Recent content by zecoxao

now to eternally wait for @DoublesAdvocate to move his ass and fetch the root key from a 3.55 CFW for the 1.00 holy grail dump

props to user sagemono for the discovery.

it has been discovered that the microcode rom uses as architecture IBM Risc System 6000. some evidence: https://github.com/gcc-mirror/gcc/blob/09e74059bdb12c784570d40b28a33f22090badfe/gcc/config/rs6000/cell.md https://gcc.gnu.org/pipermail/gcc-patches/2008-September/248999.html...

a talk: https://reverse-2026.sessionize.com/session/1077896

uploaded the (now) bit corrected roms, courtesy of Anonymous

more like glitch the device to get the master keys and fuses

The xbox one bootrom, the first piece of code that runs on xbox one that bootstraps everything else

With love from Anonymous

i'm kinda curious as to why noone dumped the coreos on these units, as it provides valuable information for AV firmwares (having only two pups of this and nothing else kinda sucks)

here are the three files. good luck with the decoding process. we have tried and have so far failed

So, as you might all be aware, the lv0ldr and metldr contain perconsole crypto that is handled either by a rom and fuses or by RTL that would make it impossible to retrieve without expending quite a lot of cash on chip analysis (which is money that i didn't have back when i started this project)...

Good point, yes, you need to be on 3.55

1. 8th Byte Of idps changed from 02 to 01 (Using IDPSet or Evilnat's CECH-A leaf) 2. Syscon UART EEPROM at 3298 Change 00 03 to FF FF 3. Components Changed (See Below) 4. FSM Blind Update (THIS NEEDS Lv2diag.self!) (THIS NEEDS 3.55 Rogero 3.7 NO BD) 5. More Missing Parts (SOON tm) Option Now...

documented a couple more things, thanks to @esc0rtd3w