XBOX Security Sector Patcher / Extractor

[carranzafp]

************************************************
    SECURITY SECTOR EXTRACTOR / PATCHER V 1.0
************************************************
    Coded by maximus  (carranzafp)


SCREENSHOT:
----------------



DESCRIPTION
------------
   I was tired to manually calculate the SS address in the image file
   to patch so I create this little tool.

   This Graphical tool to easily calculate the right address to patch
   your xbox game images with your own Security Sector file. It also
   does the patching process for you.

   You can also extract the SS if you have the image already patched.
   (I dont know if this is useful for somebody but anyway does it)

   Supports raw images created with swap method and also images created
   with concatenated partitions.
   
   This app is for those who wants to create a game image to play with
   the Commodore4eva hacked firmware


REMARKS:
--------
 - If you does not understand any field leave the default value.
 - This app does not contain copyrighted code from M$
 - You must supply your own game image and your own Security Sector file
 - No warranties from any kind. Tested only on Win XP



RECOMENDED TUTORIALS:
---------------------
 - To create a Raw Image with swap:
   http://arakon.dyndns.org/backup.html
   by Arakon


 - To create a Concatenated partitions image (faster):
   http://www.xboxhacker.net/index.php?option=com_smf&Itemid=33&topic=707.msg7290#msg7290
   by Bluecop



THANKS TO:
----------
   Geremia, Arakon, Bluecop and of course to Commodore4eva
   @xboxhacker.net



DOWNLOAD:
-----------------
http://rapidshare.de/files/19163529/SS_Patcher.zip.html

[angerwound]

I had planned on doing something of the same idea here. Your's looks great. Will give it the test tonight.

One concern I did have was the need for the 'Last DVD Sector PSN' field. Couldn't this be calculated based on the image the user supplies?

Great Work!

EDIT: With regard to something BlueCop had mentioned in #XBH. Cutting off the extra padding after the SS would make for quicker burning as well.

[carranzafp]

One concern I did have was the need for the 'Last DVD Sector PSN' field. Couldn't this be calculated based on the image the user supplies?

I think on that but I havent checked yet.   I wil give a check later and will update. 

Post feedback, suggestions. Thanks

Edit: I have searched my image for ocurrences of my LAST_PSN value but i find too many, I will try to discard them comparing 2 different game images. But this will work only if that data (if available) is located on fixed location

[BlueCop]

you could rip the extra dummy data from the image and then it is as simple as placing the ss.bin at the end of the file and then change the layer break for your burn to 1913776.

if you take your orginal layer break from the hotswap dvd. like for this example my chasing amy was 2057632 or 1F65A0 x 800h = offset FB2D0000 in the raw image. the layer break for the orginal xbox dvd was 1913776 or 1D33B0 x 800h = E99D8000 hex is the end of the layer 0 part of the game partition. so E99D8000 - FB2D0000 is the extra space on layer 0. The next layer begins at FB2D0000 and will have a blank space the exact same size as between E99D8000 - FB2D0000 then game layer 1 starts. you could remove both these sections of sectors and change the layer break to 1913776 and your image would work correctly.

you could then also remove the the blank space after the end of the game layer 1. your game image starts at 18300000 and is  7,027,228,672 bytes long or 1A2DB0000 + 18300000 = 1BB0B0000 which from there to the end file could be removed. 1BB0B0000 should be the end of game layer 1. The Security Sector would simply be tacked on the end of the file.

edit: this speeds up your burning a little. my hotswap dvd image was 7.82 GB while the built one was 6.92 GB(which would look the same as a dummy striped raw image). the game data in each layer is in the same position on the disc in ethier image when burned to disc.

[carranzafp]

Bluecop: I will implement your trim process on next version (already working on it).

Somebody knows if it is possible to get LAST_PSN reading the image?  I am scanning the image but I found too many ocurrences

[BlueCop]

you could calculate it based on the layer break amd the size of the image. if you change the layer break the it would change the last psn

[dom0012]

has anyone tested this tool?

