This document tries to collect as much information as possible. To support it, share your information and experiences on the mailing list. On the one hand each of the posibilities has to get more detailed and on the other hand there could be other methods I didn't think of.
First of all, as probably everyone knows, you can only execute signed XBEs, except you have a mod chip. So the goal is to somehow hack the Xbox in order to run unsigned code. Beside this, the hack should be cheap and, of course, it ought to be legal.
First it seems very likely to run signed code. So we would have to produce our own code, put it into an XBE and sign it. For this there would be two possibilities, but to get a better understanding first read the Xbox signing process by Franz Lehner. There is also an excellent description of the XBE file format and an open XDK by caustik.
The RSA Signature is based on two types of keys. First there's the public key, built in in every Xbox to verify a signature. The other key is the private key, it is very, very secret and only Microsoft has it. If a company wants to sell an Xbox game they have to send it to Microsoft and then Microsoft will sign it with their private key. If we had that private key, we would be able to sign our own code, so the question is: How to get this key?
What you have to know is that the public key is calculated out of the private key. The algorithm for that is very easy and fast. You also can calculate the private key out of the public key but that's expected to be an NP-complete Problem.
So if you have the public key and interpret it as one huge number, it is a product out of two (or more) primes. To get the private key you have to factorise the public key (the huge number). The result will be two (or more) primes which are nearly the private key, at least will be enough to sign our own XBE.
Simply saying: If we have the public key K, we search to numbers p
and q with:
p * q = K
But remember, it's expected to be an NP Problem. This means that it's very unlikely that it will be factorised even with a supercomputer...
Have: Public key (it's inside the Xbox kernel), in decimal:
2074011932725872376027602350906301713845599360627488352673195511324110900735
4362374128996096291046353572306742110305456946824862203867115042369878729703
4757651122801674981890464377946029661688124194233651969796694319295889511268
0464874302938783366603176573433716594963473137559247167029424618087781510481
2674626967450097045005117546657068700545263064105024888769118032059917845867
6530404194040036845598825091953986309228240504053796205135896999939802056942
6697323609577215347638826741847653366351274624331031785386194643005307289050
2949319703765023792161144942611323629444409600173894963797156859916567288947
565058003
Hints:
Programming languages' numbers have a maximum length (1,2 or 4 bytes) that is much smaller than the public key. So if you need to work with such huge numbers, you have the following possibilities:
Possibility:
Writing a distributed factorising program to make it public available and search for people sharing there CPU load. (Comments?)
The second way would be to take an already signed XBE and modify it. Because the signature itself only signs the header, it would be possible to modify the sections in the XBE. For this task we could modify anything except the header itself. So the sections need to have the same size and the sameSHA1 hash as before.
To reach this goal there are these two possibilities:
(a) Create a section that does all we want it to do and search a fitting signed XBE. Then we copy our section to a section in the XBE, where our section should be smaller than the XBE's original section. After that we would have to padd the section till its original size, so that the sha1 hash gets the same as before.
(b) Find an attack against sha1. There have been attacks against md5 that did the following: You have a message A with a hash md5(A). The attack produced a new message B with md5(B)=md5(A). Perhaps there is a easy way to modify single bytes so you get the same sha1 hash.
Remember, America's National Security Agency (NSA) designed the SHA1 algorithm. Do you really think that it doesn't have any exploitable loopholes? :)
Have: sha1 function (provided by Franz Lehner, see CVS: cromwell/sha1.c)
Need: a section that does what we want
Need: a attack against SHA1 ;)
Need: (Distibuted) Brute Force programm to pad section till the hash matches
Posibility:
If we have the section and the program, we would need people sharing there CPU load.
If you turn on the Xbox and don't have a DVD in your drive, the Microsoft Dashboard starts up. The dashbord is controllable through USB (your XPad) and the USB stack (protocol) of the dashboard is very complicated. Perhaps it will be possible to produce some kind of buffer overflow in the USB stack. Therefore we would need a software-emulated USB device, that sends special data to the USB controller.
A USB controller of a normal PC connected to the Xbox can't do the job, because USB is a host/device protocol. So the host controller (of the PC) can't simulate a device.
Like Andy mentioned on the ML, it seems very unlikely to find a buffer overflow in the USB Protocol. He thinks it will be more likely to cause some kind of logical violations in specific drivers near the top of the USB stack.
