realizzazione siti internet ed e-commerce mugello

Pagina 6 di 6 PrimaPrima ... 456
Risultati da 51 a 60 di 60
Like Tree26Likes

Discussione: [NEWS XBOX360 ] Nuova XCGPU per le XBOX 360 SLIM. Fine dell' RGH?

  1. #51
    Moderatore L'avatar di DrSchottky
    Data Registrazione
    Sep 2014
    Messaggi
    150
    Post Thanks / Like
    If you can achieve a stable length starting counter at CE deassert it's (probably) done, otherwise...
    Imho isn't the best way.
    I haven't done many(and accurate) tests on it, so the best advice i can give you is to try.
    Ultima modifica di DrSchottky; 07-11-2015 alle 14:36

  2. #52
    Junior Member
    Data Registrazione
    Oct 2014
    Messaggi
    11
    Post Thanks / Like
    thx. I also did several tests that time, but reading & rsa time did vary a lot, so I decided to search post bus, or some other signal closer to check.

    unfortunately post bus is disabled somehow (I still think it can be enabled), and there is no other activity except NAND reading...

    anyways I have no much time for this now (job stuff), so it will be great if somebody join the research...

  3. #53
    Moderatore L'avatar di DrSchottky
    Data Registrazione
    Sep 2014
    Messaggi
    150
    Post Thanks / Like
    Me=job+study+lack of hardware.

    And honestly i prefer to spend free time reversing code instead of working with CPLDs...

    Maybe i'll go back to Winchesters tomorrow, maybe next year, maybe never. Who knows.
    Atm i haven't plans nor interest.
    Ultima modifica di DrSchottky; 07-11-2015 alle 15:04

  4. #54
    Junior Member
    Data Registrazione
    Oct 2014
    Messaggi
    11
    Post Thanks / Like
    okay
    you can reverse SMC and find where it sends the nand data exchange confirmation

  5. #55
    Moderatore L'avatar di DrSchottky
    Data Registrazione
    Sep 2014
    Messaggi
    150
    Post Thanks / Like
    It isn't the way i would choose.

  6. #56
    Senior Member
    Data Registrazione
    Jan 2015
    Messaggi
    105
    Post Thanks / Like
    Dear @15432, DrSchottky doesn't seem very interested to these cursed winchesters, but I have an idea and maybe it can help you.
    I'm not very expert about chain of trust, but, from what I know, winchester mobo are very similar to corona v6 with winbond ram, because in both hardware init code is in CB_B instead CB_A. So...

    ... I can take a corona v6 with winbond ram (therefore obviously glitchable), I put a glitchip on it; then I take a winchester (therefore not glitchable), I put another glitchip on it, and I connect the POST_OUT1 (on the postfix adapter) of corona v6 with the POST_OUT point of glitchip on winchester.
    Then I find a way to power up both (corona v6 and winchester) in the same moment. When the corona v6 reaches the POST CODE D8, the glitchip (on winchester mobo) will send a slowdown pulse on winchester, and when the corona v6 reaches the POST CODE DA, the glitchip will send a reset pulse to the winchester CPU.
    So, theorically, when the corona v6 manages to reach the glitch, also the winchester should glitch. Am I wrong?

    If this is possible, now the main problem should be: how to dump cpukey after glitch? But all this is only an hypothesis.
    Ultima modifica di ninocervasio; 07-11-2015 alle 15:45

  7. #57
    Moderatore L'avatar di DrSchottky
    Data Registrazione
    Sep 2014
    Messaggi
    150
    Post Thanks / Like
    Citazione Originariamente Scritto da ninocervasio Visualizza Messaggio
    Dear @15432, DrSchottky doesn't seem very interested to these cursed winchesters, but I have an idea and maybe it can help you.
    I'm not very expert about chain of trust, but, from what I know, winchester mobo are very similar to corona v6 with winbond ram, because in both hardware init code is in CB_B instead CB_A. So...

    ... I can take a corona v6 with winbond ram (therefore obviously glitchable), I put a glitchip on it; then I take a winchester (therefore not glitchable), I put another glitchip on it, and I connect the POST_OUT1 (on the postfix adapter) of corona v6 with the POST_OUT point of glitchip on winchester.
    Then I find a way to power up both (corona v6 and winchester) in the same moment. When the corona v6 reaches the POST CODE D8, the glitchip (on winchester mobo) will send a slowdown pulse on winchester, and when the corona v6 reaches the POST CODE DA, the glitchip will send a reset pulse to the winchester CPU.
    So, theorically, when the corona v6 manages to reach the glitch, also the winchester should glitch. Am I wrong?

    If this is possible, now the main problem should be: how to dump cpukey after glitch? But all this is only an hypothesis.
    Nino, ti prego....
    Tommino81 likes this.

  8. #58
    Senior Member
    Data Registrazione
    Jan 2015
    Messaggi
    105
    Post Thanks / Like
    Ok, ci ho provato XD
    Ho quest'idea in testa da diversi giorni, pensavo fosse fattibile, ma se dici che è una stupidaggine, come non detto.

    (Ok, I tried XD
    I have this idea in my head for several days, I thought it was practicable, but if you say it's bullshit, forget it.)

  9. #59
    Junior Member
    Data Registrazione
    Oct 2014
    Messaggi
    11
    Post Thanks / Like
    -_- I heard the same thing many times.

    Why people think if they power on two different xboxes at the same time, everything will be executed there simultaneously with the nanoseconds precision?
    Even the same Xbox boots differently every time. It's just silly to use another console's post bus, it shows the state of donor xbox, not the ours!

  10. Likes zeruel85 Ha dato un "mi piace" per questo post
    Thanks ninocervasio Ha ringraziato per questo post
  11. #60
    Junior Member L'avatar di SUBCOMANDANTEMARCOS
    Data Registrazione
    Oct 2014
    Località
    Soviet Union
    Messaggi
    6
    Post Thanks / Like
    hello, apparently no solution for winchester

Pagina 6 di 6 PrimaPrima ... 456

Tag per Questa Discussione

Segnalibri

Permessi di Scrittura

  • Tu non puoi inviare nuove discussioni
  • Tu non puoi inviare risposte
  • Tu non puoi inviare allegati
  • Tu non puoi modificare i tuoi messaggi
  •