Xbox 360:Getting Started: Difference between revisions

From ConsoleMods Wiki
Jump to navigation Jump to search
No edit summary
(Move the recommended exploit guide to the Getting Started page)
 
(11 intermediate revisions by 2 users not shown)
Line 2: Line 2:


[[Category:Xbox360]]
[[Category:Xbox360]]
Over the years, Xbox 360 consoles have had several motherboard revisions. It is important to identify the motherboard revision to see what exploits are compatible and work best with your console. The steps for the mod itself will also vary depending on the motherboard. The easiest way is to look at the motherboard's PSU connector (phat) or required amperage (phat or Slim). [https://octal450.github.io/identify/ Octal450's identification wizard] is a useful & user friendly tool for identifying an Xbox 360 motherboard. You can also view the '''[[Xbox_360:Buying_Guide|buying guide]]''' for more information on specific revisions.  
Over the years, Xbox 360 consoles have had several motherboard revisions. It is important to identify the motherboard revision to see what exploits are compatible and work best with your console. The steps for the mod itself will also vary depending on the motherboard. The easiest way is to look at the motherboard's PSU connector (phat) or required amperage (phat or Slim). [https://octal450.github.io/identify/ Octal450's identification wizard] is a useful & user friendly tool for identifying an Xbox 360 motherboard. You can view the '''[[Xbox_360:Buying_Guide|buying guide]]''' for more information on specific revisions and how to identify an Xbox 360's motherboard.  


==Identifying Your Motherboard ==
==Xbox 360 ("phat")==
 
===Power Supply Chart ===
[[File:Dcf9hQ4.png|none|thumb|762x762px|Motherboard Identification Chart]]
In some instances, used Xenons and Zephyrs may have the middle pin broken off (either intentionally or unintentionally). Pay close attention to the middle of the middle of the connector if you are unsure.
 
=== PCB Part Number ===
Xbox 360 motherboards come with part numbers on the PCB, which can be used to easily identify a motherboard revision. On phat motherboards, the part number will be on the bottom right next to the USB ports. On S/E motherboards, it is on the bottom left next to the Microsoft logo.
[[File:Xbox360pcbpartnumberID.png|none|frame|PCB Part Number location]]
 
===Identifying a Built-in Memory Unit===
 
Some Xbox 360 consoles come with a built in memory unit, which makes NAND backups require slightly different steps. You may want to back up any data on the memory unit, either in the dashboard or during a NAND dump. (Trinity slims came with a memory unit which was on a daughterboard, and the main NAND is 16MB like most motherboard revisions.)
 
You can see if a console has a built in memory unit by going in `Settings > System Settings > Storage` in the dashboard: <br>
[[File:360_Mem_Unit.webp|600px]]
 
If you have a Slim or E model with a Corona motherboard, you can also determine if it has a 4GB eMMC memory unit by looking at the flash chip: <br>
[[File:Corona_nand_comparison.jpg|600px]]
 
=== Identifying an Xbox 360 S's Motherboard ===
If you have an Xbox 360 S, you can easily identify a Trinity console with the listed ampridge on the rear sticker (Trinity consoles use 10.83A whereas Corona/Waitsburg consoles use 9.6A). Early slims with a glossy case came with a Trinity board and hard drive, but ones that came with a 4GB memory unit came with a matte case. Later on, Trinity consoles that shipped with hard drives were also switched to a matte case. 4GB Trinity slims had the memory unit on a daughterboard with the main NAND still being 16 MB.
 
Corona/Waitsburg consoles were always matte, weather they are a 4GB model or 250 GB HDD model.  4GB Corona/Waitsburg slims instead had the 4GB Memory Unit built onto the board as the main NAND, thus making NAND dumps require different tools and steps. When opening the console, Trinity motherboards also have several distinctive features compared to Corona boards.
[[File:TrinityVsCorona.jpg|none|thumb|700x700px|Trinity and Corona differences]]
If you have a Corona based console, you can identify if it's a Corona "V1/V2" or Waitsburg ("Corona V3/V4") using the provided images. The Waitsburg will have not have traces from the CPU going to POST, which means you will need a POSTFix adapter in order to successfully use RGH. 4GB models also have an eMMC without the Phison controller. If you have a Corona/Waitsburg console that has a 16 MB NAND, the only way to identify the revision is by taking off the CPU heatsink.
[[File:YVQf5D2.jpg|none|thumb|1302x1302px|Corona NAND Identification]]
[[File:Corona_POST.png|none|frame|Postfix Identification]]
 
===Identifying an Xbox 360 E's Motherboard===
Unfortunately, the Xbox 360 E doesn't have a way of checking the motherboard revision without at least partially tearing down the shell. However, you can take a shortcut by removing the top side panel next to the Wi-Fi card and look through the metal housing with a flashlight, like in the provided picture.
 
