Softmodding By Hotswapping Using XBL & Kingroach’s Ndure PC Installer

Taken from Softmod Depot’s Forums. Original Tutorial is located here

Softmodding By Hotswapping Using XBL & Kingroach’s Ndure PC Installer

—————————————————————————
Disclaimer
—————————————————————————

All information on this website is for informational purpose only and is
provided “AS IS”. Everything you do with this information is at your own
risk.

Everything done on this project is for the sole purpose of supporting
interoperable software under Sect. 1201 (f) Reverse Engineering exception
of the DMCA.

—————————————————————————
Prerequisites
—————————————————————————

Skill Level: Intermediate

You should be somewhat familiar with PC internals. That is to say, you have
some hands-on experience opening up a PC case and changing or removing an
IDE (aka ATA) hard disk, and know how to difference between ‘primary’,
‘secondary’, ‘master’ and ‘slave’.

You should be familiar with burning raw CD images.

You should know how to create zip files.

Your brain should have normal oxygenated blow flow and be free of
alcoholic and narcotic substances.

—————————————————————————
What is Hotswapping?
—————————————————————————

Hotswapping is to disconnect a hard disk drive in a running X-Box and
reconnect it to a PC. This is to allow the X-Box to unlock the disk so that
the disk contents can be accessed in the PC.

If you’re unable to get hold of the games or accessories (ActionReplay,
memcard etc) required to do a gamesave exploit, hotswapping is your
alternative. It does however, require you to open the X-Box case, so your
warranty will be voided (strictly speaking, all forms of modding will
void your warranty).

(Taken from X-Guides)
Is Hot-Swapping Safe? No, according to ANSI Standards, IDE was not designed
to allow for the disconnection of the supply ribbon interface while the
ribbon is ‘HOT’. Some dangers thats could arise during this action…

a. Electrical grounding backflow, this cannot be avoided, but can be
decreased by running a ground strap or using the PC’s power connector.
This could physcially make the drive fail, or worse fry your
motherboard.

b. Hard Disk Drive Shock, obviously you cannot avoid shaking the drive
while you are removing the cable.

In practice, many X-Box hard disks have been hotswapped without problems,
but you need to understand the risks involved nontheless.

—————————————————————————
Rational
—————————————————————————

A retail X-Box hard disk is locked with a ATA security password. This is a
password generated from the combination of a secret ‘key’ value on the
EEPROM and the hard disk’s serial number. These two values are unique
across all X-Boxes, which is the reason why an X-Box hard disk cannot be
unlocked with any EEPROM other than its own.

When modding a virgin X-Box, you would not have access to its EEPROM yet,
so this is where hotswapping comes in. When the X-Box powers on, it needs
to access the dashboard stored in the hard disk, so it has to unlock its
hard disk. This window period where the X-Box unlocks the disk is where
the hotswapping is performed, and it occurs just before the startup
‘flubber’ animation ends and the white ‘Microsoft’ logo appears.

—————————————————————————
Tools Needed
—————————————————————————

– A desktop PC (laptops *might* work if it has a means of hotswapping 3.5
inch IDE hard disks) that supports CD booting (practically all modern
ones do). Minimum requirements for the PC are: Pentium, 64MB RAM, VESA
compatible video, has IDE hard disk ports, keyboard, mouse and Ethernet).

– XBL (http://smdx2.com:9000/~xbugs/xbl). At least version 0.1.12a.

– A couple of blank writable/re-writable CD/DVDs.

– Kingroach’s NDURE PC installer 3.0 or
xbl_ndure_installer-1.0 (don’t ask where to download).

– Torx 20 and Torx 10 screwdrivers.

– Either an ethernet cross-cable or a router/switch + straight cable
combo). For hooking up the X-Box and the PC.

– Anti-static cable (optional).

—————————————————————————
Instructions
—————————————————————————

Note: Please read through to the end of the guide before actually starting
anything. This will give you a better overview of what’s going on.

1. Determine your BIOS and dashboard versions.

Boot the X-Box without a game, then from the dashboard, select Settings,
then from the sub-menu, scroll-down and select System Info. Wait for
the text to scroll down to a line that says something like…

K:1.00.XXXX.01
D:1.00.YYYY.01

XXXX is the version of your BIOS, YYYY is your dashboard version.
Remember these values, or write them down somewhere.

