Xbox 360:Getting Started: Difference between revisions

From ConsoleMods Wiki
Jump to navigation Jump to search
No edit summary
(Move the recommended exploit guide to the Getting Started page)
 
(30 intermediate revisions by 2 users not shown)
Line 1: Line 1:
[[Category:Xbox360]]
[[Category:Xbox360]]


== Identifying Your Motherboard ==
[[Category:Xbox360]]
Over the years, Xbox 360 consoles have had several motherboard revisions. It is important to identify the motherboard revision to see what exploits are compatible and work best with your console. The steps for the mod itself will also vary depending on the motherboard. The easiest way is to look at the motherboard's PSU connector (phat) or required amprage (phat or Slim).  
Over the years, Xbox 360 consoles have had several motherboard revisions. It is important to identify the motherboard revision to see what exploits are compatible and work best with your console. The steps for the mod itself will also vary depending on the motherboard. The easiest way is to look at the motherboard's PSU connector (phat) or required amperage (phat or Slim). [https://octal450.github.io/identify/ Octal450's identification wizard] is a useful & user friendly tool for identifying an Xbox 360 motherboard. You can view the '''[[Xbox_360:Buying_Guide|buying guide]]''' for more information on specific revisions and how to identify an Xbox 360's motherboard.  
 
=== Power Supply Chart ===
[[File:Dcf9hQ4.png]]
 
=== Identifying a Built-in Memory Unit ===
 
Some Xbox 360 consoles come with a built in memory unit, which makes NAND backups require slightly different steps. You may want to back up any data on the memory unit, either in the dashboard or during a NAND dump. (Trinity slims came with a memory unit which was on a daughterboard, and the main NAND is 16MB like most motherboard revisions.)
 
You can see if a console has a built in memory unit by going in `Settings > System Settings > Storage` in the dashboard: <br>
[[File:360_Mem_Unit.webp]]
 
If you have a Slim or E model with a Corona motherboard, you can also determine if it has a 4GB eMMC memory unit by looking at the flash chip: <br>
[[File:Corona_nand_comparison.jpg|639px]]
 
=== Identifying an Xbox 360 E's Motherboard ===
Unfortunately, the Xbox 360 E doesn't have a way of checking the motherboard revision without at least partially tearing down the shell. <br>
However, you can take a shortcut by removing the top side panel next to the Wi-Fi card and look through the metal housing with a flashlight:<br>
[[File:5184821800_1418893002.jpg|639px]]


==Xbox 360 ("phat")==
==Xbox 360 ("phat")==
[[File:Phat.png|300px]]
[[File:Phat.png|300px]]


Phat consoles with a white DVD tray and no HDMI were Xbox 360 Core models and shipped with Xenon boards and no hard drive or memory unit.  
If your console is running dashboard/kernel '''2.0.7371''' or lower, it will have access to [[Xbox_360:JTAG|the JTAG exploit]]. However, some Jasper consoles manufactured with 7371 were patched against the JTAG exploit, in which case their CB needs to be checked after a NAND dump. Referbished Xenon consoles with Elpis GPUs will also usually have a JTAG patched CB.


There were also Xbox 360 Arcade consoles, which had the white DVD tray like the Core but also had HDMI. Early Arcade consoles came with a Falcon motherboard and an external memory unit, but Jasper Arcades also had a larger 256MB (later changed to 512 MB) NAND to have a built in memory unit. They also didn't come with a hard drive. You can also see if a phat Xbox 360 has an internal memory unit by going in System Settings > Storage in the dashboard.
If your console's dashboard/kernel is ''above'' 2.0.7371 and/or has a patched CB, you can use [[Xbox_360:RGH|various Reset Glitch Hack methods]]. '''2.0.14699''' and lower on original consoles have access to RGH 1, but anything newer is also compatible with RGH 1.2, RGH 2 (non-Xenon), RGH 3, and EXT_CLK (Xenon/Zephyr). The newer RGH methods can also be used on 14699 and older dashboard versions.


Consoles with chrome DVD trays originally shipped with a hard drive. They can include various motherboards with or without HDMI, and with a 16 MB NAND.  
There is also [[Xbox_360:R-JTAG|R-JTAG]] which requires dashboard/kernel '''2.0.14719''' or higher, and [[Xbox_360:R-JTOP|R-JTOP]] which requires dashboard/kernel '''2.0.15572''' or higher. They are essentially RGH but instead of glitching the CPU directly into a custom bootloader and into a modified NAND, they glitch the LDV check of the bootloader to boot into a JTAGable bootloader, and into a JTAG NAND. There is usually no need to use these methods over normal RGH, as they require more steps for little benefit.


Retail Xenons, Zephyrs, and Falcons always have a 16 MB NAND. Phat developer consoles instead have a 64 MB NAND including Jaspers.
Any DVD drive in an original console can be flashed without soldering. However, the Lite-On DG-16D2S requires a probe tool to retreive the DVD key without modifying the console's motherboard. If the console was JTAGed or RGHed, the DVD key can be retreived from XeLL.


If your console is running dashboard/kernel '''2.0.7371''' or lower, it will have access to [[Xbox_360:JTAG|the JTAG exploit]]. However, some consoles with 7371 were patched against the JTAG exploit, in which case their CB needs to be checked after a NAND dump.
All original consoles are also compatible with [[Xbox 360:Optical Drive Emulators (ODEs)|ODEs]], but you will need to extract the DVD key. Getting the DVD key is the same process as if you wanted to flash it.  


If your console's dashboard/kernel is ''above'' 2.0.7371 and has a patched CB, you can use [[Xbox_360:RGH|various RGH methods]]. '''2.0.14699''' and lower on Phats have access to RGH 1, but anything newer can use RGH 1.2, RGH 2 (non-Xenon), RGH 3, and on Xenon/Zephyr, EXT_CLK.
==Xbox 360 S ("Slim")==
 
Any DVD drive in a phat console can be flashed without soldering. However, the Lite-On DG-16D2S requires a probe tool.
 
[[Xbox_360:R-JTAG|R-JTAG]] requires dashboard/kernel '''2.0.14719''' or higher, and [[Xbox_360:R-JTOP|R-JTOP]] requires dashboard/kernel '''2.0.15572''' or higher.
 
==Xbox 360 Slim==
[[File:Slim.png|300px]]
[[File:Slim.png|300px]]


Early slims with a glossy case came with a Trinity board and hard drive, but ones that came with a 4GB memory unit came with a matte case. Later on, Trinity consoles that shipped with hard drives were also switched to a matte case. Corona/Waitsburg consoles were always matte.  
S consoles can use [[Xbox_360:RGH|most RGH methods]], but cannot use R-JTAG/JTOP or the original SMC JTAG exploit since the CB bootloader in Slim CPUs aren't compatible with JTAGable Phat bootloaders. They also cannot use RGH 1.


4GB Trinity slims had the memory unit on a daughterboard with the main NAND still being 16 MB. 4GB Corona/Waitsburg slims instead had the eMMC built onto the board as the main NAND, thus making NAND dumps require different tools and steps.  
DVD drives from S consoles are flashable if they came with a Lite-On DG-16D4S (usually came with Trinity and some early Corona consoles), but if they have a Hitachi DL10N (uncommon, but could come with any Slim motherboard) or DG-16D5S (usually Corona/Waitsburg slims) you need to buy an aftermarket DVD drive PCB and RGH the console to get the DVD key. The PCB in Lite-On drives also have some of the wires soldered to the PCB, but the Hitachi drives instead have ribbon cables for all connections so replacing the PCB for a Slim Hitachi drive is easier.
*DG-16D4S drives with MXIC flash need a probe tool like the phat D2S, but uses a different type of probe tool. '''It must be a probe tool for a Slim 16D4S. Do not use a probe tool intended for a 16D2S and vise versa.'''
*Some DG-16D4S drives come with a "Windbond" flash chip [https://www.modchipcentral.com/store/images1/360identify/mtwin.jpg (example)] which requires the infamous Kamikaze mod in order to flash custom firmware. It involves drilling a specific area on the chip to unlock write permissions.


[[:File:Xbox_360_Trinity_Top.png|Trinity motherboards]] can be easily distinguished from [[:File:Xbox_360_Corona_with_POST-OUT_Top.png|Corona/Waitsburg motherboards]] by looking near the AV port to see if it has a HANA chip. <br>
All S consoles are compatible with [[Xbox 360:Optical Drive Emulators (ODEs)|ODE devices]], but you will need to extract the DVD key. If your console has a Lite-On DG-16D5S or Hitachi DL10N, the only way to get the DVD key is to RGH the console.
Corona has the HANA chip integrated in a [https://xenonlibrary.com/images/0/09/X850744-004.jpg new south bridge], which is another way to tell. [https://xenonlibrary.com/images/3/3f/X817692-001.jpg This is a Trinity's south bridge.] <br>
The Trinity boards will also have the J2C3 header vertically orientated.


Trinity devkits have a 512 MB NAND like Arcade Jaspers, but Corona devkits have a 4 GB eMMC like retail versions.
==Xbox 360 E ==
[[File:E.png|300px]]


In Q1 2012, Microsoft revised the Corona motherboards to Waitsburg motherboards and removed the traces for the POST_OUT solder pad. This means you need to use [[:File:5lY3TID.png|a postfix adapter]] on the XCGPU in order to have access to RGH, but are otherwise very similar to Corona.
Stingray motherboards in the 360 E are similar to Corona/Waitsburg motherboards in 360 S, but with some features cut like the AV port and one of the USB ports. Thus, they also need [[:File:5lY3TID.png|a postfix adapter]] like on Waitsburg Slims and have [[Xbox_360:RGH|the same RGH methods]] available.


Slims can use [[Xbox_360:RGH|most RGH methods]], but cannot use R-JTAG/JTOP or the original JTAG since their motherboards have no JTAG headers, and the CB in Slim CPUs patched JTAG by that point anyway. They also cannot use RGH 1 or EXT_CLK.
DVD drives in Xbox 360 E's are usually a DG-16D5S, which are not flashable and the DVD key cannot be extracted. The same applies to the Hitachi DL10N. It is possible to get the DVD key with RGH, but flashing requires a PCB replacement. S/E Hitachi drives don't have any wires soldered to the PCB, so PCB replacements for those will be easier.


Slim DVD drives are flashable if they came with a Lite-On DG-16D4S (these usually came with Trinity consoles and some early Coronas), but if they have a Hitachi DL10N (uncommon, but could come with any Slim/E motherboard) or DG-16D5S (usually Corona slims and most 360 E's) you need to buy an aftermarket DVD drive PCB and RGH the console to get the DVD key. The PCBs in Lite-On drives also have some of the wires soldered to the PCB.
Stringray Xbox 360 E's can use ODEs, but you will need to RGH the console to get the DVD key.
*DG-16D4S drives with MXIC flash need a probe tool like the phat D2S, but uses a different type of probe tool. '''It must be a probe tool for a Slim 16D4S. Do not use a probe tool intended for a 16D2S and vise versa.'''
*Some DG-16D4S drives come with a "Windbond" flash chip [https://www.modchipcentral.com/store/images1/360identify/mtwin.jpg (example)] which requires the infamous Kamikaze mod in order to flash custom firmware. It involves drilling a specific area on the chip to unlock write permissions.


==Xbox 360 E==
'''Winchester boards are not exploitable in any way. This includes RGH/JTAG, drive flashing, and ODEs.'''
[[File:E.png|300px]]
 
Just like the Slim, the 360 E also came with 16MB NAND (with hard drive) or 4GB eMMC SKUs. [[Xbox_360:Getting_Started#Identifying_a_Built-in_Memory_Unit|The flash type can be identified the same way as the 360 Slim motherboards]], either by looking at the flash chip or in the dashboard.
 
