| Page 5 of 111 |
|
|
 Posted: Tue, 8th Dec 2009 04:16 Post subject: |
|
 |
| azzman wrote: | | Clcancellation why dont you take your theories and opinions on console security to xboxhacker.net. Im sure they would welcome all your ideas |
Those 40year old virgins would surly do llol |
|
| Back to top |
|
|
JackQ
Non-expret in Derps lagunge
Posts: 14178
Location: Kibbutznik, Israel
|
| Posted: Tue, 8th Dec 2009 05:20 Post subject: |
|
|
| dvsone wrote: | | Clcancellation wrote: | btw,the article only mention Bruteforce,
there are already more known methods to get the keys,so there might be a way some time... |
ok read the article carefully, i'm replying here because i find crypto interesting in my hobby time so i don't mind discussing it. xorloser goes into quite a great amount of detail with the crypto of the 360, and in his math he accounts from the progression of technology. It's a pretty solid article. And this guy knows his stuff.
Read his crypto for dummies article particlaulrly Asymmetric crypto to get a better understanding of how the 360 works. Flaws are found in AES CTR mode...the 360 does not use this. Trust me, i'm not an expert, but the crypto of the 360 is solid, every expert would agree. The signing keys are NOT present on the 360 only the key to decrypt the xex. Without being able to sign an xex with microsofts "private" key...that only they know, that's locked away in a clean room somewhere in redmond.
Game devs cant even sign their stuff, its all handled through microsoft thats why dev kits play unsigned xex and CANNOT play signed ones.
The only reason a hack was able to work in the first place was a small miniscule bug. Any one in the scene will tell you it was a stroke of luck more a software bug...not a flawed hardware design |
as I said before only Bruteforce method is mention in this article
in PS3 hacks people that are knows about hacking talked some theory's how to get the keys
and talked about method that will take far less then "milion years"
but still needs some very expensive stuff to do.
"Fuck Denuvo"
Your personal opinions != the rest of the forum
|
|
| Back to top |
|
|
|
|
| Posted: Tue, 8th Dec 2009 07:05 Post subject: |
|
|
| Clcancellation wrote: | | dvsone wrote: | | Clcancellation wrote: | btw,the article only mention Bruteforce,
there are already more known methods to get the keys,so there might be a way some time... |
ok read the article carefully, i'm replying here because i find crypto interesting in my hobby time so i don't mind discussing it. xorloser goes into quite a great amount of detail with the crypto of the 360, and in his math he accounts from the progression of technology. It's a pretty solid article. And this guy knows his stuff.
Read his crypto for dummies article particlaulrly Asymmetric crypto to get a better understanding of how the 360 works. Flaws are found in AES CTR mode...the 360 does not use this. Trust me, i'm not an expert, but the crypto of the 360 is solid, every expert would agree. The signing keys are NOT present on the 360 only the key to decrypt the xex. Without being able to sign an xex with microsofts "private" key...that only they know, that's locked away in a clean room somewhere in redmond.
Game devs cant even sign their stuff, its all handled through microsoft thats why dev kits play unsigned xex and CANNOT play signed ones.
The only reason a hack was able to work in the first place was a small miniscule bug. Any one in the scene will tell you it was a stroke of luck more a software bug...not a flawed hardware design |
as I said before only Bruteforce method is mention in this article
in PS3 hacks people that are knows about hacking talked some theory's how to get the keys
and talked about method that will take far less then "milion years"
but still needs some very expensive stuff to do. |
SOME parts of the PS3 use the CTR mode, so yes it is possible to retrieve some information but not any signing info. You will never ever get the "private" keys without brute forcing. Why? because the 360 does not carry any information that will help you sign a xex, or anything related to the private key...seriously read about asymetrical crypto.
Xorloser knows his stuff he released xextool way back when. But no one can sign an xex and unless someone gets shit canned at microsoft and risks life and limb to leak the signing key you wont see it this side of the next few billion years.
I appreciate your enthusiasm, but you should give up on the idea of the private keys. It sucks, its not fun to hear but the chances of another exploit being found on the 360 are slim. And even if one were to be found it is likley patched before it is of any widespread use, and once the retail chain is out of exploitable inventory.
