[TUTORIAL] How to jtag your xbox360

Bullet May 18, 2010

  1. Bu

    Bullet Guest

    step 1
    Finding out if your Xbox is exploitable.

    Your kernel must be kernel 2.0.7371.0 or lower for this to work. You can do this by opening up the system info tab. After there is one more step to check if it still is exploitable, but you have to build your cable to dump your nand first.

    step 2
    Getting your parts

    Soldering iron
    Computer with LPT port.

    1x 25 pin d-sub connector (male or female depending on which kind of cable you have)
    Digikey # 225FE-ND

    1x 25 pin d-sub cable (lpt cable) You can actually skip the cable if you buy a male connector and make your wires long enough to extend from your xbox to the computer
    Digikey # AE9863-ND

    3x 330 ohm resistors (only for Xenon motherboards)
    Digikey # P330BBCT-ND

    1x 1n4148 switching diode (if you have Zephyr, Falcon, Opus or a Jasper get 3x of these)

    There has been a new update to the standard wiring you should use for the JTAG wiring on Xenon's which requires just 2x 1n4148 diodes. I've never used this method before so I can't really help as much if you have problems. But I would suggest going with it instead since it is supposed to be electrically superior and uses less parts so less room for failure I guess.

    step 3

    Soldering the cable


    Download the files nandpro (its in the downloads section)
    Extract the rar, and open up the nandpro folder
    install port95nt.exe (if running vista or 7 set it for compatibility mode for xp.)
    Plug your Xbox 360 in, but don't power it on.
    Plug the lpt cable in
    Pop open cmd and change directories to your nandpro folder
    type nandpro lpt: -r16 nand.bin
    It will start to dump, this will take 35 minutes
    Type nandpro lpt: -r16 nand2.bin and dump it a second time.

    If during the dump it has trouble reading blocks, don't worry. You only have a problem if can't read block after block, which means something went wrong in the middle of the dump and you have to restart it again.

    If you are having issues having nandpro detecting it, go over and double check all of your soldering. If you skipped out on the diode, try adding one, and just restarting your computer has fixed the issue quite a few times for me. You also want to make sure your cable is short as possible.

    step 5

    Testing if its exploitable or not

    You're going to want to open up degraded included in the file pack. Go to settings and under 1BL key make sure it says DD88AD0C9ED669E7B56794FB68563EFA and is checked. You are also going to want to change file system start to 39.

    Open up your nand dump and look at the CB version

    If your CB is the following you're in luck!

    Xenon: 888, 1902, 1903, 1920,1921, 8192
    Zephyr: 4558, 4580
    Falcon: 5761, 5766, 5770
    Jasper: 6712, 6723
    Jasper Arcade (256/512): 6723 or lower is Exploitable

    If you are unsure if yours is exploitable, you can also check if CD = 8453, if it does you're out of luck.

    step 6

    Extracting the keyvault, injecting and flashing XBR

    Select the proper XBR for your motherboard included in the rar file and put it in your nandpro folder. Rename it to xbr.bin to make things easier.

    Open up cmd, navigate to your nandpro folder and type

    nandpro nand.bin: -r16 kv.bin 1 1
    nandpro nand.bin: -r16 config.bin 3de 2

    Then typenandpro xbr.bin: -w16 kv.bin 1 1
    nandpro xbr.bin: -w16 config.bin 3de 2

    Now for the flashing!

    Just type and wait 35 minutes
    nandpro lpt: -w16 xbr.bin

    step 7

    Getting your cpu key

    Reassemble your 360, and boot your 360 with the DVD drive ejected. Or if you don't have a DVD drive you can plug in a wired controller into the back usb port.

    You should see a blue screen pop up and whole bunch of things fly by. When it says CPU fuses, your either going to want to write really fast or snap a picture.

    fuseset 3 and 5 or 4 and 6 is your cpu key.

    So if it said
    fuseset 03: xxxxxxxxxxxxxxxx
    fuseset 05: yyyyyyyyyyyyyyyy

    My CPU key would be xxxxxxxxxxxxxxxxyyyyyyyyyyyyyyyy

    It should 32 characters.

  2. splatsters

    splatsters PS3 Section Mod Gold Subscriber

    Jan 27, 2010
    Likes Received:
    Trophy Points:
    In the bush like a pepping tom
    Or click on shops look for jtags_r_me and click purchase :)
  3. •Σиïgмλ•

    •Σиïgмλ• The Walrus Of Love XPG Developer Lifetime Gold

    Jul 29, 2009
    Likes Received:
    Trophy Points:

    saves all the headfuck and is well worth it

    if ya need a top notch jtag that runs like a dream well Splats is ya man

Share This Page