Jump to content

  •  

  • iBotModz CBox


    Photo

    xeBuild 1.12 Released


    This topic has been archived. This means that you cannot reply to this topic.
    No replies to this topic

    #1 iBotModz_Bot

    iBotModz_Bot

      Brigadier Grade 3

    • Bots

    • 2,985 posts
    • Joined: 14-July 08

    Posted 04 April 2014 - 10:49 AM

    This update adds support for kernel 16747 plus other bug fixes and additions

    xeBuild is a command line system image builder for JTAG, glitch, and clean images.

    Xbox-Scene

    Change Log

    1.12
    • check FCRT.bin signature with PIRS_pub.bin or MAST_pub.bin if available (selection based on content)
    • check DAEP signed signatures in DAE.bin (usually 2) with PIRS_pub.bin if available
    • check CRLP signed CRL.bin signatures with PIRS_pub.bin if available
    • fix mobile extraction stalling process on corrupt NAND
    • do not patch boot reasons into flash header for devkit and retail builds, only glitch and jtag
    • added patch to kernel to attempt to block network until launch.xex has loaded (if available)
    • add -o smcnocheck to image build options/ini; avoids fatal build error if smc is unknown
    • add 16747
    • fixed: was not automatically creating all the folders for 16747 avatar data to be valid

    How To Use:

    • See individual folders for lists of files to provide
    • If desired provide replacement cpu and 1bl keys in text files
    • open a command window in the xeBuild directory
    • on the command line type, for example:
    example - if you provided keys in appropriate text files
    xeBuild.exe -t glitch -c falcon -d myfalcon myfalconout.bin

    -t glitch = build a glitch type image
    -c falcon = use falcon bl and patch set
    -d myfalcon = a folder is present called "myfalcon" with per machine files, this uses it myfalconout.bin = the file that will be produced
    • type 'xeBuild.exe -?', 'xebuild client -?' or 'xebuild update -?' for command line info

    Update and Client modes:

    Both modes require the supported updsvr running on the xbox, full functionality may require updating console patches with the included hv patches. Both the PC and the xbox need to be on the same subnet/LAN router.

    Client mode is a simple way to read, write and patch flash as well as few other simple commands such as the patch updater. The patch updater will look in the folders beside the exe for {version#}binpatches_{type}.bin which are full patches for whichever console and hack type, it will load and strip the patches if needed and send them to the console. Note that only xebuild images are truly supported for this.

    Most of the client mode commands should be available on any console, even unhacked devkits. See output from 'xebuild client -?' for more information on the options available.

    Update mode attempts to retain as much data about the console as possible, without having to provide any info on the command line aside from optional/addon patches if required. After you copy the $SystemUpdate folder into (in this example) the folder 16203 it is capable of taking a simple command line like:

    • xebuild update -f 16203 -a nohdmiwait

    It will fetch all the info from the console, and use the updater to update both the system flash and avatar data on the console (provided you have an 360 formatted HDD internally in the console.)

    It has some more advanced options to allow one to build the update image as well as dump the data from the console as it's acquired, while even leaving the console data untouched. See output from 'xebuild update -?' for more information on the options available.

    Neither update or client image writes are able to affect bad blocks, but are able to write new ones.

    If this happens mistakenly, an erase block command has been provided in client that will attempt to clear the bad block - use with caution though, blocks get marked as bad for good reasons and is a normal occurrence on NAND when a block becomes unreliable.

    With big block machines, the server will attempt to retain any NAND mu data in the system area, provided there is no system data to write in the image being sent. It's not foolproof, but update mode should not corrupt NAND mu.

    Example:

    • take original console dump, put it in mytrinity folder as NANDdump.bin
    • set CPU key and 1BL key in ini file, verify LDV from NANDdump.bin matches console fuses
    • if not set cfldv in ini file
    • build (xeBuild.exe -t glitch -d mytrinity -f 13599), flash and hopefully life is good

    .ini files:

    Just a word on the format... the ini parser is not very robust, the files need to be plain ASCII, everything after a ; on a line is ignored, and spaces are not acceptable (they get removed).

    Things like CPU key and 1BL key, if present in the per box ini file need not be placed anywhere else.

    Optional Patches:

    Various optional patches are included for use with the -a option, they are:

    • nofcrt - removes fcrt.bin requirement on some drives
    • nohdd - disables detection of internal SATA HDD
    • nohdmiwait - HDMI consoles will no longer wait or EXX screen when video is not ready
    • nolan - disables wired LAN to prevent E75/76/77 on machines with a damaged PHY
    • nointmu - disables jasper NANDmu, trinity 4G internal USB and corona 4G MMC memory units

    blmod.bin:

    Changing the patches to the BL that follows the BL that is executing during glitch attempts has a direct effect on whether a machine will glitch. The provided patches are generic and work well on most machines, but this per machine build addon can now be supplied without modifying the base patches to CBB or CD via a file in the perbuild folder, they will simply be tacked onto the end of CBB or CD, and the BL size adjusted to include this new data in the hash.

    Keep in mind, it can take multiple attempts and re-flashing with different binary data to find something that will boot at all, let alone be more effective for your console.

    blmod is currently not supported by update mode.

    Note:

    - DON'T USE THIS UNLESS YOU KNOW FOR SURE THAT YOU NEED IT!

    Using an incorrect controller config can result in problems remapping bad blocks (even manually.)

    If you have a 16M jasper, an additional build type has been added 'jaspersb', by default the image will be built for jasper with big block controller (config 00023010), use this alternate switch to build for small block controller (config 01198010.)

    Multi build/options example:


    When you specify -f 13599 on the command line:

    • 13599filelist.ini is parsed instead of datafilelist.ini

    Also the bin directory is used from 13599bin instead of bin allowing anyone to create multiple builds without multiple instances or rebuilds/hex edits/hacks of the main app.

    The example provided is the last version of 13599 patch set from dash launch and
    other files to build freeboot 13599

    example use:

    xeBuild -f 13599 -d myfalcon x13599out.bin

    • -f 13599 : use .13599filelist.ini, and .13599 for firmware files, .13599bin for patches
    • -d myfalcon : use .myfalcon for per build files (cpu key, keyvault, security files, ini etc.)
    • x13599out.bin: override auto generated name and produce .x13599out.bin as the final NAND image

    Note: if -d ***** is not specified it will still use the original /data and /bin dirs

    Devkit image building:

    This feature is currently considered Beta/Work In Progress.

    A new image target type was added, "-t devkit" which builds 64M flash images for devkits. Currently untested, building with a 00 filled CPU key will create a zeropaired devkit image that may allow one to boot a software bricked devkit that one does not know the CPU key for and recover it to an operational state. By powering on the console with such an image present, with a recovery DVD in the drive, the recovery software should be able to create a new keyvault, re-pair the DVD drive to the new keyvault, and allow normal operation once complete.

    Normal devkit image building when one does know their CPU key and thus has security files and keyvault should work as expected.

    Building devkit for glitch/jtag is also possible using the standard -t glitch/jtag methods. Sample ini have been provided with this release, but will not work unless patches and files are supplied. Note that devkit is not our focus, but was relatively easy and straight forward option to supply for those that wish to make use of it.

    jasperbigffs:

    Those who use large block NAND are now able to nearly double the size of the system file area with this option with no apparent ill effects. Normally this option wouldn't be needed, but if one wanted to experiment with more files in flash, or one was building a devkit image for a devkit with a big block flash, this option is required.



    News-Source: xeBuild 1.12 Released (via) 360Crunch


    View the full article