The only way to 100% have control over the 360 is with the private keys, all kernel level exploits can be patched very simply by microsoft, seriously the design of the 360...and maybe more so the ps3 is quite simply a solid marvel of engineering. Simple but at the same time a work of art. I admire both companies in that respect
|
|
| Back to top |
|
|
dizturbd
Posts: 335
Location: Right Here!
|
| Posted: Tue, 8th Dec 2009 07:24 Post subject: |
|
|
Well hello, speculation and bullshit. Glad to have you back. It's been a few threads since I saw you last.
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
|
|
| Posted: Tue, 8th Dec 2009 08:22 Post subject: |
|
|
| Clcancellation wrote: | btw,the article only mention Bruteforce,
there are already more known methods to get the keys,so there might be a way some time... |
Dude, shut up, you are incorrect and you've always have been.
GTFO.
|
|
| Back to top |
|
|
JackQ
Non-expret in Derps lagunge
Posts: 14178
Location: Kibbutznik, Israel
|
| Posted: Tue, 8th Dec 2009 08:32 Post subject: |
|
|
you can't say never on something you can't fully predict!,don't BS
"Fuck Denuvo"
Your personal opinions != the rest of the forum
|
|
| Back to top |
|
|
|
|
| Posted: Tue, 8th Dec 2009 08:57 Post subject: |
|
|
Nobody here is gonna crack that himself, or will help crack this. Take this to the right place please, you can post info when something new comes up. But speculating about cracking some stupid keys won't help anybody.
Do you really think this is new to the people who really try to hack this?
Do you really think they would have chosen a leak that has been long fixed if there was another way ATM?
PLEASE just shut up with wanting to crack this. You might feel haxx0r because you think you found something new, but in the end you just make yourself look pathetic.
โThe only way to deal with an unfree world is to become so absolutely free that your very existence is an act of rebellion.โ
- Albert Camus
|
|
| Back to top |
|
|
JackQ
Non-expret in Derps lagunge
Posts: 14178
Location: Kibbutznik, Israel
|
| Posted: Tue, 8th Dec 2009 09:46 Post subject: you have a point |
|
|
you have a point. so lets just keep follwing what will\allready happning.
BTW:dvsone,just because you read some article it doesn't mean you "know everything" about that,I have feeling some of your "speculation" is somewhat incorrectly
I don't know that mach about hacking,but you quite exaggerate,
I see in 360 scene still attempt to do things,like dumping CPU key and more,
so they are still trying,mean,they don't think it's "impossible"
and investigators already manage to decipher M$ encrypter protection on there new PC
drives.-BitLocker
"Fuck Denuvo"
Your personal opinions != the rest of the forum
|
|
| Back to top |
|
|
|
|
| Posted: Tue, 8th Dec 2009 17:26 Post subject: Re: you have a point |
|
|
| Clcancellation wrote: | you have a point. so lets just keep follwing what will\allready happning.
BTW:dvsone,just because you read some article it doesn't mean you "know everything" about that,I have feeling some of your "speculation" is somewhat incorrectly
I don't know that mach about hacking,but you quite exaggerate,
I see in 360 scene still attempt to do things,like dumping CPU key and more,
so they are still trying,mean,they don't think it's "impossible"
and investigators already manage to decipher M$ encrypter protection on there new PC
drives.-BitLocker |
lol bitlocker is a SOFTWARE based encryption, and CBC mode of bitlocker should not be compared to asymetrical keys.
And the CPU key has been dumpable for quite some time. The signing key IS NOT stored anywhere on a 360 be it retail or dev or test. All developers must submit their final game builds to microsoft for signing.
|
|
| Back to top |
|
|
JackQ
Non-expret in Derps lagunge
Posts: 14178
Location: Kibbutznik, Israel
|
| Posted: Tue, 8th Dec 2009 17:43 Post subject: |
|
|
it is known if it using the One-time pad method,or not?
if not,it's not unbreackle,and you basically can hack even that method with Exploits
"Fuck Denuvo"
Your personal opinions != the rest of the forum
|
|
| Back to top |
|
|
|
|
| Posted: Tue, 8th Dec 2009 17:55 Post subject: |
|
|
tell you what Clcancellation - you love this "One-time pad method" dont you!!
|
|
| Back to top |
|
|
|
|
| Posted: Tue, 8th Dec 2009 17:59 Post subject: |
|
|
what a load of bollocks!!
|
|
| Back to top |
|
|
|
|
| Posted: Tue, 8th Dec 2009 18:21 Post subject: Re: you have a point |
|
|
| dvsone wrote: | | Clcancellation wrote: | you have a point. so lets just keep follwing what will\allready happning.
