You are viewing our Forum Archives. To view or take place in current topics click here.
Reset Glitch Hack Technical Software Question(s)....
Posted:

Reset Glitch Hack Technical Software Question(s)....Posted:

hville
  • Challenger
Status: Offline
Joined: Jan 11, 201113Year Member
Posts: 117
Reputation Power: 4
Status: Offline
Joined: Jan 11, 201113Year Member
Posts: 117
Reputation Power: 4
Ok, for the sake of this question we will focus on the Jasper/Zephyr side of the new reset glitch hack...

1BL runs a zero-paired CB. CB initializes DRAM, |Reset Glitch|, then loads modified CD. If CD fails to load, SMC reboots it until it loads. The CD then proceeds to boot Unsigned Code (Xellous).

under normal circumstances instead of unsigned code, CD would load the base kernel/HV "CE" from NAND, then Start CF. CF loads, decrypts, and decompresses HV and Kernel patches. From there it loads the Patched HV and Kernel, and boots to the Dashboard.

So here we come to the question: What does it actually take to boot a modified dashboard? It appears to me that we need post-CD RSA/SHA1 checks removed, and some HV/Kernel patches. Is that all?

I am confused on 1 other detail... CB in its standard form is RSA signed. It also is in charge of initializing the processor security engine to hash check DRAM on the fly. What checks the signature of the CB?

It also seems like negating efuse checks would be beneficial too....

Any Answers are greatly appreciated. Its not something I've been able to just look up, and its bugging me.
#2. Posted:
hville
  • Challenger
Status: Offline
Joined: Jan 11, 201113Year Member
Posts: 117
Reputation Power: 4
Status: Offline
Joined: Jan 11, 201113Year Member
Posts: 117
Reputation Power: 4
bump! lol anybody out there? Any input is greatly appreciated!
#3. Posted:
RamboMods
  • Rising Star
Status: Offline
Joined: Dec 08, 201013Year Member
Posts: 773
Reputation Power: 28
Status: Offline
Joined: Dec 08, 201013Year Member
Posts: 773
Reputation Power: 28
I believe so. My friend Carolina gamer has connections and already has a dash but he wont show the public he has showed me pics. The new FSD works with it too.
#4. Posted:
hville
  • Challenger
Status: Offline
Joined: Jan 11, 201113Year Member
Posts: 117
Reputation Power: 4
Status: Offline
Joined: Jan 11, 201113Year Member
Posts: 117
Reputation Power: 4
it seems any properly developed homebrew should function the same as on a jtag.... its a modified dash that runs unsigned code either way, so I believe FSD would work. I'm a tech savvy person, but definitely not a coder. That's why I ask, because I want to understand but do not know.
#5. Posted:
Austin_Powers
  • Gold Gifter
Status: Offline
Joined: Jul 07, 201112Year Member
Posts: 4,218
Reputation Power: 211
Status: Offline
Joined: Jul 07, 201112Year Member
Posts: 4,218
Reputation Power: 211
so is their a rebooter for it yet??
#6. Posted:
hville
  • Challenger
Status: Offline
Joined: Jan 11, 201113Year Member
Posts: 117
Reputation Power: 4
Status: Offline
Joined: Jan 11, 201113Year Member
Posts: 117
Reputation Power: 4
Austin_Powers wrote so is their a rebooter for it yet??


it doesn't require a rebooter. The Reset Glitch Exploits the console early in the boot process. Even before DRAM is initialized, the bootchain is compromised. This means we can boot straight into a modified dash or anything else really. Jtags soft reboot from an older kernel into a newer dashboard revision. The older kernel is exploited first, then the console soft reboots into a modded version of a newer dash. RGH doesn't require an exploitable/exploited kernel, because we have compromised security before the kernel is loaded.

I figure if its fully explained, maybe ppl will quit using the term "rebooter"....
#7. Posted:
California
  • Powerhouse
Status: Offline
Joined: Oct 08, 201013Year Member
Posts: 469
Reputation Power: 21
Status: Offline
Joined: Oct 08, 201013Year Member
Posts: 469
Reputation Power: 21
hville wrote
Austin_Powers wrote so is their a rebooter for it yet??


it doesn't require a rebooter. The Reset Glitch Exploits the console early in the boot process. Even before DRAM is initialized, the bootchain is compromised. This means we can boot straight into a modified dash or anything else really. Jtags soft reboot from an older kernel into a newer dashboard revision. The older kernel is exploited first, then the console soft reboots into a modded version of a newer dash. RGH doesn't require an exploitable/exploited kernel, because we have compromised security before the kernel is loaded.

I figure if its fully explained, maybe ppl will quit using the term "rebooter"....
I have understood this, but what else should we call it instead of a rebooter??
#8. Posted:
hville
  • Challenger
Status: Offline
Joined: Jan 11, 201113Year Member
Posts: 117
Reputation Power: 4
Status: Offline
Joined: Jan 11, 201113Year Member
Posts: 117
Reputation Power: 4
Modded dash? Dashmod? It is different so it should have a different name to separate them... Maybe we should have a poll.
#9. Posted:
hville
  • Challenger
Status: Offline
Joined: Jan 11, 201113Year Member
Posts: 117
Reputation Power: 4
Status: Offline
Joined: Jan 11, 201113Year Member
Posts: 117
Reputation Power: 4
Borrow from the PS3 scene's CFW and call it CXE for
Custom Xbox Experience.....
#10. Posted:
AGL_MegaDeth
  • TTG Master
Status: Offline
Joined: Jan 17, 201014Year Member
Posts: 820
Reputation Power: 31
Status: Offline
Joined: Jan 17, 201014Year Member
Posts: 820
Reputation Power: 31
hville wrote Borrow from the PS3 scene's CFW and call it CXE for
Custom Xbox Experience.....
just use the name already in place fsd lol it fits the spot just righjt i believe
Jump to:
You are viewing our Forum Archives. To view or take place in current topics click here.