Xbox - Modding

Modding

The popularity of the Xbox, as well as (in the United States) its comparatively short 90-day warranty, inspired efforts to circumvent the built-in hardware and software security mechanisms, a practice informally known as modding. Within a few months of its release the initial layer of security on the Xbox BIOS (which relied heavily on obfuscation) was broken by MIT student Andrew Huang and the contents of the "hidden" boot ROM embedded on the MCPx chip was extracted using some custom built hardware. Once this information was available, the code was soon modified so that it would skip digital signature checks and media flags, allowing unsigned code, Xbox game backups, etc., to be run. This was possible due to flaws in the Xbox's security. Modding an Xbox in any manner will void its warranty, as it may require disassembly of the console. Having a modified Xbox may also disallow it from accessing Xbox Live, if detected by Microsoft, as it contravenes the Xbox Live Terms of Use, but most modchips can be disabled, allowing the Xbox to boot in a "stock" configuration. Softmods can be disabled by "coldbooting" a game (having the game in the DVD drive before turning the console on, so the softmod is not loaded) or by using a multiboot configuration.

There are four main methods of modding the Xbox:

  • Modchip: installing a modchip inside the Xbox that bypasses the original BIOS, with a hacked BIOS to circumvent the security mechanisms.
  • TSOP flashing: reflashing the onboard BIOS chip with a hacked BIOS to circumvent the security mechanisms. The Xbox BIOS is contained on a commodity EEPROM (the 'TSOP'), which can be made writable by the Xbox by bridging points on the motherboard. Flashing is usually carried out by using a specially crafted gamesave (see 'Game save exploit', below) to flash the onboard TSOP, but the TSOP can also be de-soldered and re-written in a standard EEPROM programmer. This method only works on 1.0 to 1.5 Xboxes, as later versions replace the commodity TSOP with an LPC ROM contained within a proprietary chip.
  • Softmods: installing additional software files to the Xbox hard drive, which exploit programming errors in the Dashboard to gain control of the system, and overwrite the in-memory copy of the BIOS. Soft modification is known to be safe for Xbox Live if the user enables multibooting with the Microsoft dashboard and an original game disc is used.
    • Game save exploit: using select official game releases to load game saves that exploit buffer overflows in the save game handling. When these special game saves are loaded, they access an interface with scripts for installing the necessary softmod files. Disassembly of the Xbox is not required when installing most game save exploits.
  • Hot swapping: using a computer to change the data on the hard drive. This requires having the Xbox unlock the hard drive when it is turned on, then swapping the powered hard drive into a running computer. By using a Linux-based Live CD, data on the hard drive can be read, altered, and deleted. In most cases, an automated script will automatically install the softmod files directly to the Xbox hard drive. This technique has been used extensively to harbor cheating on many online games. Disassembly of the console is required to perform a hot swap.

Read more about this topic:  Xbox