It was the first day of semester 2 of my final year today. The new free-elective module I was attending is called ‘Computer Security and Forensics’, but I call it ‘hacking’ for short. This module is gunna be great! It’s basically all the stuff I like to experiment with in my free time, but I get credits for doing it! Amazing.

The tutorial entailed sniffing FTP/HTTP/SSH/TELNET packets… nothing too intensive for the first lesson I suppose. It was cool though, helping Aryel learn the magic of Wireshark. The lecture was about the difference between Hackers & Crackers, what they are after, and how they go about it. Again not too intense, but it was entertaining never-the-less.

This has inspired me to write about some exploits of the past. The fun stuff that kept me entertained in my youth, that you just can’t do any more (wow I sound old);

Voicemail hax, Bluejacking, Netsend.

Continue Reading »

Although flashing the firmware is not directly a void of your waranty, opening the xbox360 case is.
Therefore if you’re going to flash your xbox360, you will not be able to send it back.

Please note this guide is for my own personal use, and since I have forgotten how I got things working in the past, and I often lose my hand-written scribble, I’m writing this as a point of reference.
I take no responsibility if you follow these directions and cause any damage to your machine. Aight.

This guide assumes you have opened the case of your xbox360 (plenty of guides for that), and that you have downloaded the firmware files from xbins, and placed them on a bootable USB/ZIP disk (plenty of guides for that too).

There are 3 different sections, for the 3 different hackable dvd drives.

In this guide I refer to the xbox360 by its rightful name, xbox2.

Hax0ring teh xbox2

[Toshiba-Samsung]

1. Unplug SATA cables from Hard Drives, plug one into 360 DVD Drive.
2. Disable HDDs in BIOS.

3. Turn on PC and boot from USB/ZIP disk.
4. Turn on xbox2 (If your PC halts, wait until PC has passed SATA-detection before turning on xbox2).

5. Enter one of the below commands;

• {Reading Original Firmware} mtkflash r /m orig.bin
• {Writing Hacked Firmware} mtkflash w /m hacked.bin

6. Turn off xbox2.
7. Select ‘Xtreme’.
8. Wait exactly 10 seconds.
9. Turn on xbox2 [Reading or Writing of firmware will now commence. If not, return to Step 3].
10. Turn off PC.

11. Enter the command below;

• x360sam orig.bin [insert firmware name here] hacked.bin
• e.g. x360sam orig.bin ix-13D.bin hacked.bin

12. If original has been read, goto Step 3 for hacking, otherwise, your console is now haxxed!

[Hitachi]

1. Plug drive into a Windows XP PC via USB cable.
2. Open a command prompt to Hitachi firmware location.
3. Type in the following command, where X is the Hitachi drive letter (1337 can be anything).

• FLASH24S X 1337

[BenQ]

(Copy fresh ix14-5x.bin from firmware directory, because FIRMTOOL overwrites it each time)

1. Turn on xbox2 & PC, and boot from USB/ZIP disk.
2. Type the following commands;

• DOSFLASH r E000 1 a0 1 4 orig.bin 0
• FIRMTOOL orig.bin ix14-5.bin

Restart xbox & PC.

• DOSFLASH e E000 1 a0 1 4 C7 0

Turn on PC first, and boot from USB/ZIP disk, then turn on xbox2.

• DOSFLASH w E000 1 a0 1 4 ix14-5x.bin 0

(Now you may want to del ix14-5x.bin to avoid future confusion).

*Note: E000 is the address of my SATA port.

[Troubleshooting]

If device fails to write for whatever reason, and gets stuck in recovery mode, use DOSFLASH instead of mtkflash.

Someone happened to be showing me a custom Linux Live USB distro the other day, which looked kinda cool. It was KDE (ew), but also had a Fluxbox setup, which is sexy in a simple way.

I took a copy, to play around with, as it seemed to have a lot of cool tools on there, some of which I had seen before, lots of which I hadn’t. This looked like a hacker’s distro.

The name is BackTrack. I didn’t look much into it, until I was watching Hak5 on Revision3 this morning, and saw a review on Maltego, which just so happens  to come with BackTrack.

So I started playing around with BT3 (after an easy upgrade), and I love it. It’s so useful.
This is a Network Security / Sysadmin must-have distro. Every tool you could possibly need, is already there, on the disc.

Maltego is pro. It’s basically an Identity lookup tool. You input a person’s details, whatever you happen to know about them, name/email/location/phone etc. and then it will look up all the information it can find on said person.

I found some very old email accounts of mine, linked to forum posts and profiles, just as old. I think I may have also discovered Kevin Rose’s personal e-mail account. No luck with Bill Gates though. ^^