Winchester motherboards will have no CPU IHS and several less components than a Stingray. There's also no outline around the XCGPU. Consoles with a manufacture date of 07-2014 and AFTER are ''likely'' to be the non-modable Winchester motherboard.
 
Stingray motherboards ("Corona V5 [16 MB] & Corona V6 [4 GB]) are like Waitsburg motherboards in the Xbox 360 S, but with a few components removed like the AV port. They always need a postfix adapter.
[[File:5184821800_1418893002.jpg|none|thumb|700x700px|Corona vs. Winchester (sideview)]]
 
== Xbox 360 ("phat")==
[[File:Phat.png|300px]]
[[File:Phat.png|300px]]


If your console is running dashboard/kernel '''2.0.7371''' or lower, it will have access to [[Xbox_360:JTAG|the JTAG exploit]]. However, some Jasper consoles manufactured with 7371 were patched against the JTAG exploit, in which case their CB needs to be checked after a NAND dump.
If your console is running dashboard/kernel '''2.0.7371''' or lower, it will have access to [[Xbox_360:JTAG|the JTAG exploit]]. However, some Jasper consoles manufactured with 7371 were patched against the JTAG exploit, in which case their CB needs to be checked after a NAND dump. Referbished Xenon consoles with Elpis GPUs will also usually have a JTAG patched CB.


If your console's dashboard/kernel is ''above'' 2.0.7371 and/or has a patched CB, you can use [[Xbox_360:RGH|various RGH methods]]. '''2.0.14699''' and lower on Phats have access to RGH 1, but anything newer is also compatible with RGH 1.2, RGH 2 (non-Xenon), RGH 3, and EXT_CLK. The newer RGH methods can also be used on 14699 and older dashboard versions.
If your console's dashboard/kernel is ''above'' 2.0.7371 and/or has a patched CB, you can use [[Xbox_360:RGH|various Reset Glitch Hack methods]]. '''2.0.14699''' and lower on original consoles have access to RGH 1, but anything newer is also compatible with RGH 1.2, RGH 2 (non-Xenon), RGH 3, and EXT_CLK (Xenon/Zephyr). The newer RGH methods can also be used on 14699 and older dashboard versions.


[[Xbox_360:R-JTAG|R-JTAG]] requires dashboard/kernel '''2.0.14719''' or higher, and [[Xbox_360:R-JTOP|R-JTOP]] requires dashboard/kernel '''2.0.15572''' or higher.
There is also [[Xbox_360:R-JTAG|R-JTAG]] which requires dashboard/kernel '''2.0.14719''' or higher, and [[Xbox_360:R-JTOP|R-JTOP]] which requires dashboard/kernel '''2.0.15572''' or higher. They are essentially RGH but instead of glitching the CPU directly into a custom bootloader and into a modified NAND, they glitch the LDV check of the bootloader to boot into a JTAGable bootloader, and into a JTAG NAND. There is usually no need to use these methods over normal RGH, as they require more steps for little benefit.


Any DVD drive in a phat console can be flashed without soldering. However, the Lite-On DG-16D2S requires a probe tool to retreive the DVD key. If the console was JTAGed or RGHed, the DVD key can be retreived from XeLL.
Any DVD drive in an original console can be flashed without soldering. However, the Lite-On DG-16D2S requires a probe tool to retreive the DVD key without modifying the console's motherboard. If the console was JTAGed or RGHed, the DVD key can be retreived from XeLL.


All phat consoles are compatible with ODE devices, but you will need to extract the DVD key. Getting the DVD key is the same process as if you wanted to flash it.  
All original consoles are also compatible with [[Xbox 360:Optical Drive Emulators (ODEs)|ODEs]], but you will need to extract the DVD key. Getting the DVD key is the same process as if you wanted to flash it.  


