A Kernel Exploit for Xbox One & Series is Incoming - ModChat 121
Vložit
- čas přidán 26. 06. 2024
- A solo topic episode of ModChat, this time around focusing on some exciting developments around the Xbox One and Xbox Series consoles resulting in a kernel exploit for SystemOS! We talk about what exactly this exploit is, what we can expect, what this will NOT accomplish, and some steps to get your own Xbox One or Xbox Series console prepared.
#ModChat
--------------------
Timestamps!
0:00 - Intro
1:48 - What exactly is this?
10:38 - Preparing Your Console!
--------------------
Related Affiliate Links!
Xbox Series X:
Amazon - geni.us/fKXjs
eBay - ebay.us/9HEgsY
Xbox Series S:
Amazon - geni.us/hY8H
eBay - ebay.us/nBUPEi
Xbox One:
Amazon - geni.us/Aj024
eBay - ebay.us/ifpEYL
Audio & Video Hardware I Use:
US - www.amazon.com/shop/mrmario2011
UK - www.amazon.co.uk/shop/mrmario...
--------------------
More Outlets for ModChat!
Facebook: / modchat
PodBean: modchat.podbean.com/
Apple Podcasts: apple.co/2DbhP7w
Spotify: spoti.fi/2IFHEjW
CZcams: bit.ly/2DbUAdA
CZcams Music: bit.ly/3vEpony
--------------------
Sources Cited (All Used With Fair Use In Mind)
Xbox One/Series News Recap:
xboxoneresearch.github.io/new...
Xbox One Edge Exploit:
www.psxhax.com/threads/micros...
Clarifications on Upcoming Exploit:
/ 1800082873695019465
/ 1799981811243909181
Durango Dumplings:
xboxoneresearch.github.io/gam...
Game Script App:
apps.microsoft.com/detail/9pb...
--------------------
Social Media & More!
Discord: Discord.Me/MrMario2011
Patreon: / mrmario2011
Second Channel: / ipsychozoa
Twitter: / mrmario2011
Facebook: / mrmario2011
Instagram: / mrmario2011
Twitch: / mrmario2011
--------------------
Any links specifically listed as affiliate links give me a small monetary kickback at no extra cost to you and no influence on the content. - Hry
It seems like as of now reports are coming in that the Game Script app is unavailable, in addition to the Game Script app breaking for anyone who already has it installed and is online.
If your console has already been set up and taken offline, keep it offline.
I even noticed they removed the app off of people's accounts That were left online
Perhaps the exploit itself isn't going to be too extravagant. But when other hackers/ programmers see the amount of coverage and enthusiasm and excitement this gets in the community they will start to dig in a bit more. MS best security against hacking until now has been the Developer Mode imo. But im hoping that will change now.
For sure, here's to hoping enough talent grabs the necessary app and goes offline.
To be able to run Retroarch without switching to dev mode would be awesome.
It would be, although don't bank on that.
@@MrMario2011 when this exploit comes out there is going to be extended development on it man its like the ps4 jb it started small now look at it. this is going to lead to something huge
But you will not be able to Play online games. Dev mode is still a better option. Let's see how things evolve
@@Andrew-kw9kqthis jailbreak is the same one that was used to jailbreak the ps4 & ps5 .
@@MrMario2011would we be able to game script multiple accounts😅?
The best part about any console exploit is ESCAPING the restrictive boundaries that the manufacturer dictates. The Xbox One/Series consoles are absolutely capable of running a modern desktop OS, but someone decided to nerf them and limit them to basic game/media tasks. No system is unhackable, though, and I can't wait for the day when we have Bringus make an "installing SteamOS on a Series X" video
We won't be getting any fancy new OS swaps anytime soon, but the beginnings here are cool!