[[:File:Xbox_360_Winchester_Top.png|Winchester boards]] can be differentiated from [[:File:Xbox_360_Corona_Stingray_Top.png|Corona boards]] by [[Xbox_360:Getting_Started#Identifying_an_Xbox_360_E's_Motherboard|looking through the side vent with a flashlight]] or by looking at the motherboard/XCGPU itself. Winchester boards have much less components on them, and there's no outline around the XCGPU. The Winchester XCGPU also doesn't have an IHS. Consoles with a manufacture date of 07-2014 and AFTER are likely to be the non-modable Winchester motherboard. However, the manufacterer date won't guarantee the motherboard revision unless it's from 2015 or 2016, which is almost always gonna be a Winchester.


Corona motherboards in the 360 E (Stingray) are slimilar to Corona/Waitsburg motherboards in Slims, but with some features cut to have a lower price point for the console. Thus they also need [[:File:5lY3TID.png|a postfix adapter]] and have [[Xbox_360:RGH|the same RGH methods]] available.
==Choosing what kind of hack to use ==


DVD drives in Xbox 360 E's are usually a DG-16D5S, which are not flashable and the DVD key cannot be extracted. The same applies to the Hitachi DL10N. It is possible to get the DVD key with RGH, but flashing requires a PCB replacement.  
===[[Xbox_360:RGH|RGH]]/[[Xbox_360:JTAG|JTAG]]===
*Various Reset Glitch Hack or JTAG methods will fully unlock the console for homebrew, emulators, unencrypted game backups, region free DVD movies/games, running Linux, etc.


'''Winchester boards are not exploitable in any way. This includes RGH/JTAG, drive flashing, and ODEs.'''
* Hacks that fully unlock the console like RGH or JTAG require soldering, and there is no software alternative.


== Choosing what kind of hack to use ==
==== Which RGH/JTAG method should I use? ====
The below chart highlights the ''recommended'' hack to use on each console. [[Xbox 360:Exploit Chart]] has a more detailed chart that shows many more RGH methods.
{| class="wikitable"
!Dashboard
!Xenon
!Zephyr
!Falcon/Opus<sup>1</sup>
! Jasper
! Tonasket<sup>5</sup>
!Trinity
!Corona
!Winchester
|-
|≤7371<sup>2</sup>
|[[Xbox 360:JTAG|JTAG]]
|[[Xbox 360:JTAG|JTAG]]
|[[Xbox 360:JTAG|JTAG]]
|[[Xbox 360:JTAG|JTAG]]
| N/A
|N/A
|N/A
|N/A
|-
|>7371
|[[Xbox 360:RGH/EXT CLK|EXT_CLK]]<sup>3</sup>
|[[Xbox 360:RGH/EXT CLK|EXT_CLK]]
| [[Xbox 360:RGH/RGH1.2|RGH1.2]]
| [[Xbox 360:RGH/RGH1.2|RGH1.2]]
|[[Xbox 360:RGH/RGH1.2|RGH1.2]]
|[[Xbox 360:RGH/RGH1.2|RGH1.2]]<sup>4</sup> or [[Xbox 360:RGH/RGH3|RGH3]]<sup>4</sup>
|[[Xbox 360:RGH/RGH1.2|RGH1.2]]<sup>4</sup> or [[Xbox 360:RGH/RGH3|RGH3]]<sup>4</sup>
| N/A
|}
<sup>1</sup> Opus is just Falcon without HDMI, so they are grouped togeather.


=== [[Xbox_360:RGH|RGH]]/[[Xbox_360:JTAG|JTAG]] ===
<sup>2</sup> [[Xbox 360:Standard NAND#(Phat Only) Checking your CB if it's JTAGable|Must check CB via NAND dump]] to see if it is JTAGable. Most - but not all - consoles under 7371 and some on 7371 have an unpatched CB. This mainly effects Jasper systems, as some were manufactured with a patched CB when brand new.
{{Note|R-JTAG requires an R-JTAG chip or CR4 XL which aren't sold anymore, and tends to have slow boot times compared to RGH 1.0/1.2/3/S-RGH or R-JTOP. Thus, this specific exploit is not recommended over RGH/R-JTOP.}}
*Various Reset Glitch Hack or JTAG methods will fully unlock the console for homebrew, emulators, digital game backups, region free DVD movies/games, etc.  


