GUIDE How to Jtag an Xbox 360

How to install the jtag hack on an Xbox 360

What you need:

T10 screw driver
T8 screw driver
Soldering iron
Wire
USB nand flasher or LPT cable
A Brain

Software:

Auto xbins
Nandpro
360 flash dump tool
Tool for building the Rebooter (easy freeboot is my personal prefrence)


First off:

Make sure that your console is on dashboard 7371 or lower and manufactured before 20th June 2009



Instuctions:

First off your gonna want to dismantle your 360 - I'm not going to put a guide here, they're all over the internet.

Next, you will need to solder either your LPT cable/usb flasher to the board. If you're inexperienced at soldering, watch this video first or get someone with experience to do the soldering for you.

http://www.youtube.com/watch?v=I_NU2ruzyc4

LPT

The points are show below.

Resistors are optional, but it is always adviced to put a diode between J1D2-4 and lpt-11.



USB



You just need to solder the usb flasher's points/headers to the board and plug the usb into your pc.

Then install the drivers.

Instructions to install drivers:

Press start, search program or file, type: hdwwiz, press enter












Using NandPro:

Uncompress the nandpro Rar

I personaly prefer writing out a bat file for using nand pro

Create a txt in your nand pro directory.

The contents should look liked this if you are using usb and have a 16mb motherboard. If you were using LPT you would replace the USB: with LPT:
and if you had a Big block Jasper you would replace the -r16 with -r256 for a 256mb jasper or -r512 for a 512mb jasper and a dev kit it would be -r64

@echo off
nandpro.exe usb: -r16 backup1.bin
nandpro.exe usb: -r16 backup2.bin
nandpro.exe usb: -r16 backup3.bin
pause

save the txt as run.bat



Checking the files with 360 Flash Dump Tool:

If an image has bad blocks a 3rd tab will show up in 360 flash dump tool detailing where the bad block is, if the badblock is in the same place on all your images dont worry. but if not make sure you have atleast 2 images that match

Bad block image


Good image


if you have atleast 2 matching images you can continue and write xell or xellous to your xbox 360's nand

Xell/Xellous:

Personaly i use xellous as it saves work later on. download the xell/xellous images from xbins and place them in the nandpro directory

To write to the nand, you need to edit the bat you made earlier

Change the "R" to "W" and the backup#.bin to the nane of the xell or xellous image

example:

@echo off
nandpro.exe usb: -w16 xellous.bin
pause

if you boot the 360 now it should give u a E79 error.

as we need to add in the the jtag wiring

Xenon:

Diodes are always optional:



Zephyr, Opus, falcon, Jasper:

3 different methods here

Method 1 traditional and easiest to solder but can lead to E79 on bootup



Method 2 The one i used for a long time worked well and is clean.



method 3 we can use a aud clamp method

Not best picture, but only one i can find



there are others but theses are the ones ive tryed and know work

once you have finished soldering the points the xbox should boot xell/xellous to revel your cpu key

Xellous :



or if you have a network cable connected you can get you cpu key by entering the ip address of the console into your web browser



Xell:

you need combine line 4 and 6 to reveal your cpu key



Note down your cpu key - it will be required

Building rebooter image:

my personaly choose for building rebooter images is using easy freeboot but you can use pigmaker or jtag tool or the ihc one cant remember what its called

first you want to download and unrar the program


then start the program


depending on what wiring method you may need to change the SMC config under fixes on Easy freeboot. or if you are not going to have a dvd drive in your 360 select the no drive fix.

Method 1, 2 use "Stock"
Method 3 use "Aud_clamp"
and if you use "Tray_open" and "aud_clamp" Fix then select "Aud_calmp and Tray_open"



next press create freeboot image and select the image you dumped earlier from your 360.


confirm your motherboard.


either enter the cpu key you wrote down earlier and press ok or click get cpu key and put in the ip address of you jtaged xbox 360 console then press ok


a console window should come up and if all goes well it should ask you to press enter to exit


a save dialog should apear save this somewhere where you can find it again


writing the image to the 360:

Reatach the dvd drive if you have not selected to use the no drive fix on easy freeboot

Xellous method:

if you originally flashed xellous to your 360 then just put the image onto a usb stick and call it updflash.bin

Next, plug the usb into the 360 then remove the power brick for 20 seconds, then plug back in and then press eject - the image should start writing.

Or, you can stick the updflash.bin image into the nandpro directory and edit the file name at the end of the bat comand you created so it looks a bit like the command below.