@@MrMario2011 Absolutely! These developments don't happen overnight
@@avisprimeyinstalling unsigned code is the first priority than installing a another os tho
Show me Steam OS running on Xbox One and I'm getting a second hand Series X ASAP
AFTER 11 YEARS, WE FINALLY MADE SOME PROGRESS. Jesus christ this took way too long
Kinda weird how Xbox One outlived Nintendo Switch, Wii U, PS4 and PS5
Back in my day, having a RHG Xbox 360, Modded PS3 or Homebrew Wii was like the most standard thing
@@applehazeva2739 i have a homebrewed wii u and 3ds, not having it is like pizza without cheese
@@applehazeva2739 yeah i honestly assumed that the xbox one would get hacked first given the fact that the xbox literally allows you to download a file explorer (yes im not kidding)
I actually had bought Xbox One for 60€ to play Halo 5 and Gears Of War a few years ago, and it has been sitting in it's box since then.
Glad to learn that it's gonna turn into one of the best purchases of my life :-D
Get it updated!
Can't wait to help my Xbox escape the shackles of software limitations lol
Bought one too for 35€
Even had 2 Controllers, a Headset and even a Kinect xD
I don't know if we will ever see the glory days of JTAG/RGH on the Xbox One, I've got my old Xbox One X laying around somewhere, don't think I've updated it in a couple of years or so, going to keep it just in case these guys have a crazy breakthrough
It's most likely going to be like GoldHEN on PS4 assuming there will be interest to dump games and content.
That's why I still love working with the Xbox 360, Great library and I doubt we will see anything like that with the newer Xbox consoles.
The main thing I would want to see in the future is a method to "unlock" the built in Xbox 360/Original Xbox Emulator and at least attempt to dump and run any physical game on an Xbox One/Series console. I know this isn't close to that, but if someday it can be done that will be pretty cool.
That would be cool! I'm sure the emulator is compatible with a lot more games, the biggest issue Microsoft had was with licensing.
@@MrMario2011yup & to be honest a lot of those games are blacklisted from being played, however they can play on Xbox one consoles.
The Xbox one has a larger backwards compatibility with Xbox 360 & og Xbox disc games.
A lot of those disc games were blacklisted on the Xbox series x which a lot of people don’t know this.
some stuff that is worth mentioning.
if you want to see what version you’re updating to: unplug ethernet while downloading the update, the latest version will say “target os” on the download failed screen. if its too high, you can safely stop the download and stay on a lower version (you want to be on 10.0.25398.4478, if its higher than that. its likely patched. however if it's 10.0.25398.4908, then you're in the xbox insider program.)
if you have an android phone with a custom firmware, look into using a kernel with usb hid support so you can use it as a payload sender in the future instead of a rubber ducky or similar.
There we go!
Got my old dumpster phat xbone set up and good to go. Looking forward to hearing about what we can do with these. I didn't think we'd ever see anything close to this!
As far as i am aware the os version has to be 10.0.25398.4478
Welp I'm out then. Moral of the story is to opt out of Insider on your box if you're hoping for an exploit for it.
@@xirxes
You can revert back if there is still time, check Modded Warfare video
@@xirxesyou can opt out, remove the console from the program, reboot, and it’ll downgrade itself
Bro I'm sorry but everyone knows if you're hoping for an exploit for your console you don't update it. That's homebrew 101 @@xirxes
@@xirxesYou can downgrade
What a great video thankyou for the news! I’m excited to see what will happen in the future👌
Just got my series X setup for all of this. I'm not expecting much, but am excited to see what I can play around with in the future
It would be really cool to completely exploit and jailbreak Xbox One/Series consoles and install something like SteamOS 3/HoloISO and run PC games. They are so cheap nowadays, they are becoming throwaway devices so breathing some new life into them like that would be awesome.
Exactly, can get them for like $70 lol
@@echoic-yl5wjeven PS4s really
If you really try searching on the used Market, you can probably get both for 150€
Biggest boon for something like this is getting people more lower level access and hopefully extract info on the security layers above it
Interesting stuff Gonna keep an eye on this still have my old Xbox One
Escape! Still working @ 4:30 PST. 🤙
im trying to escape that ram limit in dev mode LOL, thanks for the info brotha
Updated, downloaded! Dns changed offline and now we wait
Big part is now done!
