Xbox softmod Project

Day 1

After seeing 3 engineers accomplish a softmod the other day, I was inspired to take on the same project and softmod my xbox.
I would count this as day one as part of the research on what I need to do and what tools I need to complete what seems like an easy thing to do, just need some common sense I guess and the ability to follow instructions.

First things first, I need to get myself a 300Gb Maxtor HDD to upgrade the existing one that I have in the xbox. After its just a matter of getting all the things that I need such as installers, dashboard, skins and most importantly the games.
I’m planning to use this as a media center which will act as a network storage where I can store my somewhat mediocre collection.

So at the moment I’m still very much into the research stage, just joined the X-Box Scene Forum and learning a few things. From what I learned so far softmod is this:

Basicaly a complete softmod is built out of 3 things:

the exploit

the bios loader or kernel patcher

a dashboard

A little more info on each of them.

The exploit: (AKA hack)

This is the most important part of the whole softmod. It allows you to run software that isn’t signed with the M$ private key. (non official software)
There are two major exploits are available at the moment. the gamesave hack and the XBE Hack

UXE works on all xboxes (no limitations)

The gamesave exploit runs non official software that is put into a specially designed/hacked gamesave. Only three games can make use of those special gamesave at the moment. mechassault, 007 Agent under fire and splinter cell.
Most automatic installers (for example ltools) make use of these exploited gamesaves to get their software running. Gamesave exploits only run out of the game and stop working as soon as the game is stopped, therefore gamesave exploits are mostly used to install a permanent hack like UXE.

Bios loaders/kernel patchers:

So exploits allow us to run non official software but that doesn’t mean we can just play everything we want. The exploit only allows software that is prepared in a particular way (signed with a special key). Now we don’t like to do that with all our stuff so what if we take one program, prepare it with that special signature and let that program kick out or patch the existing bios to a bios that we like (without any checks for signatures, region numbers and what more). That is what bios loaders and kernel patchers do.

A bios loader kicks the M$ bios out of the xbox memory and puts in a hacked one. Most used bios loaders nowadays are PBL metoo, FBL and PBL-lite. Since a bios loader “loads” a bios it will need a bios file it can use to put in the memory.
A newer bios loader is usually allready prepared (signed with habibi) for use with the UDE/UDE2/UXE. The bios that gets loaded looks for a dashboard file to boot succesfully.

A kernel patcher doesn’t kick out the m$ bios but it just alters it (again only in memory) so all the security checks are removed and some stuff is inserted. Since it only “patches” the bios the kernel doesn’t need a bios file. The kernel(bios) is patched so it will also look for a new dashboard file.

A dashboard:
Now we have an xbox with a complete new or adjusted bios but it would be nice if we now have a menu like structure that takes advantage of all the neat possibilities we now have with our new bios. So there is where the dashboard takes place. This is the screen with all the options like play games, emus and stuff.
Most used/popular dashboards are: evolution-x, MXM, avalaunch and unleashx

So to sum up in short for the people that didn’t continue reading all my stuff (which I can totally understand if I read back).

Xbox is turned on
exploit kicks in (or is triggered in case of audio hack)
exploit boots to bios loader or kernel patcher
new or patched bios looks for dashboard
dashboard boots up and voila a softmodded xbox

When the xbox has loaded succesfully and the bios is adjusted there is no difference with a hardmodded (chipped or tsopped) xbox at that point and it will allow you everything any other modded would let you. This is all possible without opening the case and within 5 minutes of time.

A couple of things that are mentioned here are obsolete but gives you an idea on how the softmod works on the box

Leave a Comment