[uberfry]

@ Carranzzafp: right there you're using a scene release...where did you get the SS from for it?

[anita999]

Carranzzafp, good job. I would appreciate if you can add a manual setting for layerbreak PSN ( or LBA). and for sometimes we might want to insert (patch) the image with SS sizing more then one sector, so it would be great if you can handle SS.bin in different sizes.

[Arakon]

@ Carranzzafp: right there you're using a scene release...where did you get the SS from for it?

I think the image loaded in the picture is just for demonstration purposes for the screenshot.
it couldn't work in this format at all, since it'd be too small for a DL.

[uberfry]

sorry...but what's the link of the SS dumping tutorial again please? ;X

[carranzafp]

Ups, you got me... the fifa image shown in the picture is just for testing purposes, I have sucessfully cloned the Fifa but based on the original dvd disk, I was testing something else.

I am working on next version and I will include Geremia suggestions.

Next version wiil also include:
 -Trim RAW images (basically it converts to the assembled video+game+ss versions) eliminating dummy space
 - Option to generate an assembled image

Later today or tomorrow will be ready, so if you have another idea please comment.

sorry...but what's the link of the SS dumping tutorial again please? ;X

There is no tutorial, I have done like commodore4eva says, I flash the samsung drive with the hacked firmare that retrieves SS sending a custom command. Here is a copy paste of the news (xbox scene)

"Update* (from commodore4eva)  I released a firmware for reading the security sector data. Use only to obtain SS data from games which is $0800 in length. Send custom cdb command (from dvdinfo pro: AD 00 FF 02 FD FF FE 00 08 00 00 C0). Save data as bin file."

[stonersmurf]

sorry...but what's the link of the SS dumping tutorial again please? ;X

Arakons tutorial shows you how to dump the SS.
http://arakon.dyndns.org/backup.html

[dom0012]

so does this tool work? has anyone tested it? can someone please verify that this thing works 

[Arakon]

why wouldn't it work? it does takes some steps off your hands that you would normally have to do manually.

[katzoo]

I tried the patcher using the swap method on AUF. It didn't work but then I changed the SS pointer in the firmware from F9FA00 to F9FA01 it worked. Can I have done something wrong or is the patcher missplaceing the SS by one sector?

[carranzafp]

Edited by author

[Arakon]

@carranzafp: I believe xbox 1 disks have a single layer break value for all games, it should do to just use that layer break without having to enter one manually. that should hold true at least for the images built using the unlocker method.

[BlueCop]

the layer break i think is needed to patch hotswap images and easily strip their extra data.

[carranzafp]

I will check this possible error. I think I know where is it.

Edited: I dont want to confuse this so I edited my example

My program uses the following formula to calculate a IN_FILE_ADDRESS:
ss_address = IMAGE_SIZE - ((LAST_PSN - SS_PSN + 1) * 800h)

so for example, assuming SS_PSN=F9FA00, LAST_PSN=FCE6DD and IMAGE_SIZE=1FB7DF000
then ss_address is: 1E4170000

This made me sense because when I hexedited the file it was the address where visually the data ends and zero's began.  but the user katzoo says that he must puts F9FA01 on his firmware to get the image to load.  So this means 1 of 3 things:

a) PSN F0FA00 is located over the data that I have seen on winex (location 1FB7DE800) (I dont think so)
b) Bigger PSN have lower In file address (I dont think so also, at least of course the image is recorded over the disc in a very different way that we are assuming)
c) user katzoo made a mistake or it is trying to boicot my tool (je je this  is a joke of course)

Could somebody put fresh ideas over this possible cause?


I will correct this asap for the next version.

I am working on a redesigned tool, I am about to release but I have simplified the use and the interfase (now it calculates everything, you only select the image and layerbreak) and you dont have to calculate anything else.

Also will have an option to trim raw images to eliminate unused space (faster burning) and will have an option to patch any file you want at any location (PSN, LBA of IN_FILE_ADDRESS you want)