Open Source Xbox Live?

You can also access it through TOR if the network permits it

 

well the wifi in the apartment complex is provided by the city. so sites for stuff like TOR and vpns are actually blocked.

 

If anyone knows the structure of the EEPROM, could you please share? I have an EEPROM backup from a console I am testing with, going to do some comparisons between several consoles and the data they send to the KRB server. Just need to find out the online keys from backups (I don't want to get them on the console then hand type them, enough to go wrong without me making mistakes).

I have a console attempting to authenticate, but failing the Decrypt integrity check. Going to attempt to work out how the packets are encrypted. I believe RC4 was mentioned earlier on in this thread, so what I will do is compare the same packets from 2 or 3 different consoles, look at whats the same, whats obvious (like serial numbers in plain text), and what I can get to look the same after a decryption attempt. Hopefully I will get almost identical packets apart from console specific data.

It's late/early and I have work in 9 hours so I'm going to call it quits for tonight/this morning. I may be talking utter crap, I really don't know. I can barely type now, but I have a damn Kerberos server setup at last

 

doubt this is exactly what you need but here ya go

http://hackspot.net/XboxBlog/?p=1

http://www.xenatera.com/bunnie/proj/anatak/xboxmod.html



[edit] also in regards to the Open Source Xbox Live copyright issue...

 

Thanks for the links, I never thought of looking on Bunnies pages. I actually downloaded LiveInfo from xbins and loaded up my backup. I'm hoping that I can potentially use the info in there to get some form of authentication.

 

no problem, cant wait to see what you come up with

 

I have a theory. Currently installing Server 2003, it contains a complete user authentication and login system with Kerberos. Given how quickly the console was developed, I can't see Microsoft developing a whole new backend when they have Active Directory.

EDIT:
I also have all xboxlive.com DNS lookups going wherever I want them to, so I can forward them to anywhere

If this job descrption is naything ot go by, Lie does run on AD

http://www.engineering.com/Jobs/Engineering_Jobs_Search/jobctl/ViewPost/ID/208901.aspx

 

Okay, so here is some information related to the EEPROM and other parts of the XBOX, feel free to PM me with any further questions, since i happen to know a few lads that worked on the original XBOX.

Various encryption keys used by Xbox:

EEPROM key:

This key is stored in the boot loader (encrypted by the master key in MCPX).
The boot loader passes it to the kernel on a cold reboot.
The kernel uses it to decrypt the encryption section of the EEPROM
and then throws it away (except that we need to let the manufacturing
program access it during the final system integration stage).

Except.
On DEVKIT box, the data can be either encrypted or unencrypted.
On retail box, it's always encrypted.

NOTE: The XBOX will treat the EEPROM as unencrypted if the confounder
field is all 0's.
​

Hard disk key:

This key is stored in the EEPROM (encrypted by the EEPROM key above).​

LAN key:

This key's raw data is stored in the first XBE that is run from a cold
boot and modified by the CERT key.​

Signature key:

This key's raw data is stored in the first XBE that is run from a cold
boot and modified by the CERT key.​

CERT key:

This key is stored in the boot loader (encrypted by the master key in MCPX).
The boot loader passes it to the kernel on a cold reboot.
It's used to decrypt keys in the title CERT header.​

Game region setting:

The game region setting is stored in the encrypted section
of the EEPROM and is read into a global variable during the boot process.
​

 

I see some derailment, maybe create a separete thread for your Live wiki? (would love an account to dump my notes )

Nice, I do think ive seen it before or the bits and pieces. Did these lads work for MS or in "the scene" on the original xbox?

 

You're free to create an account if you like. Emails end up in spam and gmail throws a hissy fit about them, but they eventually get through

 

There will be a slight change to the domain name soon. At some point, connecting to openxbl.organiccrap.com will redirect to openxbl.piecase.com. I own that domain, and can setup the DNS properly

 

sounds good as I have been having issues with the domain timing out whenever I try to connect

 

"Video game archivists celebrate new victory in preservation of abandoned games" -Polygon

 

Link's broken, try again. Also, I suspect I already read about what you intendo to post, and there's a catch: If a game "only" loses its multiplayer functionality due to servers getting taken down, but not the single player, you're still not allowed to hack it. That decision only applies to cases where you lost all meaningful access (like e.g. in Motor City Online).

 

That^ For example PSO:BB servers are OK cause that has no offline mode at all while the DC/Xbox/PC none "Blue Burst" version are not legal since they do have an offline mode.

 

works cited: http://www.msn.com/en-us/news/games...of-abandoned-games/ar-BBmvrnS?ocid=spartandhp

basically most of the Original Xbox/PS2/DC/Wii/some 360/some PS3 games are protected under this banner. so we can legally create our own servers to preserve said games.

games like Toontown and such, are still illegal to create servers for.

Hopefully someone redoes the MAG servers as that game is currently a coaster for my soda cans at the moment

 

This is where it would get debatable as to whether or not an xbl server would be acceptable. In my eyes "open to the public" means a place you can visit in person, and "accessible online" means a website I can visit from my computer or mobile device. It would all depend on who is interpreting this in court. It is also debatable as to whether or not assembler games is a legitimate archive, and what is defined as a legitimate archive. Again, it all depends on who is interpreting this in court.

Personally, I don't see assembler games as open to the public, and I don't see it as a legitimate archive, rather it is a repository of gaming information and history that is contributed by enthusiasts, that is accessible online only. I don't consider someone who is searching google and ends up here a "researcher" but that's also my opinion. Lastly, this implies that the library, archives, or museum is hosting the server, and no access to it is made available outside of the "premises" of said library, archives, or museum.

So really, it sounds like unless assembler opens a museum or archive that is available either to the public or researchers, and hosts the servers to allow people only on the premises of the museum or archive to play xbox live, I think you are still SOL. Again, just my interpretation and this all depends on who is interpreting it in court.

 

IS there any chance we could eventually make this work with the Microsoft dash, I really like the Microsoft Dash dashboard over alts like Evo X.

 

I'll just be happy if they get it working. I think we are pretty far away from that right now. I tried to pull up the wiki and it's down

 

Legal or not, havent seen anybody connecting a virgin or modded xbox connect to a server yet (by xbox live protocols, as in, titleserver can be run). Im very much busy with my thesis(or whatever the last internship paper is named). But I see some intrested people and some are more seriously trying to understand something, so we might getting somewhere.