@echo off
nandpro.exe usb: -w16 updflash.bin
pause

run that wait for it to finish.

once its done power cycle and then see if the xbox boots to dashboard.

if console e79s check wireing and if thats ok try rebuilding the image

if console boots to dashboard you can put the 360 back together now

There you go you - should now have a jtaged xbox on the latest rebooter kernal.

Download Links:

Auto xbins:
Download

xell:
Xbins
/XBOX 360/development/free60/images/

xellous:
Xbins
/XBOX 360/development/XeLLous/

Nandpro:
Download

Easy Freeboot:
Thread

360 Flash Dump Tool:
Download

Images from google or me

Thanks

Sneaky Peanut

Pm me if you get stuck

Thanks to xilonewolfx (karl) for spell checking and grammar ray:

All rights to there respective owners

 

Awesome guide,just stickied the thread.

 

That software sure has matured since the first time I tried it. Was a pain in the ass to get my CPU key as Xell only displays that image for a few seconds.

I'm 99% sure the problem I had with using LPT was that my laptop sucked at getting a noise free connection. As such it never was able to get an accurate look at the bad blocks which ruined the whole deal for me sadly.

 

lots has changed since it first started but i tent to still use the origernal tools. i think jtag tool has most of the stuff from this tux built into it but the thing errors like hell. and there is a newer nand flasher. but nandpro works fine and have never had a problem so why change. its always more interesting using cmd programs than them crappy gui's

 

GUI's tend to be superior in that one click will typically get the job done where as a CLI entry can take some time to get right, especially if your keyboard sucks.

Suppose it really is up to taste but I prefer GUIs unless the frontend is buggy or doesn't support every function the CLI version does.

 

i got so feed up off writing out cmd commands to create the images thats why i coded easy freeboot i could write another nandpro gui but it dosnt give you enough control i feel

 

lol why go through that huge mess of software? the software you put is only needed for devs not jtags. Just use Jtag Tool, its all in one, has a nand compare even, and all you gotta do is just press a few buttons. It works amazing ive never had any problems, they keep it updated with freeboot. Then also for a far easier jtaging then nand-x just use the flasher from xbox-experts.com just 7 wire easy solder and plug it into your computer, no driver installer, nothing its that easy lol and soo much cheaper.
Link to the flasher: http://xbox-experts.com/stores_shop.php?id=8
Link to Jtag Tool: http://www.team-xecuter.com/forums/showthread.php?t=54178
Perfect Tut to how to Jtag with the flasher: http://jtag.xbox-experts.com/

 

my method can be used for reading out the nand on a dev kit aswell, jtag tool is also rather buggy. i know coolshrimp well and we have worked together occasionally and he has said him self its buggy. just because my method is older and does not us a aio gui doesn't mean its bad. it works and will be pretty much universal

 

I personaly have never had any problems and ive jtaged dozens of consoles, nor have I ever heard of it being buggy at all; infact ask anyone who jtags they will tell you how great Jtag Tool is. Also i never said your method is bad just it takes a lot more time and effort to do. As for the nand flasher the one i linked from xbox-experts.com is much cheaper and faster so that is better and works whatever software method you want to use.

 

Updated alternate SMC info as i felt wasnt clear enough

 

How about adding some Cygnos info?!

 

i can write a guide for cygnos some time, its a out dated method now really but a good solution. i do miss my old box that had a cygnos

 

I doubt that it is dated Super quick nand dump! ...you don't even need a display to obtain your cpu key since the toolbox will display everything for you....but the installation is not that easy!

 

well the cygnos does have its plus points lol u still have to run xell to get your cpu key lol. and yeah the install is a bitch

 

xell is required!

assembler please when you are done post some pics...

 

Thanks a lot, would've been easier when I had that writeup when I did mine
FYI, the LPT ports on old laptops seem to work really well (used an old IBM A30P for mine).
Funny bit: The only Box I could find with an old dash was at a local gamestop - a Halo LE which someone traded in Sadly it didn't have the original hard drive, so they slapped a generic 20GB drive on and sold it for 110 Euros (original quote: Noone wants them with those small discs anymore since XBL took off...).
Complete with the LE controller and an original MS play&charge kit though

 

i love how i just used this guide of a assignment

 

I did a bad flash and xellous wont boot so how would I flash Xellous and the latest Freeboot and i do have my orignal nand

 

just reflash the original nand if you want to recover. otherwise just reflash xell.

-adrianc