This could be something like:
Need: reverse engeneering of USB stack, find bug/overflow
Need: software controlled USB device
Update: It is not possible to simulate a USB device through LPT or COM.
There are several Xbox demo DVDs (shipped with magazines) and the JetSetRadio/SegaGT bundle DVD, perhaps there are more, that contain demo videos of games. These videos are all encoded with Bink, a proprietary video format. For this format there is a player (the bink player) built into the XBE file (the player is also available for Windows). Perhaps there is a possibility to modify the video file to create a buffer overflow. Therefore it is helpful to know as much as possible about the file format. Because there is a Bink player/encoder available for Windows, we can produce as many Bink files as we want and analyse them.
To get the player or more info about bink visit their site.
By the way, on the Xbox the bink player is used, don't let you confuse by the smacker codec (it's the older, 8bpp codec), for Xbox it doesn't matter.
Need: Bink File Format
Need: BufferOverflow ;)
Need: a method to create (burn/press) DVDs with the Xbox copy
protection mechanism. (see note on DVD protection)
Every game stores its savegames onto the Xbox hard disk. Perhaps there are games where manipulated savegames could create a buffer overflow. Therefore we would need a game that produces such an overflow and we also need a deeper understanding of the savegame structure.
The Xbox itself can also copy savegames to the memory units of the XPad. There are people who are trying to write a USB driver (see ML) for the memory unit. With such a driver we could copy (with the XPad connected to a normal PC running Linux) the manipulated savegame to the memory unit, then reconnect the XPad to the Xbox, start the game and load the savegame to run our code.
Need: Knowledge of savegame structure
Need: Memory unit driver (expected/someone is working on it, see ML)
Each XBox Game is copy-protected so you can't just make a 1:1 copy of the DVD. The copy-protection consists of two main parts. First the DVDs contain a CSS copy-protection. This protection could perhaps be removed by using DVD-R(A)s or special versions of DVD+Rs. In addition, the TOC of the DVD is signed with the RSA key. This TOC also contains the number of layers, the DVD has. Pressed DVDs have two layers, burned DVDs have only one. That's why we can't burn a DVD that can run on an unmodded XBox, except we would have the private RSA key (see 1.1).
It would be possible to press a DVD with the content, we want it to have. These DVDs would also run on unmodded Xboxes.
But it would be possible to simulate a original pressed DVD with its copy protection, if we had a software simulated DVD drive. There is an effort to do this by Andy Green.
THIS METHOD IS HIGHLY ILLEGAL. It will not be considered at all as a viable option. It is only listed here for completeness - it is helpful to examine all possibilities even if they are illegal. Don't even *try* to do this, please.
Using the above method, an existing game can be copied, and it will boot on an unmodded Xbox. So what about Linux? We can't simply replace the XBE on the DVD with our own, because booting from "legitimate" media doesn't change the fact that all XBEs must be signed. However, we can leave the game's XBE file as-is (the illegal part!!) and modify some *other* file the game uses, like a level layout. Since games rarely hash their data files, and there are many games, it's quite likely that *several* games can be exploited in this manner.
This is basically an illegal extension to #4's Bink idea.
Not much is known about the DVD player software used on the Xbox. Perhaps there is an exploitable buffer overflow in the player's handling of certain DVD features. For example, it's known that several DVDs cause errors or crashes in the DVD player.
This would be one of the best options, if it could be done. You could boot Linux from a CD-RW or DVD-R!
(The Xbox detects DVD movies by the VIDEO_TS directory and the UDF file system, not the media type, so CDs burned in this way get recognized as movies also.)
Need: Detailed knowledge of the format of DVD video structures
Need: Reverse engineering of the Xbox DVD player and likely dashboard
Security in online gaming is very difficult to do, and not all developers are good at it. It's quite possible that some games have network code that can be buffer overflowed using specially designed packets. Microsoft seems to be aware of this problem, and has apparently mandated that all games use a special Kerberos-enabled network stack. However, this network stack is not secure. Many games are peer-to-peer, meaning that the encryption keys must be in the game disks somewhere.
Need: Reverse engineering of the Xbox network libraries' Kerberos system
Need: Reverse engineering of the underlying game's protocol
Need: A game that has such a bug or back door
There were several reports of problems with Xbox games. More information on the behavior of unmodded Xboxes would be good. It has been reported that some games crash if you set: