I have a Xbox 360 slim for 3-4 years, and have played it occasionally. Recently I happened to check about running home brew code on Xbox and it turned out there are some amazing engineering done to enable that.
The best of that is a hack called "Reset Glitch". It is discovered by a French guy called Gligli. The whole process is nothing short of AMAZING. First a glitch was found that by asserting CPU_RST line on the processor the CPU will always return 0 for comparison commands (instead of a full CPU reset). So this way, one can assert the line at the "right moment" when the boot code is performing signature verifications so the verification always passes.
The keyword is "right moment". But the CPU is running code at hundreds of mega hertz. How do one find the right moment among the millions of instructions that are executed? It turns out there are ways to significantly slow down the CPU clocks, and different ways for different versions of Xboxes as well. For older Xboxes (called FHAT), the way is to assert CPU_PLL_BYPASS. For newer slim Xboxes, it is to change register value on a chip through I2C. I was thoroughly amazed by how people can probe and reverse-engineer all these from a complex black box system.
Apparently, this has been around for years (since 2011), and I have just learnt it today. I have decided to give it a try.
No comments:
Post a Comment