BTW:dvsone,just because you read some article it doesn't mean you "know everything" about that,I have feeling some of your "speculation" is somewhat incorrectly
I don't know that mach about hacking,but you quite exaggerate,
I see in 360 scene still attempt to do things,like dumping CPU key and more,
so they are still trying,mean,they don't think it's "impossible"
and investigators already manage to decipher M$ encrypter protection on there new PC
drives.-BitLocker |
lol bitlocker is a SOFTWARE based encryption, and CBC mode of bitlocker should not be compared to asymetrical keys.
And the CPU key has been dumpable for quite some time. The signing key IS NOT stored anywhere on a 360 be it retail or dev or test. All developers must submit their final game builds to microsoft for signing. |
yeah agree the key to sign will never be found unless someone from MS leaks it..
they can however find another exploit even if MS can fix it again by another fuse blow and new bootloader.. it would still be awesome cause their will be even more vurnerable boxes in the wild.
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
dizturbd
Posts: 335
Location: Right Here!
|
| Posted: Tue, 8th Dec 2009 20:37 Post subject: |
|
|
| dvsone wrote: | | dizturbd wrote: | | Well hello, speculation and bullshit. Glad to have you back. It's been a few threads since I saw you last. |
i'm guessing the speculation is what we're talking about...and you're helping out providing the bullshit  |
Yeah, as if you guys needed help. |
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
JackQ
Non-expret in Derps lagunge
Posts: 14178
Location: Kibbutznik, Israel
|
|
| Back to top |
|
|
|
|
| Posted: Tue, 8th Dec 2009 23:30 Post subject: |
|
|
I see all the XBLA games coming out lately but, can anyone play them?? I mean the requirements you need to play them is crazy. your xbox360 should be maid before june 2009, you need some tool kit, your xbox shouldnt have ever been updated via live and on top of it your dashboard should not be higher then 7371. I am pretty sure that just about every one had their dashboard updated to the latest one otherwise you cant play the latest games.
|
|
| Back to top |
|
|
|
|
| Posted: Tue, 8th Dec 2009 23:41 Post subject: |
|
|
| nukeitup wrote: | | I see all the XBLA games coming out lately but, can anyone play them?? I mean the requirements you need to play them is crazy. your xbox360 should be maid before june 2009, you need some tool kit, your xbox shouldnt have ever been updated via live and on top of it your dashboard should not be higher then 7371. |
You forgot to mention, that in order to play these you must wear a red cap and green socks.
11th "Thou shalt not flash"
|
|
| Back to top |
|
|
|
|
| Posted: Tue, 8th Dec 2009 23:41 Post subject: |
|
|
They're coming out now that the Xboot tools are out and can run unsigned code. The reason the requirements are nuts is because MS fixed the loophole that allowed the hack to happen - hence it only works on machines not updated on, or since, June 2009.
|
|
| Back to top |
|
|
|
|
| Posted: Wed, 9th Dec 2009 00:02 Post subject: |
|
|
you pretty much have 2 choices, play the shitty XBLA and forget about the new games or, play new games but forget about shitty Arcade games. I'd stick with new games that coming out each week thank you very much.
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
LeoNatan
☢ NFOHump Despot ☢
Posts: 73196
Location: Ramat Gan, Israel ๐ฎ๐ฑ
|
| Posted: Wed, 9th Dec 2009 01:16 Post subject: |
|
|
| DeMoN064 wrote: | | http://www.youtube.com/watch?v=uxjpmc8ZIxM |
That was an interesting watch, thanks.  |
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
azzman
Posts: 4058
Location: Australiiiaaa , maate
|
|
| Back to top |
|
|
|
|
| Posted: Wed, 9th Dec 2009 13:52 Post subject: |
|
|
Are you using the newer version that flashes to the 360's own internal NAND? Or the one that requires the Cygnos addon?
|
|
| Back to top |
|
|
| Page 5 of 111 |
All times are GMT + 1 Hour |
