9 replies to this topic

[.dice♥]

This is for people that want to burn 360 games and not get banned from Live.

Stealth Media
-----------------

This is to clear up a few misconceptions about what Stealth Media is and how it works. This is not firmware stealth. Reading the firmware itself for changes is not controlled by the firmware itself, it is a low level hardware function which cannot be stopped by firrmware code.

A firmware check routine which calculated a checksum and returned that to the host was already found in V1 and was modified to always return the correct unmodified firmware value. I think this was a last minute check incorporated by MS as they new the firmware code was not signed.

Stealth Media is all about making a backup disc appear to the Xbox360 host exactly the same as an original. Although this was already done by the Security Sector and the challenge/response, there remained a number of differences on the disc that are currently not checked for. It would be very easy for the dash or the particular game to perform these extra disc checks. There are four main aspects to Stealth Media:


PSN Lockdown:
-------------

This is a two part process:

Before disc authentication (security sector,challenge response) is performed the drive will only allow vaild PSN reads as defined in the PFI sector. This is currently the standard video partition. Any request to read outside this range is not allowed - as per originals. (No more reading of the backup PFI,DMI,SS sectors.)

After disc authentication is performed and the drive is unlocked only valid PSN reads are allowed from the range defined by the Security Sector, this is the standard game partition. Any request to read outside this range is not allowed - as per originals.


PFI Sector (Physical Format Information):
-----------------------------------------

This sector is contained within the lead-in and contains information about its physical format. Disc booktype, start PSN and end PSN and Layerbreak are contained here. Currently all Xbox360 and Xbox1 games have the same PFI information, but that may change.

On Writable media (our backups), this also contains media specific information such as Media Code/Manufacturer ID and Media Product Revision number.

Any requestes for this information is now redirected to the the PFI sector now at $04FB1D (for Xbox 360 backups) or $0605FD (Xbox 1 backups), if it exists. If it does not exist (pre V3 backup) a seperate embedded PFI is used for Xbox 360 and Xbox 1.


DMI Sector (Disk Manufacturing Information):
------------------------------------------

This sector is also contained within the lead-in and contains information about the Disc manufacturer, such as Company name, batch id etc. This is currently different for each Xbox360 and Xbox1 game in each region.

Any requestes for this information is now redirected to the the DMI sector now at $04FB1E (for Xbox 360 backups) or $0605FE (Xbox 1 backups).

A pre V3 backup will always return blank information for this. (A possible detection method.)


Video Partition:
----------------

When Extreme V1 was released ,the disc build included a blanc video partition as it wasnt required for games to boot. As this can be checked by the XBox360 host, the standard video partition from any game was included with the stealth firmware. This is nothing new, just put back in for correctness!


Conclusion:
-----------

As of today , none of these extra disc checks are being performed, but it is only a matter of time before a game will. The same sort of checks were introduced to XBox1 games a while ago. I performed an exhaustive check of every command that the Samsung firmware can respond to and these differences were discovered.

The Samsung firmware only supports a limited subset of commands from the MMC-3/4 standards so not all commands exist compared to a standard PC drive, so anyone testing for media specific information should bear this in mind.

Non-Stealth backups will still boot with stealth firmware and will be enhanced with the PSN Lockdown and PFI Sector embedded in the firmware. These backups will have no DMI and possibly have a blank video partition, both of which can be checked for.

Stealth backups will still boot with non-stealth firmware but will be exposed to the above top three differences (PSN Lockdown,PFI,DMI) making the backup detectable. Correct Video partition is present.

[iBotPeaches]

Very nice find. Liked it alot

[.dice♥]

i would like to correct it, M$ IS PERFORMING these checks now, and SEVERAL other checks.

[killerskittle]

so as of right now stealth "discs" are not able to be used BC of M$ update.

[Snowmon333♥]

so as of right now stealth "discs" are not able to be used BC of M$ update.

huge bump... but i am just wondering why everyone used $ for M$

[iBotPeaches]

I dont know either lol.

My guess would be because they steal soo much money.

[.dice♥]

I dont know either lol.

My guess would be because they steal soo much money.

yeah they do steal alot! i am a proud xbox live banned member haha. they stole my money and banned my box.

[daKHAOSguy]

Thanx guys but , that realy didn't help at all... lol

[skipper132]

so the latest i extreme cvan play any iso stealth or non and how do u patch an iso for it to be stealth?

[.dice♥]

so the latest i extreme cvan play any iso stealth or non and how do u patch an iso for it to be stealth?

the lastest firmware can only play stealth patched disks, when u rip your disks they are automatically stealth patched. But if they are not, use DVD Mulletmeter, and use that.

also, i strongly advice everyone to use ixtreme 1.4.