*Hacks that fully unlock the console like RGH or JTAG require soldering, and there is no software alternative.
<sup>3</sup> RGH is not currently working on Elpis Xenons with Samsung RAM. A solution is being investigated, but it works on all other Xenons with Infineon/Qimonda RAM.


*If you want to know which RGH/JTAG method to use, see the [[Xbox_360:Exploit Chart|recommended exploit chart]] to determine the best hack for your model or dashboard.
<sup>4</sup> Requires scraping solder mask off of a tiny point (more difficult). [[Xbox 360:RGH/S-RGH|S-RGH]] is a viable alternative that has easier soldering.


=== [[Xbox_360:Drive_Flashing|DVD Drive Flashing]] ===
<sup>5</sup> Most Tonasket consoles are more commonly known as Jaspers with Kronos GPUs. RGH methods are the same, but are never JTAG exploitable.
* An Xbox 360 with a DVD drive flashed with custom firmware will allow you to play retail game backups with burned DVDs, but will not allow access to homebrew, emulators, game mods, backups of digital games, or even a region unlock.<br>
===[[Xbox_360:Drive_Flashing|DVD Drive Flashing]]===
*An Xbox 360 with a DVD drive flashed with custom firmware will allow you to play retail game backups with burned DVDs, but will not allow access to homebrew, emulators, game mods, backups of digital games, or even a region unlock.


* However, DVD drive flashing with a phat, Slim DG-16D4S, or Slim Hitachi (with aftermarket PCB) does not require any soldering unlike JTAG or the Reset Glitch Hack.
*DVD drive flashing with a any phat or Slim DG-16D4S DVD drive does not require any soldering unlike JTAG or the Reset Glitch Hack.


=== [[Xbox_360:Optical_Drive_Emulators_(ODEs)|Optical Disc Emulator]] ===
===[[Xbox_360:Optical_Drive_Emulators_(ODEs)|Optical Disc Emulator]]===
*The Xbox 360 had a few optical disc emulators released for it, such as the [[Xbox_360:XK3Y_ODE|XK3Y ODE]], [[Xbox_360:Wasabi360|Wasabi360]], and [[Xbox_360:Boxzii_(X360DOCK)|Boxzii]]. These devices allowed you to play .iso dumps of retail games through USB or eSATA storage.  
*The Xbox 360 had a few optical disc emulators released for it, such as the [[Xbox_360:XK3Y_ODE|XK3Y ODE]], [[Xbox_360:Wasabi360|Wasabi360]], and [[Xbox_360:Boxzii_(X360DOCK)|Boxzii]]. These devices allowed you to play .iso dumps of retail games through USB or eSATA storage.


*ODEs have not been manufactured in a long time, and were expensive. Similarly to a flashed DVD drive, these didn't unlock the console for unsigned software and were only used for playing disc backups. They tend to not be very common on the used market either.
*ODEs have not been manufactured in a long time, and were expensive. Similarly to a flashed DVD drive, these didn't unlock the console for unsigned software and were only used for playing disc backups. They tend to not be very common on the used market either.


=== [[Xbox_360:KK_Exploit|King Kong Exploit]] ===
===[[Xbox_360:KK_Exploit|King Kong Exploit]]===


{{Note|This hack is not recommended as it is very limited and only for very old dashboards. It is just listed here for completeness.}}
{{Note|This hack is not recommended as it is very limited and only for very old dashboards. It is just listed here for completeness.}}  


*The King Kong Exploit used a modified copy of ''Peter Jackson's King Kong'' to allow the Xbox to boot into a Linux distribution. The KK exploit didn't allow access to homebrew outside of Linux.
* The King Kong Exploit used a modified copy of ''Peter Jackson's King Kong'' to allow the Xbox to boot into a Linux distribution. The KK exploit didn't allow access to homebrew outside of Linux.
*This exploit did not permanently modify the console's operating system, and the game had to be loaded every time you wanted to use Linux. Since you needed to boot into a game backup, the DVD drive needed to be flashed as well.
*This exploit did not permanently modify the console's operating system, and the game had to be loaded every time you wanted to use Linux.
*Since the exploit relies on booting a modified game, the console either needed a DVD drive with modified firmware or a hotswap method in order to boot it.
*The King Kong Exploit only worked on consoles with a '''2.0.4532''' or '''2.0.4548''' kernel/dashboard, and there's no method to downgrade a retail Xbox 360 to a kernel vulnerable to the KK exploit due to the CPU's eFuses.
*The King Kong Exploit only worked on consoles with a '''2.0.4532''' or '''2.0.4548''' kernel/dashboard, and there's no method to downgrade a retail Xbox 360 to a kernel vulnerable to the KK exploit due to the CPU's eFuses.

