(adsbygoogle = window.adsbygoogle || []).push({}); All Credits Go to S7S all i did was Copy and Paste

    https://rapidshare.com/files/283243738/xbins.exe or https://www.megaupload.com/?dZ6A54YA

JTAG HACK



Requirements:
- Some wire.
- Soldering Iron
- Xbox 360 with kernel version 7371 or lower(Some 7371 and 7363 consoles may not work if they have the patched CB Console manufature date of 6-1-09 and later )
- 2 Switching Diodes. I used 1N914 - 1N4148
You must login or register to view this content.
Since the diagram only shows how to tell the Generation this is how you tell what you have.
Xenon - Non-HDMI
Zephyr - HDMI
Opus - Non-HDMI
Falcon - HDMI
Jasper - HDMI

You will need to know your Xbox Motherboard Revision. These are the two diagrams to follow. Each one of these will need to be bridged with a piece of wire and 2 of them require a switching diode.

The |< is where the diodes go. On the diode itself there is a thick black line. That black line is this side ---> |< of the diode. That will tell you which way to place the diode when installing the JTAG connections. Diode MUST be soldered directly to the board facing the correct way.

Xenon Motherboard JTAG Connections
You must login or register to view this content.
Zephyr, Falcon, Opus, Jasper JTAG Connections
You must login or register to view this content.





Alright now that you have the JTAG connections out of the way its time to install the LPT cable.

Requirements for Dumping the NAND Image
You will need the following to dump your Xbox 360 NAND.
- Computer with a LPT port(Printer port)
- LPT cable with a DB25 Male end.
- 5 100-Ohm resistors. I used 100-Ohm 1/2 Watt resistors
- 1 Switching Diode. I used 1N914 - 1N4148
- Solder Iron
- Some patience
- NandPro20b to dump the NAND
- Total Commander to make sure your dumps are identical

**If using a 64bit OS - Download this and Extract inpout32.dll from Win32 folder to nandpro folder. Rename inpout32.dll to DLPortIO.dll

    https://rapidshare.com/files/332755032/InpOutBinaries_1200.zip

Now dumping your NAND is crucial to this. You want to have a good clean NAND image that can be flashed back to the console if need be. So lets get started.

1. We need to set up the solder connections onto the motherboard. I used a printer cable and cut it midway and spliced it open. Then used a multimeter to figure out which cable goes to which pin. I then wrote the color/pin combination on a piece of paper. If you decide to do the same as me and not make your own cable I suggest writing down the color/pin combo so you don't have to use the multimeter again.

This is what my printer cable looks like
You must login or register to view this content.

As you can see I have all the resistors soldered to the ends of the cable and the one diode attached as well. All I have to do is solder it to the motherboard and I have my connection to the NAND reading and it can dump.

Soldering the cable to the board.
Now attaching the cable to the motherboard is easy as long as you know how to read the diagram which is pretty straight forward. Just follow the lines. This diagram also shows the JTAG connections. Just ignore that they are there since you already have the diagrams up top. *Diode MUST be soldered directly the the board, will not work in plug housing if you make your own cable!*

NOTE: This will make it a lot easier for you that do not solder the resistors to the board and have made your own lpt cable. This will solve most of your "Could not detect flash controller" errors.

1. Cut spare resistor stems off.
2. Cut those stems in half.
3. Wrap the end of your wire from the lpt cable around the stem and solder the stem and wire togehter.
4. Now Solder that stem INSIDE the hole on the motherboard. Not on top but actually letting it sink inside the point.



LPT Connections are the same for every single board. There is not difference. This picture names those motherboards because of the JTAG points that are in the picture. Disregard that. LPT connections are the same for ALL boards!
You must login or register to view this content.

Pin number 18 coming from the LPT cable is shown as ground. This wire should be soldered to either the ground next to where Pin 11 solders to or the ground under where Pin 16 solders to. This will ground it and prevent the 360 from shorting and turning off.

Ok so now that you have the LPT cable soldered to the motherboard and have your cable connected to your PC. It is time to start dumping the NAND. In order to dump the NAND you will need Nandpro20b which can be downloaded on Xbins.
Directory for Nandpro20b is

    /XBOX 360/development/kernel/nand tools/NandPro/

Getting files together:
1. Make a new folder and name it Nandpro20b then extract the content of the rar file into this folder.
2. Place the Nandpro20b folder in the root directory of your hard drive.
3. In the Nandpro20b folder there is a prgram called "port95nt.exe" run that to install the drivers. Then you are ready.
NandPro should work with all 32bit OS's. It is said it works fine with Vista and 7 but may need admin rights and XP Compatibility on.
Anyway lets get to reading your NAND.

