![]() Being able to reboot into a more recent kernel revision would allow for games to be executed on the console that are dependent on these kernel revisions. The goal of this is, after initially loading a vulnerable kernel and exploiting it to gain control of the system, to be able to make the console reload into a modified, unsigned hypervisor and kernel. ![]() One project created as a result of the success of Free60 is a Kernel Rebooter. Perhaps the most important of the help requests is to provide audio drivers the Free60 members have asked for someone with knowledge of the ALSA kernel component and a SiS966 based motherboard to achieve this. To continue development, members of the Free60 project are looking for help. This may to some extent be contrasted to the Free60 predecessor, the Xbox Linux project, which saw far more development as a result of the relative ease of running unsigned code on the Xbox and the ease of porting x86 code to the Xbox's custom Intel Pentium III-based CPU. Since only a small proportion of Xbox 360's are currently able to execute unsigned code, there has been little development within the Free60 project in recent times. This process may be automated to help ensure legality of any 3D graphics acceleration. In order to achieve this acceleration, some data from the Xbox 360's flash needs to be uploaded to the Xenos GPU. This work has been encapsulated into an API for easier use. One of the main contributors to the Free60 project has developed a method of 3D graphics acceleration on the Xbox 360's GPU (codenamed Xenos) under Linux. In addition to this, framebuffer and cache issues mean that videos that do play are jumpy after the first few seconds when the cache is full. Some codecs are incompatible with the current display driver, causing some videos to not play.There are presently no audio drivers written to support the console's internal audio hardware, however a USB audio device can be used.This limitation is not as important as it once was, as it is now known to be possible to downgrade a Kernel greater than the last of the two exploitable Kernels by means of a timing attack. An older Kernel revision is required on the Xbox 360 itself, which may prove to be hard to find, since connecting to the Xbox Live service applies updates to the console, and many games include updates that must be applied before the game will run.All other commercially used drives are assumed unsupported, at this point in time the only other drives in use are manufactured by BenQ and Lite-ON. The readcd method was initially restricted to only Hitachi branded DVD-ROM drives, but now also supports Samsung branded drives.In the cases of released ' Live CDs', the readcd binary would typically be included on the modified game disc, which would eject the drive, and a CD containing the XeLL binary as well as the complete Linux kernel and filesystem would be inserted. ![]() XeLL captures CPU threads and launches the Linux kernel from either network ( tftp) or optical media as its only purpose, providing a flat device tree for the kernel. ![]() The code that readcd executes in this instance is known as XeLL, short for Xenon Linux Loader. The latter method involves the readcd binary, made specifically for this cause. This code may either initialize the serial port to allow upload of further code to the console, or eject the drive tray and prepare the console to load further code from a specified point on optical media that is then placed in the drive. With the original King Kong exploit, the console must launch the modified game which will utilize the software vulnerability to load a small chunk of code that is included on the disc. Alternatively, a home-made cable may be used to dump and patch the bios with jumpers attached to the appropriate pin header on the motherboard of the console to patch the hypervisor and allows unsigned execution directly at boot, known as the "JTAG/SMC exploit", which was patched after June 2009 but replaced by "Reset Glitch Hack", in 2011, which is applicable on any kernel version on all but the latest revision of the Xbox 360 motherboard (most 360's produced from 2014 until end of production in 2015), one caveat is being a glitch and relies on timing, boot times may be unstable. On the Xbox 360, the first exploit which enabled booting of unsigned code relied on a modified DVD-ROM drive firmware, a modified burned disc of the game King Kong (for Xbox 360), and the target console having either one of two vulnerable Kernel revisions. Since executable code on the Xbox 360 is digitally signed, and runs underneath a hypervisor, an exploit or hack is necessary in order to execute homebrew code.
0 Comments
Leave a Reply. |