When I change my DNS is keeps me online am I doing something wrong
thanks man, now I'm finally ready to escape this sandbox.
Have fun!
Im trying to escape the sandbox and build my own!!! Where theres a will theres a way and hopefully we continue to work on this and eventually turn it into a jailbreak!
It was all a matter of time!
Hopefully this is the beginning of something even bigger, like turning those banned Xboxes into something useful.
Unfortunately those banned systems still won't be useful for now since you have to grab an app for this.
escaping the triple os mines one step at a time
Doing their best!
Thanks for the heads up .. Ive filled the harddrive and ive come offline ;) .. Happy days let see if and how it evolves
Enjoy!
Cool video, ESCAPE!
I won't be doing this as I use my Xbox's to double box and boost and such, but I hope something comes up with this maybe in the future.
I had friends who did the same in the 360 days, 2 consoles or more to boost 😛
What os do i need to do this so i dont update to the wrong version, i dont want this opportunity to escape
This and the new hen vtx and 11.00 from a month ago, so much is happening
For sure!
The greatness of this video escapes me.
Based
I set the DNS as shown in the video and get the message that all services are working. What am I doing wrong?
Well.. I was excited for about 8 Hours since Modded Warefare launched the video. Now I am ready put the xbox one back in the closet
It’s still worth doing it
This will be a very limited exploit because if you restore the console or worse, the hard drive fail and replace needed you loose the exploit.
Hope now the scene can have time to make magic to get a better and more powerfull exploit.
Definitely, it has to be a very specific environment for this to work.
id image eventually u will be able to do this a different way other than that app directly from the Microsoft store
What is if u clone the hard drive to have a backup
What if you clone the hard drive?
Maybe but when it comes to xbox one+ is not reliable that could work, because they requiered to connect to internet for almost everything, that's why personally I won't like that generations of xbox's, for that reason I wan't a exploit to change that for good.
Even so, people will only do that when hard drive already has mess up.
Hell yeah! Its cool to see how people are planning the escape from the triple OS. I don't really game on Xbox much, but I can't deny I find it amazing when hardware finds new leases on life. Hopefully this keeps evolving in the years to come!
I don't really use my Xbox that much but I'll do this and keep it like this and hopefully we get a better exploit with using this and we can escape to use backups.
Hey I just installed everything and set everything up but then I changed the dns back to automatic so I can play Fortnite. When the times is there can I just do the dns stuff again? Because I would have already the app.
Someone needs to RGH an Xbox One, just for the game preservation alone is worth it for me.
If only it was so simple
Many big words for me, who's not that much familiar with those terms... Just a little clarification, would it be possible to escape from the cage and install dumped roms, in the future? And another question, did ps4 go down this path in the early stages of exploits or that was different?
No idea about the future, but the important figures have already said this will not enable piracy.
PS4 was pretty limited at the beginning, but there has been a lot more development there due to not needing to exploit a hypervisor.
@@MrMario2011 only thing that crossed my mind is being able to install custom drivers for 3d api on xbox. That would open the door to opengl/vulkan implementation and rpcs3/cemu/yuzu wouldn't just be a dream. That would make a 200$ maschine such as xss, an ultimate emulation powerhouse
After changing the DNS it appears I am still online (wireless). It says all services are available. Is anyone else experiencing this?
Just set up my Xbox One X. There still isn't a patch and the game script app is available
If this leads to use being able to use the OG Xbox and 360 emulator on this console without any issues at all would be heaven.
Why didnt you show the actual POC? This exploit wont go anywhere for a lot of reasons, u mentioned about 10% of them. Even if we made FSD Series X edition, what would you play offline anyway? I'm impressed a kernel sploit was found but even if she gets her AMD side-channel thing going, dont know what the next step is. AP on Xbox is no-where near as primitive as other consoles....
There's not much to show on the script out right now aside from a 1337 output.
Thats a dude, right? She/her pronouns sounds like a dude to me.