==Xbox 360 S ("Slim")==
==Xbox 360 S ("Slim")==
[[File:Slim.png|300px]]
[[File:Slim.png|300px]]


Slims can use [[Xbox_360:RGH|most RGH methods]], but cannot use R-JTAG/JTOP or the original SMC JTAG exploit since the CB bootloader in Slim CPUs was split into two bootloaders, and aren't compatible with JTAGable Phat bootloaders. They also cannot use RGH 1.
S consoles can use [[Xbox_360:RGH|most RGH methods]], but cannot use R-JTAG/JTOP or the original SMC JTAG exploit since the CB bootloader in Slim CPUs aren't compatible with JTAGable Phat bootloaders. They also cannot use RGH 1.


Slim DVD drives are flashable if they came with a Lite-On DG-16D4S (usually came with Trinity consoles), but if they have a Hitachi DL10N (uncommon, but could come with any Slim motherboard) or DG-16D5S (usually Corona slims) you need to buy an aftermarket DVD drive PCB and RGH the console to get the DVD key. The PCB in Lite-On drives also have some of the wires soldered to the PCB, but the Hitachi drives instead have ribbon cables for all connections so replacing a Hitachi board is easier.
DVD drives from S consoles are flashable if they came with a Lite-On DG-16D4S (usually came with Trinity and some early Corona consoles), but if they have a Hitachi DL10N (uncommon, but could come with any Slim motherboard) or DG-16D5S (usually Corona/Waitsburg slims) you need to buy an aftermarket DVD drive PCB and RGH the console to get the DVD key. The PCB in Lite-On drives also have some of the wires soldered to the PCB, but the Hitachi drives instead have ribbon cables for all connections so replacing the PCB for a Slim Hitachi drive is easier.  
*DG-16D4S drives with MXIC flash need a probe tool like the phat D2S, but uses a different type of probe tool. '''It must be a probe tool for a Slim 16D4S. Do not use a probe tool intended for a 16D2S and vise versa.'''
*DG-16D4S drives with MXIC flash need a probe tool like the phat D2S, but uses a different type of probe tool. '''It must be a probe tool for a Slim 16D4S. Do not use a probe tool intended for a 16D2S and vise versa.'''
*Some DG-16D4S drives come with a "Windbond" flash chip [https://www.modchipcentral.com/store/images1/360identify/mtwin.jpg (example)] which requires the infamous Kamikaze mod in order to flash custom firmware. It involves drilling a specific area on the chip to unlock write permissions.
*Some DG-16D4S drives come with a "Windbond" flash chip [https://www.modchipcentral.com/store/images1/360identify/mtwin.jpg (example)] which requires the infamous Kamikaze mod in order to flash custom firmware. It involves drilling a specific area on the chip to unlock write permissions.


All Slim consoles are compatible with ODE devices, but you will need to extract the DVD key. If your console has a 16D5S or Hitachi DL10N, the only way to get the DVD key is to RGH the console.
All S consoles are compatible with [[Xbox 360:Optical Drive Emulators (ODEs)|ODE devices]], but you will need to extract the DVD key. If your console has a Lite-On DG-16D5S or Hitachi DL10N, the only way to get the DVD key is to RGH the console.


==Xbox 360 E==
==Xbox 360 E ==
[[File:E.png|300px]]
[[File:E.png|300px]]


Stingray motherboards in the 360 E are similar to Corona/Waitsburg motherboards in Slims, but with some features cut like the AV port and one of the USB ports. Thus they also need [[:File:5lY3TID.png|a postfix adapter]] like on Waitsburg Slims and have [[Xbox_360:RGH|the same RGH methods]] available.
Stingray motherboards in the 360 E are similar to Corona/Waitsburg motherboards in 360 S, but with some features cut like the AV port and one of the USB ports. Thus, they also need [[:File:5lY3TID.png|a postfix adapter]] like on Waitsburg Slims and have [[Xbox_360:RGH|the same RGH methods]] available.


DVD drives in Xbox 360 E's are usually a DG-16D5S, which are not flashable and the DVD key cannot be extracted. The same applies to the Hitachi DL10N. It is possible to get the DVD key with RGH, but flashing requires a PCB replacement. Slim Hitachi drives don't have any wires soldered to the PCB, so PCB replacements for those will be easier.
DVD drives in Xbox 360 E's are usually a DG-16D5S, which are not flashable and the DVD key cannot be extracted. The same applies to the Hitachi DL10N. It is possible to get the DVD key with RGH, but flashing requires a PCB replacement. S/E Hitachi drives don't have any wires soldered to the PCB, so PCB replacements for those will be easier.


