ALERT!
Click here to register with a few steps and explore all our cool stuff we have to offer!
Home
Upgrade
Credits
Help
Search
Awards
Achievements
 5317

68 Maul Keysets

by rashadul22 - 06-07-2020 - 04:50 AM
#21
(06-08-2020 - 02:51 AM)xbOnline Wrote: I want to see Microsoft take hashes of the keys, so they are not reusable and you need the proper algo to produce the data and that you can't just slap in a clean HV to produce the right data for you. That will be a good day :)
still everyone would be able to last that would not change much at all there limited with what they can do really they need to re do the challenges but i dont see that happening to be honest but then again it would more then likely get into the wrong hands and be leaked if they was to do that
Reply
#22
(06-20-2020 - 12:15 AM)User37713 Wrote:
(06-08-2020 - 02:51 AM)xbOnline Wrote: I want to see Microsoft take hashes of the keys, so they are not reusable and you need the proper algo to produce the data and that you can't just slap in a clean HV to produce the right data for you. That will be a good day :)
still everyone would be able to last that would not change much at all there limited with what they can do really they need to re do the challenges but i dont see that happening to be honest but then again it would more then likely get into the wrong hands and be leaked if they was to do that
would be really fun if there can do that. :D but why you fuck yourself "Re do the Challenges system will not make you ever lasts lol only there that knows that there doing."
Add m on Discord :)
Ursula von der Leyen#1337
Reply
#23
(06-20-2020 - 12:22 AM)CrystalMeth Wrote:
(06-20-2020 - 12:15 AM)User37713 Wrote:
(06-08-2020 - 02:51 AM)xbOnline Wrote: I want to see Microsoft take hashes of the keys, so they are not reusable and you need the proper algo to produce the data and that you can't just slap in a clean HV to produce the right data for you. That will be a good day :)
still everyone would be able to last that would not change much at all there limited with what they can do really they need to re do the challenges but i dont see that happening to be honest but then again it would more then likely get into the wrong hands and be leaked if they was to do that
would be really fun if there can do that. :D but why you fuck yourself "Re do the Challenges system will not make you ever lasts lol only there that knows that there doing."
what you said didnt make much sense sorry? but if they was to redo and change how they are doing the challenge system it would then confuse a good few people on what they should be doing and lets be real the challenge system isnt nothing special as it stand not only that the chances off them making any changes to the challenge system is so low i cant remember the last time they intended to change parts off the challenge system
Reply
#24
(06-20-2020 - 01:46 PM)User37713 Wrote:
(06-20-2020 - 12:22 AM)CrystalMeth Wrote:
(06-20-2020 - 12:15 AM)User37713 Wrote:
(06-08-2020 - 02:51 AM)xbOnline Wrote: I want to see Microsoft take hashes of the keys, so they are not reusable and you need the proper algo to produce the data and that you can't just slap in a clean HV to produce the right data for you. That will be a good day :)
still everyone would be able to last that would not change much at all there limited with what they can do really they need to re do the challenges but i dont see that happening to be honest but then again it would more then likely get into the wrong hands and be leaked if they was to do that
would be really fun if there can do that. :D but why you fuck yourself "Re do the Challenges system will not make you ever lasts lol only there that knows that there doing."
what you said didnt make much sense sorry? but if they was to redo and change how they are doing the challenge system it would then confuse a good few people on what they should be doing and lets be real the challenge system isnt nothing special as it stand not only that the chances off them making any changes to the challenge system is so low i cant remember the last time they intended to change parts off the challenge system
Well I mean they did shift a bunch of shit to confuse people this dash and the major change was 2015 I think with the ECCDigest.
Reply
#25
(06-20-2020 - 07:51 PM)Kernel Wrote:
(06-20-2020 - 01:46 PM)User37713 Wrote:
(06-20-2020 - 12:22 AM)CrystalMeth Wrote:
(06-20-2020 - 12:15 AM)User37713 Wrote:
(06-08-2020 - 02:51 AM)xbOnline Wrote: I want to see Microsoft take hashes of the keys, so they are not reusable and you need the proper algo to produce the data and that you can't just slap in a clean HV to produce the right data for you. That will be a good day :)
still everyone would be able to last that would not change much at all there limited with what they can do really they need to re do the challenges but i dont see that happening to be honest but then again it would more then likely get into the wrong hands and be leaked if they was to do that
would be really fun if there can do that. :D but why you fuck yourself "Re do the Challenges system will not make you ever lasts lol only there that knows that there doing."
what you said didnt make much sense sorry? but if they was to redo and change how they are doing the challenge system it would then confuse a good few people on what they should be doing and lets be real the challenge system isnt nothing special as it stand not only that the chances off them making any changes to the challenge system is so low i cant remember the last time they intended to change parts off the challenge system
Well I mean they did shift a bunch of shit to confuse people this dash and the major change was 2015 I think with the ECCDigest.
and you still not know how to ECC a Digest.
Add m on Discord :)
Ursula von der Leyen#1337
Reply
#26
maul lasting maul
Reply
#27
(06-20-2020 - 07:51 PM)Kernel Wrote:
(06-20-2020 - 01:46 PM)User37713 Wrote:
(06-20-2020 - 12:22 AM)CrystalMeth Wrote:
(06-20-2020 - 12:15 AM)User37713 Wrote:
(06-08-2020 - 02:51 AM)xbOnline Wrote: I want to see Microsoft take hashes of the keys, so they are not reusable and you need the proper algo to produce the data and that you can't just slap in a clean HV to produce the right data for you. That will be a good day :)
still everyone would be able to last that would not change much at all there limited with what they can do really they need to re do the challenges but i dont see that happening to be honest but then again it would more then likely get into the wrong hands and be leaked if they was to do that
would be really fun if there can do that. :D but why you fuck yourself "Re do the Challenges system will not make you ever lasts lol only there that knows that there doing."
what you said didnt make much sense sorry? but if they was to redo and change how they are doing the challenge system it would then confuse a good few people on what they should be doing and lets be real the challenge system isnt nothing special as it stand not only that the chances off them making any changes to the challenge system is so low i cant remember the last time they intended to change parts off the challenge system
Well I mean they did shift a bunch of shit to confuse people this dash and the major change was 2015 I think with the ECCDigest.
it wasnt intended to change any off it it just happened with what they was updating
Reply
#28
(06-20-2020 - 12:15 AM)User37713 Wrote:
(06-08-2020 - 02:51 AM)xbOnline Wrote: I want to see Microsoft take hashes of the keys, so they are not reusable and you need the proper algo to produce the data and that you can't just slap in a clean HV to produce the right data for you. That will be a good day :)
still everyone would be able to last that would not change much at all there limited with what they can do really they need to re do the challenges but i dont see that happening to be honest but then again it would more then likely get into the wrong hands and be leaked if they was to do that

