Xbox 360:JTAG/LPT Cable

This guide will walk you through obtaining NAND dumps, creating a patched dump, and writing it to the console using a LPT cable.

Equipment Needed

 * A PC with a 25 pin LPT/printer port. Generally, this port is purple colored.
 * A PC running Windows Vista or later.
 * A soldering iron, solder, and flux
 * Isopropyl alcohol (90% or higher recommended) and cotton swabs
 * 28AWG or 30AWG wire
 * Five 100ohm 1/2W resistors
 * A 1N914/4148 switching diode
 * A 25-pin male D-sub connector. This can be taken from an old parallel printer cable, but it will likely need to be taken apart to be re-wired.
 * (Recommended) A 25-pin D-sub connector hood. This will protect your cable from possible shorts and make the cable more permanent.
 * (Recommended) 2.54mm/0.1" male pin headers and wires with a female pin header so you can attach/detach LPT cable

Preparing the LPT Cable
If not using a printer cable, cut 7 wires to about 6 inches in length. It's recommended to use wires with a female pin header on the end so that the cable can be easily attached/detached from the motherboard. Using the diagram below, solder a 100ohm 1/2W resistor on pins 1, 2, 14, 16, 17 on the backside of the D-Sub connector. The direction of the resistor does not matter. Solder the wires onto the end of the resistors and the two other colored pins in the diagram. Keep in the mind that the diagram is showing the PC connector side, meaning that the diagram is accurate if you are looking at the backside of the D-Sub connector. Each point should be solidly connected so that a tug on the wire won't disconnect the wire.


 * If you have a full printer cable, you will need to cut off one end and check whether the pins on the male connector correspond to the wires inside. Some printer cables only have a few wires connected, so you may need to open it and move wires around via soldering onto the connector.



Once you've finished soldering, clean up any flux with isopropyl alcohol and cotton swabs.

Preparing the Motherboard

 * If you attached female pin headers on the LPT cable, solder a male pin header to the 1N914/4148 diode. Ensure that the side of the diode with the black line is faced away from the male pin header. Solder the side of the diode with the black line to the orange point on this diagram. Solder a male pin header to the rest of the points in the diagram. Each point should be solidly connected so that a tug on the wire won't disconnect the wire. You should now be able to plug your cable onto the motherboard and plug it into your powered off PC.


 * If you did not attach female pin headers on the LPT cable, use this diagram and solder the 1N914/4148 diode onto the wire on pin 11 (orange), ensuring that the side with the black line on it is faced away from the cable connector. Solder the side of the diode with the black line to the motherboard's orange point, and solder the rest of the cable's wires to the corresponding colors on the motherboard. Each point should be solidly connected so that a tug on the wire won't disconnect the wire. You should now be able to plug your cable onto the motherboard and plug it into your powered off PC.

Once you've finished soldering, clean up any flux with isopropyl alcohol and cotton swabs.

Reading the NAND

 * 1) Download and extract NandPro 3.0a.
 * 2) * If you are using a 64-bit system, download InpOutBinaries and extract it into the NandPro folder.
 * 3) * If you are using a 32-bit system, run `port95.exe` in the NandPro folder and install it.
 * 4) With your PC powered off, plug the LPT cable into its parallel port. It should be connected to both your Xbox 360 and the PC. Plug your Xbox 360 power supply in, but do not turn the console on.
 * 5) Press the Windows key + R and type "cmd" and press enter. In the Command Prompt, enter these commands. Replace the "16" with "64" if you have a 256MB or 512MB Jasper.
 * 6) * `cd Desktop\Nandpro30`
 * 7) * `nandpro lpt: -r16 original_nand1.bin`
 * 8) Press Enter and it will start dumping the NAND. It will increment a hexadecimal counter, starting at address 0000 and ending at 03FF (or 1900 for a 256MB/512MB Jasper). If it says "Could not detect flash controller!" or anything about missing CB/CD files, see the troubleshooting steps at the bottom of this page. If you get messages about bad blocks, ignore them. This will create a file called `original_nand1.bin` in NandPro folder. This process will take approximately 35 minutes for regular consoles, ~150 minutes for 256MB/512MB Jaspers. When it is finished, type the command again, changing the name of the dump as follows, again replacing the "16" with "64" if you have a 256MB or 512MB Jasper.
 * 9) * `nandpro lpt: -r16 original_nand2.bin`
 * 10) Download and extract J-Runner with Extras.
 * 11) Launch J-Runner. Select `...` next to the Load Source field and choose `original_nand1.bin`. Select "..." next to the Additional File field and choose `original_nand2.bin`. Press the "Nand Compare" button and it will list any bad blocks and tell you if the two dumps are an exact match. If they are, you can close J-Runner and proceed. If they aren't, take more dumps until you get matching ones.
 * 12) Copy one of the dumps to a safe place such as cloud storage or send it to yourself in an email to keep it safe. They are located in the `output` folder in the J-Runner directory.

