Slashdot Mirror
Technical Analysis of XBox Save Game Hack
DJPenguin writes "There is an excellent article at the XBox Linux Project that describes exactly how the XBox savegame hack works. It details how the author went to great lengths to hide exactly what was going on. It turns out the exploit code is hidden within an image of Tux himself!" An enlightening read, to say the least.
The code was "hidden" in the jfif header, therefore does not qualify as steganography in my opinion. But I bet MS jumps all over this and gets stego banned.
The code is just brilliant. A lot of care was taken in the construction of this hack. No script kiddie is he.
It looks like it retrives the private key. That's interesting.
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
Nah, this is still just a buffer overflow. I doubt he "put" it in there.
I think that any programmer can appreciate why he went to such lengths to hide the code. It's a hell of a cool thing to do.
In this world of script kiddies, it's very important to disguinish between kiddies and people who are true hackers. Mad props to him for showing that hacking is most certainly an art.
The modification of the public key to make is divisible by 3 was just beautiful.
int func(int a);
func((b += 3, b));
You might be right about this being a spy vs. spy thing because the stakes are so huge. This could mean that rival Console makers are actually hacking the X-box to diminish it's threat. That could be a reason why this hack was so well done!
You brought up an excellent point!
In this world of script kiddies, it's very important to disguinish between kiddies and people who are true hackers. Mad props to him for showing that hacking is most certainly an art.
/*" is not an artist, he's a criminal who should have his nuts ripped off - no matter how 1337 his 5ki11z are. Although the legality of hacking the X-Box is questionable, it's in a different world entirely from the vandalism associated with computer break-ins, and the community is doing this to a product they paid for and own.
Um, that's not a very good distinction: you need to be clear what meaning of "hacker" you're using. Someone who r00ts my box and types "rm -rf
By confusing the illicit modding and the website defacing, you're making it all the harder to defend against future DMCAs. Many of the big corporate lobbyists and lawyers we so love to bash on Slashdot would love for the public and politicians to view hobbyists and crackers as the same thing.
Hackers traditionaly hold to the ethic of do no harm. It's one thing to get into a box poke around get some evidence that you were there and not damamge anything besides covering your tracks (and thats a bit of a new thing due to the excessive laws against it) A script kiddie is just that a script kiddie lets try to not confuse the two. If they call themselves a hacker thats fine it dosent make it true. The hackers of the world know who they are and how to tell there own.
No sir I dont like it.
I should'nt feed the troll, but here goes:
1)Making it upgradable would increase cost, they wanted the cheapest box for the performance they could make (sockets cost money)
2)If you don't like the idea of not being able to write your own code for it, then don't buy it.
3)puts their logo on the front...in that case is Dell also evil?
4)If you even try to open this crippled PC, your warranty is void....why does microsoft have to warranty actions on the XBOX that it's not designed for? That's like me saying that AMD should still warranty my processors even if I'm running them out of spec
5)...you are breaking the law. Despite what the spindoctors say, as long as you aren't hacking your xbox to play copied games, they can't touch you if your putting your own software on there (that said, if a side effect of your little hack causes someone to be able to play burned games, then theyre gonna come after you (which sucks for fair use...).
6)The scariest part? Is that in 10 years, we wont be talking about a console. This is the future of the PC.That is the scary part though. Even though 'the powers that be' keep claiming that people will be able to run unsigned content on TCPA hardware. I can't imagine that it would 'accidentally' cripple things like linux and BSD that hurt the bottom line
-Bucky
I'm sure the reason was to make it harder for others to use the same hack to play copied games.
Remember, they've already gone out of their way to stress it's use for a legitimate purpose (running Linux) and not for piracy. This is just one more example of that. It shows a good faith effort by the authors to insure the hack can't as easily be exploited for other purposes.
Conoles will stay consoles. They will be made to play purely games and nothing else. This is what people want to buy, and they're showing it with their pocketbooks right now. Look at how many dedicated gaming devices Sony and Nintendo have sold compared to Microsofts try-and-do-everything Box. The numbers speak for themselves.
What you are describing is still a system cracker. The "do no harm" philosophy is pure ignorance. Someone breaking into a machine and covering his tracks can do a lot of unintentional harm.
Those who hack the XBox don't have to worry about causing harm because they are working entirely on their own equipment.
[Set Cain on fire and steal his lute.]
It's a sad sad day when someone gets modded up for explaining how hexadecimal works on slashdot.org
Come on.. are we geeks or mice here ?