Sign in to follow this  
Followers 0
FiB3R

Xbox One NAND Dumped

23 posts in this topic

"Here is their translated posting, in regard to how they did-it:"
 


The Nand Xbox One is 4.9 GB in size and can be as in the 360 ??dump with an SD card reader.
J-runner may not be used for Dumping because it reads out the maximum of 3.5 GB of Corona.
The quartz must be disabled as in the Corona V2.

 

 

one_nand1_zpsdaf641dc.jpg

one_nand_zps9b0858ee.jpg

one_nand2_zpsc09d8759.jpg

 

Maxconsole via EurAsia via Konsolen Junkies

 

Not major news, I suppose, but still... :)

1 person likes this

Share this post


Link to post
Share on other sites

But the question is, can they really do anything with it yet?

Answer:

probably not.

 

Still interesting nonetheless.

Share this post


Link to post
Share on other sites

The answer is NOPE. They can't do anything with it. But I suppose they'll try to modify and reupload it to see the responses the system gives, which will probably get them nowhere. Dumping a NAND is not a big feat in the hacking scene unless you can do just that without problems. Like the OP said, not major news.

Share this post


Link to post
Share on other sites

But the question is, can they really do anything with it yet?

Answer:

probably not.

 

Still interesting nonetheless.

The Matrix code running through your sig is cool...

Share this post


Link to post
Share on other sites

Just a friendly reminder..

 

No Illegal Software/Copyrighted Discussion.
Discussions involving warez, cracks, security circumvention, using torrents for downloading copyrighted or illegal material is strictly prohibited. This includes music files or other unauthorized software. Asking for help in doing so will cause warns or suspensions of accounts.

Share this post


Link to post
Share on other sites

Just a friendly reminder..

Not illegal to read out data from something you've bought.

Redistributing it or giving access to it to others, yes.

Share this post


Link to post
Share on other sites

The Matrix code running through your sig is cool...

Thanks.

 

I used http://textanim.com/

 

My secret's been exposed! :ninja:

1 person likes this

Share this post


Link to post
Share on other sites

need to dump the bootrom to figure out how to decrypt the nand. I doubt that will ever happen.

Share this post


Link to post
Share on other sites

need to dump the bootrom to figure out how to decrypt the nand. I doubt that will ever happen.

 

It'll definitely happen, as will the PS4/Wii U/3DS/Vita also be cracked one day.

1 person likes this

Share this post


Link to post
Share on other sites

Too much money in it for it not to happen...may take longer than generations before but I would never bet on a console staying modproof

Share this post


Link to post
Share on other sites

Too much money in it for it not to happen...may take longer than generations before but I would never bet on a console staying modproof

theres too much money in it in sat piracy,but the 2 big u.s providers,and other providers around the world have not had their systems compromised since 2008(key sharing doesn't count),even though it would be much easier to dump than the current consoles.

also,im only talking about os level hack,not drive hacks. I know for a fact a drive hack will happen,unless the hackers are lazy,because all it takes is the emulation of the disc laser reading the pits off the disc. just replay the analog signals from the optical unit back to the system. this is unpatchable,and ive seen this type of emulation at a chaos computer club talk in berlin.

Share this post


Link to post
Share on other sites

It'll definitely happen, as will the PS4/Wii U/3DS/Vita also be cracked one day.

 

I dunno. last gen was nearly bulletproof and was only cracked because the left some parts outside of the hypervisor. the encyrption was never really cracked on the 360(heck even the major project to decrypt the original xbox to make uniqe keys for it never succeeded), on the PS4 the keys where only gotten because of a leak, outside of that it was all hardware hacks again.

 

one would assume they've learnt since then, and like last gen was far more secure than the one before, this one again, will be far more secure than last. which will make it nearly if not completely impossible to break. 

Share this post


Link to post
Share on other sites

What can be done with this NAND dump?

Share this post


Link to post
Share on other sites

What can be done with this NAND dump?

A bunch of pretty 0s and 1s that you can look at it.

2 people like this

Share this post


Link to post
Share on other sites

So, is the OS itself installed on that 8GB of NAND and not on the HDD then?  Early on everyone figured that the reason they didn't make the drive user replaceable was because the OS/apps was installed on it.   

Share this post


Link to post
Share on other sites

Hmm, nothing about SPIway yet? PS4 got dumped as well :)

 

These dumps are encrypted system images. They cant do much until they figure out how they are encrypted and get the decryption key. Comparing several dumps from a lot of boards can show patterns but not lead very far.. T-X also got BD-ROM x-rays and appearently are decapping it. Guess theres always a market in repair/replacement drives. I thought each disc had a license file on it, hence individual discs could be 'banned' from working, but maybe they are not all identical (pressing nightmare) or theres a way to generate your own license/use another discs file.

Share this post


Link to post
Share on other sites

So, is the OS itself installed on that 8GB of NAND and not on the HDD then?  Early on everyone figured that the reason they didn't make the drive user replaceable was because the OS/apps was installed on it.   

From what I remember of the 360 (which also has a NAND), it has base OS, firmware, encryption keys, discs used and errors encountered (e.g. if you played using a pirated disc on the 360 and it failed verification, it'd be stored in the NAND and uploaded to MS when you next connected to the internet, so people that thought they were safe with pirated copies offline mostly all got banned), hard drive info (so it'll only work with that HD), DVD drive info, etc.

Share this post


Link to post
Share on other sites

So, is the OS itself installed on that 8GB of NAND and not on the HDD then?  Early on everyone figured that the reason they didn't make the drive user replaceable was because the OS/apps was installed on it.

Makes more sense though if the NAND is used as an emergency backup, whereas the updateable mainOSes and apps/games are on the HD. The 360 also has it's "BK" kernel storage where the base 2.0.1888.0 dashboard of 2005 is stored (see the system info screen on it).

Share this post


Link to post
Share on other sites

Makes more sense though if the NAND is used as an emergency backup, whereas the updateable mainOSes and apps/games are on the HD. The 360 also has it's "BK" kernel storage where the base 2.0.1888.0 dashboard of 2005 is stored (see the system info screen on it).

 

That's a good point, but the size is telling, if it was more of a backup image etc then I don't think it'd have to be 8GB?  And from the dump it doesn't seem to be taking up all of it.    Either way, it's interesting, wonder if anyone has tried to upgrade the HDD yet as well?

Share this post


Link to post
Share on other sites

That's a good point, but the size is telling, if it was more of a backup image etc then I don't think it'd have to be 8GB?  And from the dump it doesn't seem to be taking up all of it.    Either way, it's interesting, wonder if anyone has tried to upgrade the HDD yet as well?

Funny enough, yes, someone has.

http://www.neowin.net/forum/topic/1190647-how-to-install-a-bigger-hard-drive/

2 people like this

Share this post


Link to post
Share on other sites

That's a good point, but the size is telling, if it was more of a backup image etc then I don't think it'd have to be 8GB? And from the dump it doesn't seem to be taking up all of it. Either way, it's interesting, wonder if anyone has tried to upgrade the HDD yet as well?

The Xbox One systems are gameOS, mainOS and a hypervisor to bridge the two.

MainOS is just a SKU of Windows 8, similarly to how Windows Phone 8 is a Windows 8 variant, stored in the .ffu container format to be flashed to devices (and I suppose the offline update xvd's are also just a container, similar to .ffu).

Since all are in fact, Windows 8.x, it is natural for all systems based on the Windows 8 core to support push-button reset imaging in some way or another.

Also since the Xbox One core is Windows 8, that should also mean it is able to install updates more seamlessly, and more often that the 360 was capable of, and that now it is not necessary to blow CPU efuses in order to do dashboard updates anymore.

Updates can install in a similar way the Windows 8.1 system is able to replace Windows 8.0 via Windows Store. When you update an OEM installed factory Windows 8.0 system of a PC to Windows 8.1, it's RE tools partition and recovery partition are able to be replaced by the Windows 8.1 image during setup, so that when you try to Reset the PC after such an update, you get a clean Windows 8.1.

Also when you soft-reset (via Settings) a Windows Phone 8 device, it is just being reverted to the factory state of the installed flash image, but the resulting system corresponds by the versions to the system you had prior to reset, just any userdata is wiped. Means when you install firmware/OS updates via "phone update", they are reflected in diff into the barebone system image in recovery area, the system/fw changes are available post-reset and you don't need to redownload updates.

In both PC and phone occasions, the recovery partitions have the barebone systems plus any applicable updates, that it copies to the main storage, to be subsequently used by the user there. The recovery system itself is not actually used for any other purpose than acting as an installation source during Reset.

Based on that, this explains how this NAND could be used, and why it initially has more space - to accommodate any future updates to the system image.

One of the reasons Microsoft provides offline update images is that because of a possibility that an initial setup of the system to HDD off from the recovery NAND (that's why it takes so long on first boot - it copies the system image and prepares for OOBE [Note: Basically it is an explanation to the actions the system does on "Putting it back together" section in the thread linked by trooper11 just above my post] ) can get stuck, freeze, or can have other problems (rarely), like some corruption in the system image in the NAND, such as if we take for example a scenario if you accidentally unplug the console while it's updating - the system image can have a CBS not resolved servicing state as a result. The OSUDT/EOU is used to recover the image to a serviceable point in order to update properly.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.