Xbox-Scene News: Kernel Downgrade 'Timing Attack' PIC Interface Schematics and Details

RGH: Xecuter CoolRunner/NAND-X ~ Matrix Glitcherv2 ~ Super NAND Flasher
ODD Emu: X360Key ~ Wasabi X360(S) | XGD3 Burner LiteOn iHAS124 ONLY $19
360 CFW: CK3i/ Probe3/ LT Switch/ DG-16D4S PCB/ Sputnik360 Switch/Probe
Wii Chips | NDSi Flashcards | Giganews Usenet: 1150+d retention, Unl. Speed

Back to the news-page

Kernel Downgrade 'Timing Attack' PIC Interface Schematics and Details

>> Robinsod released the open-source schematics, sources and details to make your own PIC interface needed to perform the 'Timing Attack' that will allow you to boot the 1888 'base kernel' on your Xbox 360 even if you have burned fuses (and don't know your CPU Key) ... once booted to that kernel you will be able to update to an exploitable kernel. If you don't have the knowledge or tools to do this yourself, Robinsod says that Team Infectus is already hard at work designing a daughterboard for the their Infectus Modchip.
The software required for this 'Timing Attack' is currently in final phase of testing and will be released soon.

From Robinsod on XBH:
[QUOTE]
The timing attack is working well now, the software has been released for testing and if no major problems are found then it will be available at the end of the week. The first release will require an Infectus modchip and a "home made" PIC interface. I thought I would release the details of the PIC today to give people a chance to order parts, build and test the hardware.

Schematic (horrible, hand drawn & scanned): here

Parts List:
IC1 LM339
IC2 LM339
IC3 74HC08
IC4 PIC16F876A 20MHz
IC5 MAX232 or equivalent
1 * LED
1 * 20MHz Crystal
16 * 1K 0.25W 5%
1 * 10K 0.25W 5%
1 * 680R 0.25W 5%
1 * 330R 0.25W 5%
1 * 5K6 0.25W 5%
2 * 22pF Ceramic Cap
9 * 100nF Ceramic Cap

Please note, 100nF decoupling caps across every ICs power supply pins seems to reduce the noise on the power supply and VRef lines. Reduced noise = Less jitter in the timing measurements which is a good thing ;)

PIC Boot Loader, got this from Microchip site, repeated here for you convenience: here
PIC Source (build with CCSC PCW) & Precompiled Binary: here (update: fixed version)
Document: here

Tomorrow I will release the tool that will build downgradable flash images. Hopefully by then the 2.0.1888 file set will be available in "the usual places"
[/QUOTE]

News-Source: xboxhacker.net (tech/bug-report discussion ONLY pls)
Discuss this news item on our forums: forums.xbox-scene.com

Spread News: (PermaLink) - (Digg) - (Netscape) - (del.icio.us) - (Slashdot) - (Technorati)
(Tuesday 18 September 2007 00:41 EST) - (Category: Xbox360) - (Posted by:: )

Back to the news-page

Expand this section here