.
I spent 2 months of spare night-time on this, from decapping to fullrawdump, passing by descrambling fw, reversing fw, bruteforcing, finding usefull cdb commands, bugs and tricks. This is the result, not the beginning of something else.
Since it's my hobby, i'm free to do what i like, just enjoy it or hate it, i dont' care.
Slim liteon is well detectable and also lockable to a permanent read-only SPI flash, it's just a matter of MS to push the red button.
Tarablinda v0.4b
Usage : Tarablinda [SATA PORT] [dump|erase|rewrite] [file to flash]
Example: Tarablinda E480 dump
Example: Tarablinda E480 rewrite newfw.bin
Special: Tarablinda E480 dump full
Experimental risky fulldump
Tarablinda is a collection of hacks and tricks which i discovered during hw and fw exploration.
It's only a proof of concept, I take no responsibility for any damage it may causes.
I've checked on Via controller (with drivers removed) and Intel ICH7 several time, against 2 different drives with same FW revision.
There could be different FW revision out here, it could not work for several reasons.
dump:
it dumps the dvdkey and checks it with MS drive auth protocol,
like the console does everytime you poweron, so it's good for sure.
It's not a destructive/invasive dump.
It dumps also serials (1FFE0 area)
It also dumps the whole dvdkeyarea, included the latest 0x10 bytes of such area, which are unique per drive too.
It also dumps sectors 3Dxxx 3Exxx
Dummy.bin is nothing else than a blank file with dvdkeyarea, 3D000-3EFFF and serials in place, not jf compatible.
//////////experimental-risky//////////////////
dump full:
Like above, then checks if 3D-3E sectors are the known ones, rewrites 3E with patched code to make the fw
send us the full dump.
It's a little risky cause we can't know for sure if the dumped 3D-3E sectors are really that sector numbers.
Since scrambling the same data at different addrress results in different scrambled data, we can be quite sure.
But again, this is beta software and consider you are risking on your own, it's your choice.
Erase and Rewrite(which is an erase+write) are mainly for studying purpose
Unless you have a full dump of your drive,
erase and rewrite are not recommended for the most
Special thanks to Kai Schtrom - Maximus - TeamModFreaks
As usual, use at your own risk
Geremia
无独有偶,同样在XBOX360破解方面功勋卓著的TeamJungle随后在其官方微博上发出消息,XBOX360 Slim版LT光驱固件即将放出,他们正在修改Slim版360的光驱固件,更多消息将在下周发出。
看来XBOX360 Slim距离破解的那天已经不远,如果这两个破解进展顺利的话,那么4G Slim无疑是目前市场上最具性价比的XBOX360主机。
|
|
IP卡
狗仔卡
发表于 2010-10-19 18:29:59
提升卡
置顶卡
变色卡
显身卡