I don't know about that, because the only way people get clean data is by inserting the HV into memory, and dumping. Not actually computing the data. There is a lot of things they could do with the memory protection. Could be really effective, as only 2 servers that I know of actually have the full algo.
[Image: logo_white_nostroke.png]
Reply
#29
really when you think about it there's nothing they can really do to protect it at this point. even if they were to make any of those changes you guys say we already have the data reversed an earlier. and we can use programs like binary diff to see the differences. really you can actually calculate the date on your computer as well doing a powerpc processor emulator. I mean essentially just allowing you to boot the boot loaders. and if it errors out at dashboard it doesn't matter. at this point we can reload the cash and get the data. but do not take this the wrong way I'm not trying to say anything bad I'm just trying to have a legit conversation. :)


void FUN_000020b0(int param_1)
if you start reversing from this function you can see that it's setting the security Engine with the keys 5555 to generate 100F0 of the data. actually kind of funny cuz after the data is generated it literally does a reboot of the hypervisor clearing it from memory reinitializing it and generating random keys. then encrypting the data again for use.

https://github.com/g91/XBLS/blob/master/...HV_17559.c

this is my disassembly of the hypervisor with labeled functions. it was generated and labeled and IDA and then exported ghidra to pseudo C.
and then you could use functions like binary diff to find the right functions to quickly find functions for auditing.

and also Microsoft has released a lot of open-source emulators of the actual power PC architecture that was Xbox 360 and also shares a lot of similarities with the power mac g5
if you like my posts and want to see more please plus rep
Reply
#30
(06-21-2020 - 01:49 AM)theDomo Wrote: really when you think about it there's nothing they can really do to protect it at this point. even if they were to make any of those changes you guys say we already have the data reversed an earlier. and we can use programs like binary diff to see the differences. really you can actually calculate the date on your computer as well doing a powerpc processor emulator. I mean essentially just allowing you to boot the boot loaders. and if it errors out at dashboard it doesn't matter. at this point we can reload the cash and get the data. but do not take this the wrong way I'm not trying to say anything bad I'm just trying to have a legit conversation. :)


void FUN_000020b0(int param_1)
if you start reversing from this function you can see that it's setting the security Engine with the keys 5555 to generate 100F0 of the data. actually kind of funny cuz after the data is generated it literally does a reboot of the hypervisor clearing it from memory reinitializing it and generating random keys. then encrypting the data again for use.

https://github.com/g91/XBLS/blob/master/...HV_17559.c

this is my disassembly of the hypervisor with labeled functions. it was generated and labeled and IDA and then exported ghidra to pseudo C.
and then you could use functions like binary diff to find the right functions to quickly find functions for auditing.

and also Microsoft has released a lot of open-source emulators of the actual power PC architecture that was Xbox 360 and also shares a lot of similarities with the power mac g5

Trust me, there is plenty they can do.

The memory protection was amazing, and would of worked great, if they didn't botch half of the stuff they did.
[Image: logo_white_nostroke.png]
Reply

Users browsing: 7 Guest(s)