{"id":601101,"date":"2023-01-25T06:49:19","date_gmt":"2023-01-25T12:49:19","guid":{"rendered":"https:\/\/news.sellorbuyhomefast.com\/index.php\/2023\/01\/25\/how-the-xbox-360-knows-if-your-hard-drive-is-genuine\/"},"modified":"2023-01-25T06:49:19","modified_gmt":"2023-01-25T12:49:19","slug":"how-the-xbox-360-knows-if-your-hard-drive-is-genuine","status":"publish","type":"post","link":"https:\/\/newsycanuse.com\/index.php\/2023\/01\/25\/how-the-xbox-360-knows-if-your-hard-drive-is-genuine\/","title":{"rendered":"How the Xbox 360 knows if your hard-drive is genuine"},"content":{"rendered":"
\n <\/picture>\n

Eaton<\/span>
\n \u2022<\/span>
\n

The Xbox 360 was launched in 2005 with 2 models \u2013 a \u201cCore\u201d model and a \u201cPro\u201d model. The idea behind the Core was to provide a lower-cost model so gamers could play their games from disc, while the Pro included a 20 GB hard-drive, which was plenty for the limited amount of downloadable content and other extras at the time. The hard-drive has always been an optional accessory, but it quickly became a necessity for gamers who wanted to save their profiles and download content from Xbox Live. The downside is that the Xbox 360 branded hard-drives were expensive. The 20 GB at launch was $99! Looking at an old AnandTech price guide from November 2005<\/a>, for $57 you could get an 80 GB hard-drive for your PC. Xbox 360 storage came at a large premium.<\/p>\n

Instinctively, modders explored the possibility of using custom hard-drives in order to get lots of storage on a budget. Unfortunately, they quickly found it was impossible.<\/p>\n

Kernel-mode Authenticity Check<\/strong><\/h2>\n

Every genuine Xbox 360 hard-drive has a unique piece of data in sector 16 called the \u201csecurity sector\u201d that contains the following information:<\/p>\n

<\/figure>\n

The security sector data is processed in a kernel function named SataDiskAuthenticateDevice<\/em>. It looks like this in IDA:<\/p>\n

<\/a><\/figure>\n

The decompiled version:<\/p>\n

<\/figure>\n

The function is relatively simple. It starts by calling IoSynchronousFsdRequest<\/em>. This is a function carried over from the original Xbox, and you won\u2019t find it on Windows. It basically executes an asynchronous IO request, and then waits for it to complete. In this case, it is a read request for sector 16:<\/p>\n

<\/figure>\n

After that function runs, Buffer<\/em> will contain the security sector data, or, if the read failed, the console will display an E69 error screen. That will only happen if the disk is very loosely connected, or if the disk is failing.<\/p>\n

When the security sector is in memory, the authenticity check takes place. All hard-drives report a serial number, firmware revision, and model number as part of the IDE_COMMAND_IDENTIFY_DEVICE<\/em> command<\/a>. The data the disk firmware reports is compared against what is stored in the security sector. It does this using a dedicated helper function named SataDiskEqualAuthenticationStrings<\/em>, which basically works like memcmp (a function that checks if bytes are equal).<\/p>\n

<\/figure>\n

If any of those 3 strings do not match, the check fails. You might be thinking, it should be trivial to just change the security sector to match the data the disk firmware, reports, right? Unfortunately, the entire security sector is RSA-signed using a private key only Microsoft possesses. This means that if you modify the security sector to match the disk firmware information, it will fail the cryptographic check. Here is the RSA signature verification:<\/p>\n

<\/figure>\n

The Workarounds<\/strong><\/h2>\n

If you do not want to buy the genuine Microsoft Xbox 360 hard-drive, there are 2 workarounds <\/p>\n

1. HDDHackr<\/strong><\/h3>\n

Since the security sector cannot be modified to match the disk firmware information, the only possible workaround is to change the disk firmware so it will match the security sector. HDDHackr<\/a> was created \u2013 an MS-DOS app that updates the firmware on Western Digital drives to impersonate another. For example, if a security sector says the disk is a Hitachi, HDDHackr would change the disk firmware to report Hitachi information.<\/p>\n

There are still a few limitations to the HDDHackr workaround:<\/p>\n

    \n
  1. It\u2019s not maintained anymore and only works on older PC hardware.<\/li>\n
  2. There are reports it doesn\u2019t work well on newer Western Digital drives.<\/li>\n
  3. It cannot make drives larger than 500 GB work. The security sector limits the amount of addressable sectors, and 500 GB is the biggest hard-drive size Microsoft officially released.<\/li>\n<\/ol>\n

    2. Modded Console<\/strong><\/h3>\n

    When modding Xbox 360 consoles became possible through the JTAG and RGH hacks, the hard-drive authenticity check and size limitations were one of the first things patched out. With the checks removed, any hard-drive up to 2 TB in size could be connected, formatted on the dashboard, and be ready for use. These hacks require hardware modifications though, and you give up Xbox Live access in the process.<\/p>\n

    Microsoft knows about your hacked\/custom hard-drive<\/strong><\/h2>\n

    If you use the HDDHackr workaround, you would download a valid security sector from the internet to use for your hard-drive. For example, when the 500 GB HDD came out in 2014, the community quickly uploaded the security sector<\/a> so others could make their own, custom 500 GB HDDs. What most people do not realize is that Microsoft has been collecting your hard-drive info this entire time. Specifically, while connected to Xbox Live the following information from the security sector is sent to Microsoft periodically as part of a security challenge response:<\/p>\n