Escape. my question is if I don’t update the console “when it wants me to” can’t I still keep my Xbox “online” until then? Or do I need to 100% hit that “offline” button
If Microsoft pushes something to force ruin/revoke the Game Script program, you're out. Keeping it physically disconnected is the only way to be sure. Xbox is constantly checking for the home console and if other consoles have been assign as a new home, meaning Microsoft can instantly revoke the offline license for Game Script on a whim if they choose to.
@@JohnDoe11VII appreciate the explanation.
@@JohnDoe11VII MS bans on all consoles from 360 up for exploits. They don't slack in security like Sony did with ps3.
Can you delete network settings instead of changing dns? Because I changed mine as shown but it doesn't block xbox servers
You could, but they'll be reset if a new network is joined.
@MrMario2011 I just installed this program at a friend's house, set dns and then deleted the network. Then I got home and seem to have successfully joined my home network while still having the manual dns set :) (in other words the manual dns was not deleted)
×2
This is why I kept my jailbroken ps3 which is online ready still.
yes
Cant wait to use this exploit to play some old school ape escape on my xbone
Back in the days people, hardware modders and hardware hackers kept such exploits a Hush Hush kind of deal but now everyone can't keep their mouths shut and end up making the exploit patched🤦
I have no issue with modern disclosures like this. Reverse engineers get the word out to stay on an old update, vendors patch the exploit, and people who want to stay offline get to enjoy it while online infrastructure remains safe.
That's part of why companies these days tolerate the modding scene as long as exploits stay on outdated firmwares, and the scene can still enjoy what they want to offline. This is how Trinity worked on the Vita, and how we've gotten the last several jailbreaks for PS4.
I can't wait to escape the confines of a retail Xbox One finally! This is going to be amazing.
Hello is it already patched or can I update right now?
I have a series s, that has been unplugged for a few months, should i wait and let the os get older and oleder or should i do this?
I have no need for this xbox.
You should do it as quickly as possible
this is a lot of work for something I dont really know what id use it for 🤔 maybe ill do it tonight with my spare xbox one S
I have dev mode. So I don't really need to worry about an exploit. Right?
Up to you!
it will certainly be interesting to see if the exploit opens up other avenues to finally modding the xbox one,(something i don't think will ever happen though) the security on these machines is next level and locked down tight, but who knows?? eventually we may ESCAPE the security, and the modding scene will explode🤞🤞
Definitely tight security, which is why we haven't seen anything substantial since launch in 2013 😱
Should i use an alternate account instead of my main?
Up to you
@@MrMario2011 I just wasn't sure if there was a downside to using my main account.
i was gonna use an xbox one layin atound that neither my brother nor I use anymore but cant find the power cable, but when I heard this might work with the series X, I used my X instead, since I mainly get on my PS5 for online anyways. I got a PS3 slim with Hen, a phat with CFW, and a PS4 phat with goldhen. i kinda wanna get a ps5 for the ps5 exploit at some point.
Have fun!
the biggest things im looking forward to: game dumping and game modding both of which should be possible
and how are you going to re-sign the modded game? I'm sure modding the code would muck up the key the game is signed with
Can your xbox also be prepped with an xbox account without the live subscription?
No subscription needed, but account is required.
Is this still working @mrmario2011?
So its not possible someone down the road will be able to make it a fully jb?
We won't know, but we do know that this specifically is not a jailbreak.
If you download the adv explorer(full-trust) and file explorer and its extension you can bypass the rubber ducky requirement
So, if I buy the Xbox Series X, can I do this?
Answered in the video
This feels like when ChromeOS got its first RMA exploit
Too many peeps dont get it some consoles are already dying😢 when miracles like this happens..it extends the life span of the console in general❤❤❤🎉
Would doing this open up any security concerns for a Microsoft Account?
Doubtful, since right now it's just downloading an app then going offline.
If you go online you'll get console banned fairly quickly.
@@BackroomsSlayer no you won't
@@josephnichols2064 MS bans on all its consoles from 360 on up.