Checking your CB
If you are on a dashboard below 7371, you can skip this section. If you are on dashboard 7371, you must to check to see if your CB is exploitable.

Open J-Runner again and select "..." next to the Load Source field and choose the `nanddump1.bin` file. On the right-hand side, note the value next to the `2BL [CB]` label. If your CB is on the list below, it is patched and your console is not JTAGable.

Modifying the Dump
Now that you've verified that your CB is exploitable, we will modify the dump.


 * 1) In J-Runner, select "..." next to the Load Source field and choose your `nanddump1.bin`. In the top right of the window, select the latest the dashboard version in the dropdown menu next to "Dash Version".
 * 2) * If you want to add a dashboard, extract it to the XeBuild folder inside your J-Runner directory, and restart J-Runner.
 * 3) Select the `Jtag` radio button in the top right of the window. If your motherboard is NOT a Xenon, put a check in the "Aud_Clamp?" box.
 * 4) In the top left of the window, select the button labeled "Create Xell-Reloaded". Ensure that your motherboard model is selected, and press OK. It will generate a `.bin` file (for example, `xenon.bin` or `jasper_hack_aud_clamp.bin`) in the `output` folder of your J-Runner directory.

Flashing the Dump

 * 1) Copy the generated `xxxxx.bin` (for example, `xenon.bin`) file into your Nandpro30 folder. Press the Windows key + R and type "cmd" and press enter. In the Command Prompt, enter these commands, replacing xxxxx with your file's name and replacing the "16" with a "64" if you are using a 256MB or 512MB Jasper:
 * 2) * `cd Desktop\Nandpro30`
 * 3) * `nandpro lpt: -w16 xxxxx.bin`
 * 4) Press Enter, and it will start writing the modified dump to your motherboard. It will increment a hexadecimal counter, starting at address 0000 and ending at 004F. If it says "Could not detect flash controller!", see the troubleshooting steps at the bottom of this page. This process will take approximately 3.5 minutes (~14 minutes for a 256MB / 512MB Jasper).
 * 5) Once it has successfully written to the motherboard, unplug the power cable from your Xbox 360 and unplug the LPT cable from the computer.
 * 6) Go back to the JTAG Hack page and continue at the start of the JTAG-Specific wiring section.

Troubleshooting

 * "Could not detect flash controller!" while dumping
 * 1) * Check that your power brick is plugged in, with an amber colored LED, and that it is plugged into your console completely (console turned off).
 * 2) * Check your motherboard soldering to make sure that you have wires, resistors, and the diode in the correct places. Each point should be solidly connected so that a tug on the wire won't disconnect the wire.
 * 3) * Check that the wiring on your LPT connector matches the diagram. The diagram shows *the PC's port*, which is the same as the *back* of the connector.
 * 4) * Check that you've cleaned up any flux you had used. Depending on the type, it may be conductive and cause issues.


 * What should I do if I ripped off a soldering pad?
 * 1) * Look online for an alternate point to solder onto. Practice more on junk electronics before attempting to continue.