2. Update dashboard (optional)

Update the dashboard on your X-Box to the latest version via Live
Update or a game. This is optional, but you might experience problems
with dual-booting after everything is setup (don’t worry, easily
fixable).

3. Extract XBL zip file.

Create a new folder (I’ll call it “softmod” for this tute). Unzip the
XBL zip file you downloaded into “softmod”.

4. Prepare the softmod files on your PC.

You have two options here: either 1) make use of a pre-generated
softmod package (xbl_ndure_installer), or 2) run Kingroach
NDURE PC Installer and generate the softmod package yourself so you
can customize various aspects of the softmod. If you’re new to
softmodding, using the pre-generated package is recommended.

a. Using pre-generated softmod package (xbl_ndure_installer).

Simply copy the file named “xpkg.zip” found inside the
xbl_ndure_installer zip file into the “out\extras” sub-folder
inside”softmod” (the folder you extracted the xbl zip into earlier).

b. Generating the files using Kingroach NDURE PC Installer.

Create a new folder (can be named anything, but we will refer to it as
“kroach” for this tute).

Run the Kingroach installer, a Windows style install menu should appear
with a bunch of checkboxes in it. Check the following…

– Basic Files
– Retail Files
– Add Shadowc
– Kernel specific fonts (select only the number that corresponds to
your BIOS version, check your dashboard settings if you’re unsure
what your BIOS is, leave the rest unchecked).
– Add Ndure Toolset

When the installer prompts for an install folder, use “kroach” that
was created earlier.

Now using your favourite zipping program, zip up the C and E that is
inside “kroach” into a zip file named “xbox.zip” (must be named this).

Move the just-created xbox.zip into the “out\extras” sub-folder inside
“softmod” (the folder you extracted the xbl zip into earlier).

5. Create and test the boot disc.

Double-click on make_iso.bat, it should create a file name xbl.iso if
nothing went wrong.

Burn xbl.iso as a RAW ISO image to a CD/DVD. Don’t delete the “softmods”
folder though, you’ll need it later on.

Reboot the PC with the disc. Ensure that your BIOS is set to boot from
the CD/DVD drive. You should end up at the xbl boot menu if everything
went smootly. Select option 2. If you have a USB mouse connected, type
“2 xbl_ui_mouse=/dev/input/mice” at the prompt.

The boot CD should boot into a graphical interface. Make sure the mouse
and keyboard works. See “Troubleshooting” if not
(Screenshot: http://smdx2.com:9000/~xbugs/xbl/screenshots/xbl_intro_2.png)

6. Physically setting up everything.

Physically move the X-Box so it’s right next to your PC while still
being able to connect to the TV. Make sure the cables are long enough.
Make sure you have enough physical working space. Make sure all your
equipment is on a surface with little of no static. Make sure your tools
are within easy reach.

This step is pretty much common sense, but you’d be surprised at the
number of people who run into problems because of poor organisation.

Turn on the X-Box. If it prompts you for the time, set one. Power off
and on again to and verify if the time was really set. This step is to
prevent any “clock loop” errors. From this point on, you should not
disconnect the X-Box from the electrical socket or switch off the
socket (you can turn off the X-Box though).

7. Perform the hotswap.

Open up both the PC and X-Box cases (see
http://www.llamma.com/xbox/Repairs/crack_open_that_xbox.htm if
you don’t know how).

Remove the hard disk from the bracket (but keep the power cable in
tact).

Remove the IDE ribbon on the X-Box hard disk. Power on X-Box and note
the error number (should be 7, 8 or 9).

Off X-Box and put back cable, but loosen the cable as much as possible
until you don’t boot into an error. Loosening the cable will allow you to
perform the hotswap easily as the timing is pretty strict.

Now bootup the X-Box again and observe the boot animation. You
should hear a couple of clicks from the hard disk. After the clicking sound
ends and before the white MS logo appears is when the disk gets
unlocked. This is the time when you pull out the IDE cable from the X-Box
hard disk. If successful, you should get error 13 or 14.

Power on the PC with the xbl CD you created earlier. At the xbl boot
menu, remove the IDE cable from all hard disk(s) connected to the PC.
Plug the IDE cable from the PC into the X-Box hard disk and boot into
option 2.