Tomorrow Microsoft delete this app from microsoft store, update SO of Xbox and goodbye xploit
Better get it now!
@MrMario2011 facts, see I told you we where getting modded xbx ones some day😂❤
@@EatSleepSkrrtyeah more exploit incoming with all 4 generations of xbox.
@@WilliamHollinger2019man that OG Xbox and Xbox 360 emulator in X1 and XSX is so desirable i hope this exploit would lead into a major breakthrough
Download it and preserve the software.
Honestly people, I think we will never get a full jailbreak for the Xbox One or Series X/S versions - why? Well, there's basically 3-4 layers of security that Microsoft (being Windows OS pioneers) have wacked on top-notch security, BUT, be able to run emulators and some homebrew on here without Dev Mode which can be reversed at any time by Microsoft and this does cost, is enough for me! Xbox One games are dirt cheap anyway so I would just buy them and leave things at is with everything else!
Definitely accurate and realistic expectations, although do keep in mind the downside with any homebrew Run through here is the 1 core limitation.
@@MrMario2011 Yeah that's a bummer...another downside is if the Xbox Series X/S is being played on - taking it offline won't allow for newer firmware upgrades/game updates so newer games won't even work! I'll taking my Xbox One offline but leaving my Series X as is for now.
Xbox one x and series x are setup and waiting for an update 😍
The problem or disadvantage rather is most of Xbox's value comes from the online connection, Gamepass,BC games. An exploit at the system level is impressive but Microsoft took a lot of the value away from the console being offline.
It's really a fortress in that regard.
Definitely agree.
Need to escape the chains of these sandboxes.
So u can't do this on more than one console?
Theoretically you could if you set to home, go offline, then repeat on another.
@MrMario2011 good lookin out I'm got a series s & x so I wanna setup both ;)
@MrMario2011 I have a banned xbox and a working xbox if i transfer the Game Script app using an external harddrive will it work? please reply
I can transfer Game Script from my working Xbox to the banned one but will I need my account for the app license or not? Because my banned console doesn't have any account on it
Doubt it.
Thanks for setting realistic expectations with this. I've seen people elsewhere, even after seeing that the dev has stated multiple times this will not enable playing backups, saying that it will.
Yeah, people really went wild with possibilities lol
A good outcome for me would be to have non-bc Xbox 360 & OG games running on my Series S (& maybe to increase frame rates on some games e.g. HL2 etc). I tried Xenia in Dev mode but performance wasn’t great. Anyway, I’m all set, fingers crossed. Escape!
We can only hope!
game script not found on xbox series?
Unfortunately too late.
I didnt join insider ever, my software version is on 4908 am i safe?
If you dont have a raspary or rubber ducky and if you dont have game script your fucked
please make a seperate video how to do this im kinda clueless and want to do it asap
Covered here.
@@MrMario2011 but what about the script? how do i do it
This could be used to veiw the xbox 360 code to see how things work for XBLIG's and potentially help the xenia team.
I don't believe so.
I think a patch just came out this morning. I updated my console to lastest dash yesterday the 10th. I've been downloading/updating my games since then and I just got hit with a new update request on the 11th. I got most of the games I wanted downloaded so it think now it's time to go offline.
I'm using an xbox one x btw
I'd be willing to bet it has been patched then, thanks for the comment!
@@MrMario2011 WAIT i'm dumb. I just realized the update request I got was because left the xbox insider program. It just took 12 hours for me to get the update and forgot about it. It looks like I'm now on the correct dash.
Can anyone recommend a cheap rubber ducky usb alternative please.
ras pi pico
hopefully we can escape to some good software someday
speaking of escape is anyone still playing Escape from Tarkov after the debacle
Okay I set up my og Xbox one for it and took it offline. Idk what I’m gonna do with the slow thing but hopefully something comes of it. Escape
Yeahhhh, those things are so slow now.
I might look for a cheap Xbox one S locally
Get on that quick!