Plug the power cable into the back of the 360 and into the wall so it has its power source. But do not turn on the 360 as it is not required. All you need to do is plug in the power cable and continue.

Dumping the NAN
1. Click Start
2. Select run
3. Type CMD
4. Now in the command window you will need to type the command to read.

For Xenon, Zephyr, Flacon, Opus and 16mb Jasper's(No internal memory)

    C:Nandpro20bnandpro.exe lpt: -r16 nand1.bin

For Jasper's with 256mb Internal memory.

    C:Nandpro20bnandpro.exe lpt: -r256 nand1.bin

For Jasper's with 512mb Internal memory.

    C:Nandpro20bnandpro.exe lpt: -r512 nand1.bin

5. Click enter and it should start. If it says testing 4 times and fails you need to check your soldering.
6. If done right it will start to read the NAND. It should read to block 3FF.
7. Repeat step 4. You want to have at least 2 dump to compare to each other and make sure they are identical.
*Note that it is possible that your NAND has bad blocks in it. Error(25x) and you keep getting this each time you dump the NAND don't worry. It is safe to continue because that is just how your NAND image is

How to check if your NAND dumps are identical.

Download Total commander here

    https://rapidshare.com/files/319941523/tcmd750a.exe

1. Open Total Commander.
2. Click File
3. Compare by Content
4. A new window will open. Open on nand dump for file one and open the second dump for file 2.
5. Then click Compare.
6. If it says file are identical you are set to continue. If it does not say that. I suggest you go back and dump 1 or 2 more times.

If your two dumps are identical. Congratulations. You have successfully dumped your Xbox 360 NAND. Now you can continue.

Checking the CB Version

    /XBOX 360/development/kernel/downgrading/

This is a very important step for 360's with the 7371 kernel. Some of these 360's have been patched already to stop the JTAG hack. This is the way to make 100% sure whether or not your 360 is still vulnerable.

Open your NAND image in Degraded1.1
Your CB version will be displayed.
You must login or register to view this content.

Exploitable CB versions:
1888, 1902, 1903, 1920,1921: exploitable xenon
4558: exploitable Zephyr
5761, 5766, 5770: exploitable falcon
6712, 6723: exploitable jasper

Non-Exploitable CB Versions (CD = 8453 for all of them)
Xenon: 1922, 1923, 1940
Zephyr: 4571, 4572, 4578, 4579
Falcon/Opus: 5771
Jasper: 6750

NAND wont open in Degraded? Here is how to fix that.
1) Make a copy of your NAND backup
2) Open that copy in a hex editor
3) At offset 0x0012 you will see 2004 - 2007 Microsoft Corporation
4) Change that to 2004 - 2005 Microsoft Corporation
5) Now you image will open in Degraded.

For Big Block consoles. Degraded will not open your image.

How to Install Xell

Xell is used to grab your CPU Key for your console. Which is a good thing to have in case you need to open your KV. Install Xell is easy and takes little to now time. This is not needed to install XBR. XBR already has Xell integrated with it. This is for the people that just need their CPU key to decrypt their KV to get their DVD key. XBR 3 will start Xell if you start the 360 with the eject button.

First you will need to download it from Xbins. Again here is the directory.

    /XBOX 360/development/free60/images/

Download the image for your motherboard revision. Extract and place it in the nandpro folder. Make it easy on yourself and rename the Xell file to Xell

With your LPT cable and everything still set up. You will be using nandpro again. So here we go again.

1. Click start
2. Click run
3. Type CMD
4. Type the command.

    C:Nandpro20bnandpro.exe lpt: -w16 Xell.bin 

Don't worry about the file size. It is meant to only write to the beginning of your NAND flash.
5. Click enter and it should starting writing.
6. Once it is done writing. Unplug the lpt cable from the PC and turn on the 360. It should boot into a blue screen. If it does then you did it right.

Getting the CPU key.
Have a camera ready to take a picture of the Fuse Set's that pop up briefly.
Take a picture that includes fuse set 3,4,5,and 6. These contain your CPU key
You must login or register to view this content.

Take either 3 and 5 or 4 and 6. This will make up your cpu key. 3=4 5=6 So for example. I will take 3 and 5.
3= E42D681ED06A6D1C
5= 1FFD8E48C56A2058

So my CPU Key is - E42D681ED06A6D1C1FFD8E48C56A2058

Adding either one of the two will make your CPU key.

After getting your cpu key you can write your original nand image back to the board. Or go straight forward and install XBReboot or freeBOOT.

How To Install Freeboot

Download link:

    https://www.mediafire.com/?yn0tm3mf0dy

libeay32.dll error?

    https://sourceforge.net/projects/gnuwin32/files/openssl/0.9.8h-1/openssl-0.9.8h-1-bin.zip/download

(Copy bin/libeay32.dll from the RAR into the same directory as ibuild)

Completely replaces XBR! No dual-nand (Cygnos) needed!