Once fully booted up into the desktop, right-click and select “Check
Disk Lock Status”. Select the hard disk (usually /dev/hda).
(Screenshot: http://smdx2.com:9000/~xbugs/xbl/screenshots/xbl_menu_2.png)
(Screenshot: http://smdx2.com:9000/~xbugs/xbl/screenshots/xbl_disk_select_2.png)

You should get a message saying the disk is unlocked.
(Screenshot: http://smdx2.com:9000/~xbugs/xbl/screenshots/xbl_lockstat_ok.png)

If you didn’t, your hotswap wasn’t successful and you’ll have to redo
(from the part where you plug out the X-Box hard disk IDE cable). See
“Troubleshooting” if you’re not able to hotswap successfully.

8. Installing the softmod.

Right-click on the desktop and select “Install Softmod Package”.
Select the hard disk.

When prompted for method, select “xboxhd_auto” if you’reusing
softmod files you generated yourself from Kingroach NDURE PC
Installer. Select “xblpkg_auto” if you used the pre-generated
xbl_ndure_installer. Click OK.
(Screenshot: http://smdx2.com:9000/~xbugs/xbl/screenshots/xbl_instmod_select_method.png).

The installer will verify the softmod package, then backup the existing dashboard
to X:,
(Screenshot: http://smdx2.com:9000/~xbugs/xbl/screenshots/xbl_instmod_verify.png)
(Screenshot: http://smdx2.com:9000/~xbugs/xbl/screenshots/xbl_instmod_backup_dash.png)

Choose the BIOS (kernel) version (the XXXX number that I asked you to take
note of from the MS dashboard earlier on) that corresponds to your X-Box.
(Screenshot: http://smdx2.com:9000/~xbugs/xbl/screenshots/xbl_instmod_select_bios.png)

The installer will then extract the files (will take some time, don’t close the window).
(Screenshot: http://smdx2.com:9000/~xbugs/xbl/screenshots/xbl_instmod_extract.png)
(Screenshot: http://smdx2.com:9000/~xbugs/xbl/screenshots/xbl_instmod_shadowc_gauge.png)
(Screenshot: http://smdx2.com:9000/~xbugs/xbl/screenshots/xbl_instmod_filler_gauge.png)

If all went well, you will a success notification screen.
(Screenshot: http://smdx2.com:9000/~xbugs/xbl/screenshots/xbl_instmod_ok.png)

If everything went well, right-click and select the shutdown option.
Turn off both the PC and X-Box and reconnect the X-Box hard disk.

Power on the X-Box and you should be greeted with the UnleashX
dashboard instead of the retail one if everything went well.
(Screenshot: http://smdx2.com:9000/~xbugs/xbl/screenshots/ux_main.png)

If you get an error screen, or the system freezes at boot, see
“Troubleshooting”.

9. Backup EEPROM and retail dashboard.

a. If you generated the files yourself using Kingroach NDURE PC
Installer….

From the dashboard navigate to File Explorer, then navigate to e:\ndts
and run default.xbe.
(Screenshot: http://smdx2.com:9000/~xbugs/xbl/screenshots/ux_file_ndts.png)

UnleashX should start again but this time with the X-Box LED light
turned red. Nagivate to Backup/Restore, then select Backup EPROM
(Screenshot: http://smdx2.com:9000/~xbugs/xbl/screenshots/ux_ndts_backup.png)

This will start EvoX. Select the Backup EEPROM option. Now reboot the
X-Box.

b. If you used the pre-generated softmod (xbl_ndure_installer)…

Use the File Explorer and navigate to E:\apps\evox. Run the default.xbe.
This will start EvoX. Select the Backup EEPROM option. Now reboot the
X-Box.

(from here on, this applies to both pregenerated and self-generated)
Configure your IP settings if necessary. Go to System -> Settings ->
Network.

FTP into the X-Box using its IP address (login = “xbox”,
password = “xbox”, without the quotes). From the FTP window,
navigate to c:\apps\evox. Transfer the entire “backup” folder to your
PC.

Now navigate to X:. There should be a C folder in there. This is your
original dashboard. Transfer this entire folder into the PC.