Latest revision as of 12:29, 1 May 2024

Over the years, Xbox 360 consoles have had several motherboard revisions. It is important to identify the motherboard revision to see what exploits are compatible and work best with your console. The steps for the mod itself will also vary depending on the motherboard. The easiest way is to look at the motherboard's PSU connector (phat) or required amperage (phat or Slim). Octal450's identification wizard is a useful & user friendly tool for identifying an Xbox 360 motherboard. You can view the buying guide for more information on specific revisions and how to identify an Xbox 360's motherboard.

Xbox 360 ("phat")

Phat.png

If your console is running dashboard/kernel 2.0.7371 or lower, it will have access to the JTAG exploit. However, some Jasper consoles manufactured with 7371 were patched against the JTAG exploit, in which case their CB needs to be checked after a NAND dump. Referbished Xenon consoles with Elpis GPUs will also usually have a JTAG patched CB.

If your console's dashboard/kernel is above 2.0.7371 and/or has a patched CB, you can use various Reset Glitch Hack methods. 2.0.14699 and lower on original consoles have access to RGH 1, but anything newer is also compatible with RGH 1.2, RGH 2 (non-Xenon), RGH 3, and EXT_CLK (Xenon/Zephyr). The newer RGH methods can also be used on 14699 and older dashboard versions.

There is also R-JTAG which requires dashboard/kernel 2.0.14719 or higher, and R-JTOP which requires dashboard/kernel 2.0.15572 or higher. They are essentially RGH but instead of glitching the CPU directly into a custom bootloader and into a modified NAND, they glitch the LDV check of the bootloader to boot into a JTAGable bootloader, and into a JTAG NAND. There is usually no need to use these methods over normal RGH, as they require more steps for little benefit.

Any DVD drive in an original console can be flashed without soldering. However, the Lite-On DG-16D2S requires a probe tool to retreive the DVD key without modifying the console's motherboard. If the console was JTAGed or RGHed, the DVD key can be retreived from XeLL.

All original consoles are also compatible with ODEs, but you will need to extract the DVD key. Getting the DVD key is the same process as if you wanted to flash it.

Xbox 360 S ("Slim")

Slim.png

S consoles can use most RGH methods, but cannot use R-JTAG/JTOP or the original SMC JTAG exploit since the CB bootloader in Slim CPUs aren't compatible with JTAGable Phat bootloaders. They also cannot use RGH 1.

DVD drives from S consoles are flashable if they came with a Lite-On DG-16D4S (usually came with Trinity and some early Corona consoles), but if they have a Hitachi DL10N (uncommon, but could come with any Slim motherboard) or DG-16D5S (usually Corona/Waitsburg slims) you need to buy an aftermarket DVD drive PCB and RGH the console to get the DVD key. The PCB in Lite-On drives also have some of the wires soldered to the PCB, but the Hitachi drives instead have ribbon cables for all connections so replacing the PCB for a Slim Hitachi drive is easier.

  • DG-16D4S drives with MXIC flash need a probe tool like the phat D2S, but uses a different type of probe tool. It must be a probe tool for a Slim 16D4S. Do not use a probe tool intended for a 16D2S and vise versa.
  • Some DG-16D4S drives come with a "Windbond" flash chip (example) which requires the infamous Kamikaze mod in order to flash custom firmware. It involves drilling a specific area on the chip to unlock write permissions.

All S consoles are compatible with ODE devices, but you will need to extract the DVD key. If your console has a Lite-On DG-16D5S or Hitachi DL10N, the only way to get the DVD key is to RGH the console.