It is confirmed that older original NAND dumps are supported by ibuild. 7371 is preferred, but not required!



irc.efnet.net #freeboot

This is the readme taken from xbox scene.




This was done on Vista 32-bit

Tools needed:

1) Auto Xbins : Auto Xbins
2) freeBOOT-0.031.zip from xbins : /XBOX 360/development/freeBOOT/
3) 9199.zip from xbins: /XBOX 360/development/freeBOOT/
4) Cygnos360 V2 SMC Collection.zip from xbins: /XBOX 360/development/Cygnos360/
5) libeay32.zip libeay32
6) Your original nand image (**DOES NOT NEED TO BE 7371**)
7) Your CPU key

1. First things first open up freeBOOT-0.031.zip and extract it to your desktop
You must login or register to view this content.

2. Open up the libeay32.zip and extract the libeay32.dll to the freeBOOT-0.031 folder:
You must login or register to view this content.
3. Take your original nand dump and for the sake of the guide rename it to original.bin, after put that file original.bin into your freeboot-0.031 it should look like this:
You must login or register to view this content.

4. Next you are going to go to your desktop, hold down shift and while holding shift down click open in command window here:
You must login or register to view this content.
5. Now when your command window opens up it should look like this:
You must login or register to view this content.
6. Now you are going to have to copy this line and paste it into the CMD window (just replace the CPUKEY line with your cpukey):

ibuild.exe x -d temp\ -p CPUKEY -b DD88AD0C9ED669E7B56794FB68563EFA original.bin and press enter.

This is what your window should look like the red is supposed to be your cpukey (I blocked out mine)
You must login or register to view this content.
7. Now open up 9199.zip and put all the contents from the zip into the freeBOOT-0.031\data folder
You must login or register to view this content.
8. Now go to freeBOOT-0.031\temp and take out these files from there and put them into the freeBOOT-0.031\data folder

- crl.bin
- crl.bin.meta
- extended.bin
- extended.bin.meta
- kv.bin
- odd.bin
- odd.bin.meta
- secdata.bin
- secdata.bin.meta
- smc_config.bin

9. Now open up Cygnos360 V2 SMC Collection.zip and pick the file that’s associated for your console and extract it. After you extract it rename the file to smc.bin Now put the smc.bin file into the freeBOOT-0.031\data folder
You must login or register to view this content.
10. Now go to your CMD window and copy this line and paste it in and press enter:

ibuild.exe c freeBOOT -c CONSOLE -d data\ -p CPUKEY -b DD88AD0C9ED669E7B56794FB68563EFA bin\image.bin bin\fuses.bin

- Replace CONSOLE with your console name one of these: xenon, zephyr, falcon, jasper, jasper256 or jasper512
- Once again replace CPUKEY with your cpukey

This is what it should look like (The red is my cpukey and as you can see my console is a falcon so I wrote falcon in there):
You must login or register to view this content.
11. Your done now go to the freeboot-0.031\bin folder and you should see image.bin, This is your newly built nand image now go and flash it the way you prefer.
You must login or register to view this content.
**For flashing with XBR this should work (didnt test it): Take the image.bin that was created from the freeboot-0.031\bin folder and rename it to updflash.bin Then put updflash.bin into a flash drive (USB Stick) Then run 360Flashtool from your 360 When in 360Flashtool press **Button A - Write updflash.bin to Nand** and thats it you should have a newly installed freeBOOT with 9199 kernal.

**If your avatars dont work after flashing freeBOOT from what I read (and what I assumed originally) you take the 9199 update and run it like any normal update. The xbox will recognize you have the 9199 update but that you are missing the avatar files so it will then just install the files needed for avatar support

Optional:

If you want xellous installed right before step 9 open up XeLLous_v1.0.zip XeLLous_v1.0 and extract xell-2f.bin and put that file into freeBOOT-0.031\bin
(let it overwrite the old file) and then continue with step 10 and build your image.

I hope this helps clear the question for noobs such as me I just used some common sense to do this hope it helps enjoy freeboot and thanks to ikari for freeboot

*I am not responsible for ANYTHING that happens while following this guide*

If anything is incorrect please let me know so I can fix it I am in no way an expert at all and if I missed anything let me know. Cheers
Not My Boot! And my tuorial! And Yes this does bring jtags back online 100%! Source: TTG & S7!

Wow i swear ive read this somewhere else

wow read i said All Credits Go to S7S all i did was Copy and Paste

But Whats The Point In Just Copying This Of Another Website?

added freeboot tutroial

To share the tutorial on another site.



~Elmo