Published byjelle2503 on 2010-01-03 Category: Beginners Guides | Page Views: 66303
This tutorial explains how to enable Homebrew on the Xbox 360.
After peforming this hack the xbox 360 can only run homebrew not xbox games or dash unless you install a cynos chip, run the mod f/w on cynos chip and std f/w on the onboard nand chip or vise verser and switch between the 2 depending on what you want to run. If you do update with the latest xboxlive update homebrew will never run on that xbox again even if the update is done after the mod.
360-HQ.COM, it's staff, administrators and moderators take NO responsibility for users who attempt this modification.
Things you will need
- Low wattage soldering iron (+ some experience)
- Tin with lead
- Wires (I just stripped old IDE cables)
- Diodes 1N4148 (people have used others)
- Resistors 100ohm 1/4W
- LPT DB25 Male connector (I just salvage from old LPT cables)
- PC with onboard LPT Port
- An Xbox 360 with pre 8xxx dashboard and exploitable CB
- XBReboot (exploit)
- 360 Flash Dump Tool
- Nandpro 2.0b (never use outdated softwares people)
- BadBlockMover from Redlin99 (in case you have any bad blocks on your backup nand image, use this app!)
Getting Started with Homebrew on Xbox 360 Ė XBReboot
In this writeup Iím going to try to explain the beginning users how to get going with homebrew, also in an attempt to get as many users going with homebrew Xbox 360. As it may look difficult and a lot of work to some, I on the other hand did not share this though at all. In fact I learned to solder on an old broken board from which I could still read the NAND with the LPT method. From there on I now succesfully and without much problems, prepped 1 Falcon and 1 Jasper with XBReboot v0.05 8955_1. Itís not really that difficult at all I can tell you, because if I can do it, anyone else could. Itís also been an good learning experience so far and everything is well documented. In this tutorial all youíll learn is to use LPT to read/write and get XBReboot going. Iím not going to make it too easy for you guys.
Soldering the JTAG wires, and the LPT wires
You must first identify if you have a Xenon or another motherboard. Look at the 2 diagrams, and youíll find out soon enough. (*Note that the red/yellow/blue lines are the JTAG wiring to enable homebrew.) I always do the JTAG wiring connections first. I find it easy to add some leaded solder to the pads as itíll melt easier than stupid MS solder and makes soldering the wire to it more easy. I also like to add solder to the stripped wire. (*Note the orientation of the
diodes! Black ring!)
In the diagram above, I do not require the diode on LPT pin 11, diode is used to get correct flashconfig in Nandpro) NEW Xenon JTAG Wiring ( ^ = diode | = black ring) (The LPT wiring to do NAND dump is thesame on any Xbox 360)
Note that it is easy to mess up a pad with too much heat! Donít use heavy duty soldering irons! My wires are around 30 centimer, I do use the 100ohm resistors on the LPT connector (some donít). Hereís my first setup of a broken Xbox 360 board, just for practice, please use a LPT connector DB25 instead of shoving the wires in the port like this (It did work ;) )
After youíre done soldering all wires itíd be wise to check the connections with a multimeter, but I have not yet needed to do this -with my poor soldering skills - I lol.. Also to avoid wires touching, I use paper tape to cover the wires up. To prevent connections from breaking itíd be wise to secure the wires with hot glue, or tape. Hereís my latest setup.
Reading NAND with Nandpro 2.0b through LPT port
If youíve made all the LPT connections as per diagram, and hooked up the LPT Male connector, itís time to try and read it through LPT. The LPT must be onboard your PCís motherboard! Download Nandpro 2.0b here, extract it, and install the port95nt.exe driver package. After having rebooted your PC , you hook up the Xbox 360 to the LPT port and then
plug in only the power supply to the Xbox 360.
Go to Start > Run > type cmd , hit enter. In the Dosbox navigate to the nandpro directory. Type in the following:
NandPro lpt: -r16 nand1.bin
If all is good, Nandpro should find a flash, give you a flashconfig, and it should start to read from 0000 Ė 03FF It will take about 40 minutes with LPT. (Jaspers have 00023010 flash config is OK)
If you canít get it to detect, try out different BIOS settings for the LPT port (What works for me is Normal mode), or look for people having the same problems with Nandpro (Google). Also run through your wiring again. Make sure you hooked all wires up OK and double check connections. People say to remove the resistors as well but I would not dare to say this as it could possibly fry something on your Xbox 360.
If you did manage to get it to dump, dump it a second time. Youíll need to compare all these dumps to make sure they match. I use Winhex to do a hex comparison. In Winhex also look for the Microsoft Copyright in the beginning of the file. Also get 360 Flash Tool 0.91 to check your nand dump. If you have 2 matching dumps and it opens up in FlashTool you
can 99% be sure you have a correct nandbackup! (Very Important to have!)
Preparing and flashing an XBReboot image
Hereís you are going to be making an XBReboot image for your consoletype, using your console specific keyvault. You will need to get the corresponding XBReboot image from Xbins!! If you flash the image of a Falcon to a Jasper youíre stupid. Always make sure you are prepping the right image for your Xbox 360 itís not hard to find out.
To extract the keyvault from your backup nand image use the following nandpro command:
nandpro nand1.bin: -r16 rawkv.bin 1 1 (where nand1.bin is your backupnand file)
To write it to the XBReboot image use:
nandpro xbr.bin: -w16 rawkv.bin 1 1 (where xbr.bin is your XBRebooter image file)
I choose not to transfer the configblocks, as theyíre causing problems and the image works fine without. This is all you do to prepare your XBReboot image. If youíre done, hook up the Xbox 360 again, and start flashing with Nandpro with the following command:
NandPro lpt: -w16 xbr.bin
If all goes well, you should have an XBReboot 360 =) This is all that it takes. Really not that hard and fun to do. Now you can get started with MAME360, Beats of Rage, CPX3, XEXLoaders and the rest that is to come =) Or you could make your own software now. Somewhere in time to come Xbox Media Centre =) Or you could start modding Halo 3, which is a lot of fun.
Using Xell to get your CPU key
Once you have succesfully booted into the 8955 dashboard, itís time to dualboot your XBRebooter 360 into Xell to get your CPU key. You can do this by using the Xbox 360 DVD Media Remote to power up the console (use the Windows! Key) , or by using a wired controller in the rear USB port and holding X to boot into Xell (or you can use keyboard + windows key)
Xell displays the fusesets. Either put Fuse set 3 and 4 together or put fuse set 5 and 6 together. This would be your CPU key, you can use this key to decrypt the keyvault using Flash Tool 0.91 and figure out the DVDKey and the OSIG string (in case the dvdkey is lost)
Now what are you waiting for. Get going on getting an exploitable Xbox 360 to do all these crazy homebrews with.