Xbox 360 E

E.png

Stingray motherboards in the 360 E are similar to Corona/Waitsburg motherboards in 360 S, but with some features cut like the AV port and one of the USB ports. Thus, they also need a postfix adapter like on Waitsburg Slims and have the same RGH methods available.

DVD drives in Xbox 360 E's are usually a DG-16D5S, which are not flashable and the DVD key cannot be extracted. The same applies to the Hitachi DL10N. It is possible to get the DVD key with RGH, but flashing requires a PCB replacement. S/E Hitachi drives don't have any wires soldered to the PCB, so PCB replacements for those will be easier.

Stringray Xbox 360 E's can use ODEs, but you will need to RGH the console to get the DVD key.

Winchester boards are not exploitable in any way. This includes RGH/JTAG, drive flashing, and ODEs.

Choosing what kind of hack to use

RGH/JTAG

  • Various Reset Glitch Hack or JTAG methods will fully unlock the console for homebrew, emulators, unencrypted game backups, region free DVD movies/games, running Linux, etc.
  • Hacks that fully unlock the console like RGH or JTAG require soldering, and there is no software alternative.

Which RGH/JTAG method should I use?

The below chart highlights the recommended hack to use on each console. Xbox 360:Exploit Chart has a more detailed chart that shows many more RGH methods.

Dashboard Xenon Zephyr Falcon/Opus1 Jasper Tonasket5 Trinity Corona Winchester
≤73712 JTAG JTAG JTAG JTAG N/A N/A N/A N/A
>7371 EXT_CLK3 EXT_CLK RGH1.2 RGH1.2 RGH1.2 RGH1.24 or RGH34 RGH1.24 or RGH34 N/A

1 Opus is just Falcon without HDMI, so they are grouped togeather.

2 Must check CB via NAND dump to see if it is JTAGable. Most - but not all - consoles under 7371 and some on 7371 have an unpatched CB. This mainly effects Jasper systems, as some were manufactured with a patched CB when brand new.

3 RGH is not currently working on Elpis Xenons with Samsung RAM. A solution is being investigated, but it works on all other Xenons with Infineon/Qimonda RAM.

4 Requires scraping solder mask off of a tiny point (more difficult). S-RGH is a viable alternative that has easier soldering.

5 Most Tonasket consoles are more commonly known as Jaspers with Kronos GPUs. RGH methods are the same, but are never JTAG exploitable.

DVD Drive Flashing

  • An Xbox 360 with a DVD drive flashed with custom firmware will allow you to play retail game backups with burned DVDs, but will not allow access to homebrew, emulators, game mods, backups of digital games, or even a region unlock.
  • DVD drive flashing with a any phat or Slim DG-16D4S DVD drive does not require any soldering unlike JTAG or the Reset Glitch Hack.

Optical Disc Emulator

  • The Xbox 360 had a few optical disc emulators released for it, such as the XK3Y ODE, Wasabi360, and Boxzii. These devices allowed you to play .iso dumps of retail games through USB or eSATA storage.
  • ODEs have not been manufactured in a long time, and were expensive. Similarly to a flashed DVD drive, these didn't unlock the console for unsigned software and were only used for playing disc backups. They tend to not be very common on the used market either.

King Kong Exploit

Exclamation-circle-fill.svgThis hack is not recommended as it is very limited and only for very old dashboards. It is just listed here for completeness.


  • The King Kong Exploit used a modified copy of Peter Jackson's King Kong to allow the Xbox to boot into a Linux distribution. The KK exploit didn't allow access to homebrew outside of Linux.
  • This exploit did not permanently modify the console's operating system, and the game had to be loaded every time you wanted to use Linux.
  • Since the exploit relies on booting a modified game, the console either needed a DVD drive with modified firmware or a hotswap method in order to boot it.
  • The King Kong Exploit only worked on consoles with a 2.0.4532 or 2.0.4548 kernel/dashboard, and there's no method to downgrade a retail Xbox 360 to a kernel vulnerable to the KK exploit due to the CPU's eFuses.
Retrieved from "https://consolemods.org/wiki/index.php?title=Xbox_360:Getting_Started&oldid=42318"