10. Creating a recovery toolkit CD (optional, but recommended).

Doing this will let you create a toolkit CD that can be used for future
softmodding, unsoftmodding, or upgrading of your hard disk.

Remember the “softmods” folder you created earlier? Hopefully you didn’t
delete it. If you did, you’ll have to repeat stages 3 and 4.

Delete the xbl.iso from the “softmods” folder. Copy the eeprom.bin from
the folder named “backup” (which you FTPed to your PC earlier) to the
“extras” sub-folder (this is the same place where you put the xbox.zip
or xpkg.zip file earler).

Zip up the C folder that you backed up just now (Note: the C folder
itself must be part of the zip, not just its sub-folders). Name this
zip “ms-c.zip” and put it in “extras”.

Run make_iso.bat to generate xbl.iso and burn the new xbl.iso. Note:
select a media type that the X-Box can access (DVD-R and CD-RW are
good choices) because this toolkit is capable of booting on both PCs
and X-Boxes.

—————————————————————————
Troubleshooting
—————————————————————————

– The keyboard/mouse doesn’t work in xbl.

If you have a USB mouse, you need to boot option 2 as
“2 xbl_ui_mouse=/dev/input/mice”.

If you have a serial mouse, you need to boot option 2 as
“2 xbl_ui_mouse=/dev/ttyS0” (this is if the mouse is on COM1, replace
ttyS0 with ttyS1 for COM2, ttyS2 for COM3 and ttyS3 for COM4).

If you have a USB keyboard/mouse and it doesn’t get detected, then the
hardware autodetection wasn’t able to pick it up. Try appending
“xbl_drv_list=usb-uhci,usb-ohci,ehci-hcd” (without the quotes) to the
boot option.

Firewire devices are not supported.

Note: the boot options are case-sensitive. ie xbl_ui_mouse is not the
same as XBL_UI_MOUSE or Xbl_UI_Mouse.

– The video appears garbled.

Your monitor probably doesn’t support the default display resolution
(800x600x16). Try overriding the default by appending
“xbl_ui_screen=640x480x16” (replace “640x480x16 by whatever mode that
your display supports).

– I can’t get the hard disk to unlock no matter what. What now?

Let the X-Box powerup fully. Put an audio CD in and select Music ->
Audio CD -> Copy. Rip one of the tracks to the hard disk and play it.
Pause the track. Now do the hotswap.

– I get errors about not being able being able to access extras/xbox.zip
on the CD/DVD.

You either forgot to copy xbox.zip to the “extras” folder before
creating the ISO or named it wrongly. Check the “extras” folder again.

– I get package verification errors when installing the dashboard
(uininstalling softmod) or when installing the softmod.

The zip files have the wrong file layout. Make sure the zip contains
the “C” folder and not just the sub-folders and files.

If the layout is correct. then your CD was improperly burnt, causing
corrupted files.

– I get disk full errors when the softmod files are being extracted.

Check the layout of the the xbox.zip. The C and E folders should be
part of the top-level file structure. eg. You should have something like
the following in the zip listing…

C\xodash\
C\xodash\ernie.xtf
C\xodash\XBox.xtf
… (more files here) …
C\xboxdash.xbe
C\xb0xdash.xbe
… (more files here) …
E\dash\default.xbe
E\dash\Config.xml
… (more files here) …
E\ndts\default.xbe
E\ndts\UnleashX.xbe
… (more files here) …

In other words, all the entries should start with either “C\” or “E\”.

– I’ve successfully installed the softmod, but I get an error on boot
(or the system freezes).

Make sure you’ve selected the correct kernel version when running the
Kingroach installer setup.

Check the layout of the the xbox.zip. The C and E folders should be
part of the top-level file structure. eg. You should have something like
the following in the zip listing…

C\xodash\
C\xodash\ernie.xtf
C\xodash\XBox.xtf
… (more files here) …
C\xboxdash.xbe
C\xb0xdash.xbe
… (more files here) …
E\dash\default.xbe
E\dash\Config.xml
… (more files here) …
E\ndts\default.xbe
E\ndts\UnleashX.xbe
… (more files here) …

In other words, all the entries should start with either “C\” or “E\”.

# ~ EOF ~ #

——————–

Tutorial by: X-Bugs