Xbox information on the certificate generation for 0x50

[the1Domo DF Member Posts:160 Threads:36 Reputation 10]

it's funny how everybody runs around eating offsets and single hashes having no idea how any of this system works so I'm going to give everybody a hint on how to even get started or even point you in the right direction 

Content Unlocked

Code:

// the security engine contains multiple keys, this is important
// 0x00000X**_00000000 X = region, ** = key select
// x = 0 should be physical
// x = 1 should be hashed
// x = 2 should be SoC
// x = 3 should be encrypted



sub_2440 is where it takes the key and random bytes of 0x80
sub_23918 is where the signature is generated

PHP Code:

# =============== S U B    R O U T    I N E =======================================


sub_23918:
        mflr      r12
        bla      __savegprlr_24
        stdu      r1, -0xA0(r1)
        mr      r29, r6
        mr      r24, r3
        mr      r26, r4
        mr      r31, r5
        mr      r28, r7
        mr      r25, r8
        cmplwi      cr6, r29, 0x2A
        bge      cr6, loc_2394C

loc_23944:                # CODE XREF: sub_23918+3Cj
        li      r3, 0
        b      loc_23A08
# ---------------------------------------------------------------------------

loc_2394C:                # CODE XREF: sub_23918+28j
        addi      r11, r29, -0x2A
        cmplw      cr6, r26, r11
        bgt      cr6, loc_23944
        cmpldi      cr6, r28, 0
        bne      cr6, loc_23968
        addis      r11, r2, 1
        addi      r28, r11, 0x5E48

loc_23968:                # CODE XREF: sub_23918+44j
        li      r11, 0
        addi      r30, r31, 1
        li      r5, 0x14
        mr      r4, r25
        mr      r3, r30
        stb      r11, 0(r31)
        bla      memcpy
        addi      r31, r31, 0x15
        subf      r11, r26, r29
        mr      r4, r28
        li      r5, 0x14
        mr      r3, r31
        addi      r29, r29, -0x15
        addi      r28, r11, -0x2A
        bla      memcpy
        clrldi      r27, r28, 32
        li      r4, 0
        addi      r3, r31, 0x14
        mr      r5, r27
        bla      memset
        addi      r11, r28, 0x14
        li      r10, 1
        clrldi      r9, r11, 32
        add      r11, r27, r31
        clrldi      r5, r26, 32
        mr      r4, r24
        addi      r3, r11, 0x15
        stbx      r10, r9, r31
        bla      memcpy
        mr      r6, r29
        mr      r5, r31
        li      r4, 0x14
        mr      r3, r25
        bl      sub_23830
        li      r6, 0x14
        mr      r5, r30
        mr      r4, r29
        mr      r3, r31
        bl      sub_23830
        li      r3, 1

loc_23A08:                # CODE XREF: sub_23918+30j
        addi      r1, r1, 0xA0
        ba      __restgprlr_24
# End of function sub_23918


// ------------------- Function Prototypes --------------------

int32_t memcpy(int32_t a1, int32_t a2);
int32_t memset(int32_t a1, char a2, int32_t a3);
int32_t sub_23830(int32_t a1, int32_t a2, int32_t a3, int32_t a4);
int32_t sub_23918(int32_t a1, uint32_t a2, char * a3, uint32_t a4, int32_t a5, int32_t a6, int32_t a7);

// --------------------- Global Variables ---------------------

int32_t g1 = -0x7f31b9e2;

// ------------------------ Functions -------------------------

// Address range: 0x23918 - 0x23a10
int32_t sub_23918(int32_t a1, uint32_t a2, char * a3, uint32_t a4, int32_t a5, int32_t a6, int32_t a7) {
    int32_t v1 = (int32_t)a3;
    int32_t v2 = a5; // r28
    if (a4 < 42 || a4 - 42 < a2) {
        // 0x23a08
        return 0;
    }
    // 0x23958
    if (a5 == 0) {
        // 0x23960
        v2 = 0x5e48 + (int32_t)&g1;
        // branch -> 0x23968
    }
    int32_t v3 = v1 + (int32_t)"NDg"; // 0x2396c
    *a3 = 0;
    memcpy(v3, a6);
    int32_t v4 = v1 + 21; // 0x23984
    int32_t v5 = a4 - 21; // r29
    memcpy(v4, v2);
    int32_t v6 = 0; // r27
    memset(v4 + 20, 0, v6);
    *(char *)(a7 + v4) = (char)"NDg";
    memcpy(v6 + 21 + v4, a1);
    sub_23830(a6, 20, v4, v5);
    sub_23830(v4, v5, v3, 20);
    // branch -> 0x23a08
    // 0x23a08
    return (int32_t)"NDg";
} 


(_create_aes_sbox_128bit) sub_2440 (is where it takes the key and random bytes)

Code:

# =============== S U B    R O U T    I N E =======================================


sub_2440:

.set var_C0, -0xC0
.set var_A0, -0xA0
.set var_20, -0x20
.set var_10, -0x10
.set var_8, -8

        mflr      r12
        std          r12, -8(r1)
        std      r31, -0x10(r1)
        stdu      r1, -0x110(r1)
        addis      r11, r2, 1
        li      r4, 0x14
        addi      r3, r1, 0x50
        lwz      r11, 0(r11)
        stw      r11, 0xF0(r1)
        bl      sub_B488
        addis      r11, r2, 1
        addi      r8, r1, 0x50
        addi      r3, r11, 0x100
        li      r7, 0
        li      r6, 0x80 # '€'
        addi      r5, r1, 0x70
        li      r4, 0x30 # '0'
        bl      sub_B428
        cmpwi      cr6, r3, 0
        beq      cr6, loc_24F0
        li      r4, 0x80 # '€'
        addi      r3, r1, 0x70
        bl      sub_B480
        li      r5, 0x10
        addi      r4, r1, 0x70
        addi      r3, r1, 0x70
        bl      sub_B3A8
        addis      r11, r2, 1
        addi      r3, r1, 0x70
        addi      r5, r11, 0x350
        addis      r11, r2, 1
        addi      r31, r11, 0x40
        mr      r4, r31
        bl      sub_B3E8
        cmpwi      cr6, r3, 0
        mr      r3, r31
        bne      cr6, loc_24E4
        li      r5, 0x80 # '€'
        li      r4, 0
        bl      sub_AD20
        b      loc_24F0
# ---------------------------------------------------------------------------

loc_24E4:
        li      r5, 0x10
        mr      r4, r31
        bl      sub_B3A8

loc_24F0:
        lwz      r3, 0xF0(r1)
        bl      sub_204
        addi      r1, r1, 0x110
        ld      r12, -8(r1)
        mtlr      r12
        ld      r31, -0x10(r1)
        blr
# End of function sub_2440

# ---------------------------------------------------------------------------

now will everyone please stop talking bad about each other to each other and just learn how to work together I mean seriously this community is like a bunch of little children who are all like trying to be the smartest idiot I feel like I'm in grade school with all these kids thinking I'm better than you all need to grow up and be adults

[the1Domo DF Member Posts:160 Threads:36 Reputation 10]

there's also tons of useful information on the internet that will help you guys all figure this out if everyone would just work together instead of attacking each other we would have a better community

my archives was garbage
http://projectgames.club/Xbox/

Archive of Xbox 360 Wiki
https://github.com/Free60Project/wiki


I mean are you guys serious they even give you bootloader code here
https://github.com/Free60Project/wiki/bl...bl_Code.md
https://github.com/Free60Project/wiki/bl...CB_Code.md



stop trying to show each other your penises and show who the bigger idiot is and just work together from what I've been reading none of you guys know anything I've been working in this community for a very long time I'm the one who originally leak the original source from Xbox stealth or as some people call me the Liberator everyone just likes to talk crap to everyone even though all of your original resource and all of the original research was never obtained by any of you you guys just all run around with the same garbage perfecting it


I will give you guys that you guys have done a good job of perfecting garbage you  guys have made it run very well and in very good States I just want to see this community grow to what it used to be before all this Xbox Live stealth fucking garbage I mean seriously you guys are all better than this stop acting like idiots



and those of you return the base careers off of stove Services don't you realize that these are all going to go away in a few years and powerpc isn't even and you said anymore it's not even industry-standard it's dead so you're spending all of this time learning a dead system talking crap to each other International who has the bigger penis when you get you guys should all be learning how to actually do things so in the future you guys can have careers I really like to get a bunch of you together and teach you how to hack real video games on PCs


I really think most of you guys need to Branch out of the Xbox garbage if anyone is actually interested and making real money and actually having something that can last send me a message via p.m. and I'll give you a Discord where you can learn how to make a real hacks for PC games which actually take skill

---

security initialization in the HV 

Hidden Content
You must register or login to view this content.

[the1Domo DF Member Posts:160 Threads:36 Reputation 10]

is ready to be an adult and learn how to really code for a real system join my Discord I will not help with Xbox but I can give you advice I think the community has become very toxic

but join me and talk
https://discord.gg/4RE83e


http://projectgames.club

[DevXBLSK DF Member Posts:29 Threads:21 Reputation -3]

??let's see very interesting

[clbmodzlive DF Member Posts:209 Threads:14 Reputation 4]

seeing what this is thanks

[kaiocnx DF Member Posts:10 Threads:0 Reputation 0]

nice ty frends !!

[Kakashi Guest Posts:N/A Threads: Reputation]

Hey can you help with online games ?

[xCovert DF Member Posts:7 Threads:1 Reputation 0]

I'm just curious what you actually put in this..

[arms04 Banned Posts:76 Threads:5 Reputation 0]

thanks for the post!

[XeCryptShaInit DF Member Posts:37 Threads:2 Reputation 0]

this seems like a good place to leech, thanks thunder thighs!