@@MrMario2011 I'd be looking right now if my job would let me escape
all models of the one are good to go
it's just a matter of time before it gets jailbroken
But until now we have seen nothing which can make it run unsigned code.
Not true! They've posted up a script on their GitHub Gist that you can run from a rubber ducky device, although it's only a PoC. You should get an output of "1337" on screen in the Game Script app if successfully exploited.
I just await the day I can install Linux on my Series X (if that day ever comes). That would make it infinitely more usable than it currently is.
Would it be ok to update my xbox one s and my new xbox series x
Still vulnerable!
I just got my old xbox one s out now its updating..it being awhile 4.9 gigs
One more question.... I got the Xbox series x should I update it now....
@@305dadecounty4don't do it on an Xbox u use
10:20 Dumping unencrypted games would be good enough. Content for future PC emulators maybe? Just downloaded a lot of free stuff from the online store for prevention reasons. DOA 5 core game was free with some DLC.
According to some sources its already patched with a System Update :(
Thankfully not true, it hasn't been patched at the time of typing this.
@@MrMario2011 Thanks for posting this I'm in the process to update my OLD one x now. Won't risk the series S for now. Primarily PC gamer but love this shit. Thanks bro you are a real one I love your videos and you really helped me a lot over the last 9 months
@@MrMario2011thats great news, i hope i can still download the App in the store tomorrow and there is no patch until then
Allow mod menus on cod ?
Ew
ESCAPE. I did all the steps and took my Series X offline. Now the waiting game begins and the hope ia hopefully eventually is a full jailbreak and to run backups. Unfortunately with the way games are today everything is mainly online and the offline content is almost non-existent
Hates buying a physical game that requires you to download 99.5% of it
I would like to imagine what would happen if one tried to change the OS to a HoloISO (SteamOS) or a Windows 11 for full compatibility. and Imagine load God of War from Xbox :D
Was just thinking about the possibilities of Xbox One hacking, I wonder if hardmods would be possible on Xbox Ones similar to 360s, maybe one day we can escape the need for them
If anything I'd be surprised if we DIDN'T need hardmods for anything substantial related to the Xbox One/Series.
This just crossed my mind, but would Microsoft potentially ban accounts that downloaded game script knowing it's a jailbreak exploit? Think it would be safer to use a burner account but that's just view of it.
Most likely not since it was an open and freely available app on the store for years, but it is their platform and they control all of the bans.
The only time I've seen it done was during the last round of retail homebrew emulators, but I would say that was an exception because you had to jump through so many hoops and steps to get those obfuscated apps installed. Point being for that, anyone who had those apps was purposefully exploiting a few loopholes and going out of their way to install them, it was not as simple as searching for a free app on the store.
I rather have the option to replace the whole system with a nice linux distro... With "real hardware acceleration". Be nice to test and compare steam on each AMD-based Xbox versus their computer counterpart.
That'd be cool!
do you like escape the fate?
Never really delved into their discography to be honest!
last couple albums have sucked but the others were fire.
awesome video
Glad you enjoyed it!
Make a video on step 6 plz!!
now lets make some mod chips for this console so we can run non verified software hehe
Escape the Matrix!
Well, I'm playing online on my series x, no way I'm doing it on this console. No need to escape anything on it. I have a scorpio one x that is not used a lot, maybe I could do this mod on it but I would have to switch the home console setting I guess and download the game script app... I'm wondering how long before this app is pulled, of course Microsoft noticed this as fast as every one else.
Better do it quick if you're going to use that One X!
OK well I just did the prep work on the scorpio one x, update it to 4478, set as home console and downloaded game script. Now I need to figure out how to test the gspoc.txt payload using my flipper zero, it errors out on line with the error : no keycode defined for //na... I guess it doesn't like the comments at the beginning ? Anyone knows how to send the payload using a flipper zero ?
Oh I also set dns to 127.0.0.1 and set console as offline. No barriers on my profile, it logs in automatically. To be safe I unplugged ethernet... ^^
escaping the reality
Script link is dead
RIP to a real one.