Stringray Xbox 360 E's can also use ODEs, but you will need to RGH the console to get the DVD key.
Stringray Xbox 360 E's can use ODEs, but you will need to RGH the console to get the DVD key.


'''Winchester boards are not exploitable in any way. This includes RGH/JTAG, drive flashing, and ODEs.'''
'''Winchester boards are not exploitable in any way. This includes RGH/JTAG, drive flashing, and ODEs.'''


==Choosing what kind of hack to use==
==Choosing what kind of hack to use ==


===[[Xbox_360:RGH|RGH]]/[[Xbox_360:JTAG|JTAG]]===  
===[[Xbox_360:RGH|RGH]]/[[Xbox_360:JTAG|JTAG]]===  
*Various Reset Glitch Hack or JTAG methods will fully unlock the console for homebrew, emulators, digital game backups, region free DVD movies/games, etc.  
*Various Reset Glitch Hack or JTAG methods will fully unlock the console for homebrew, emulators, unencrypted game backups, region free DVD movies/games, running Linux, etc.
 
* Hacks that fully unlock the console like RGH or JTAG require soldering, and there is no software alternative.
 
==== Which RGH/JTAG method should I use? ====
The below chart highlights the ''recommended'' hack to use on each console. [[Xbox 360:Exploit Chart]] has a more detailed chart that shows many more RGH methods.
{| class="wikitable"
!Dashboard
!Xenon
!Zephyr
!Falcon/Opus<sup>1</sup>
! Jasper
! Tonasket<sup>5</sup>
!Trinity
!Corona
!Winchester
|-
|≤7371<sup>2</sup>
|[[Xbox 360:JTAG|JTAG]]
|[[Xbox 360:JTAG|JTAG]]
|[[Xbox 360:JTAG|JTAG]]
|[[Xbox 360:JTAG|JTAG]]
| N/A
|N/A
|N/A
|N/A
|-
|>7371
|[[Xbox 360:RGH/EXT CLK|EXT_CLK]]<sup>3</sup>
|[[Xbox 360:RGH/EXT CLK|EXT_CLK]]
| [[Xbox 360:RGH/RGH1.2|RGH1.2]]
| [[Xbox 360:RGH/RGH1.2|RGH1.2]]
|[[Xbox 360:RGH/RGH1.2|RGH1.2]]
|[[Xbox 360:RGH/RGH1.2|RGH1.2]]<sup>4</sup> or [[Xbox 360:RGH/RGH3|RGH3]]<sup>4</sup>
|[[Xbox 360:RGH/RGH1.2|RGH1.2]]<sup>4</sup> or [[Xbox 360:RGH/RGH3|RGH3]]<sup>4</sup>
| N/A
|}
<sup>1</sup> Opus is just Falcon without HDMI, so they are grouped togeather.
 
<sup>2</sup> [[Xbox 360:Standard NAND#(Phat Only) Checking your CB if it's JTAGable|Must check CB via NAND dump]] to see if it is JTAGable. Most - but not all - consoles under 7371 and some on 7371 have an unpatched CB. This mainly effects Jasper systems, as some were manufactured with a patched CB when brand new.


*Hacks that fully unlock the console like RGH or JTAG require soldering, and there is no software alternative.
<sup>3</sup> RGH is not currently working on Elpis Xenons with Samsung RAM. A solution is being investigated, but it works on all other Xenons with Infineon/Qimonda RAM.


*If you want to know which RGH/JTAG method to use, see the '''[[Xbox_360:Exploit Chart|recommended exploit chart]]''' to determine the best hack for your model or dashboard.
<sup>4</sup> Requires scraping solder mask off of a tiny point (more difficult). [[Xbox 360:RGH/S-RGH|S-RGH]] is a viable alternative that has easier soldering.


<sup>5</sup> Most Tonasket consoles are more commonly known as Jaspers with Kronos GPUs. RGH methods are the same, but are never JTAG exploitable.
===[[Xbox_360:Drive_Flashing|DVD Drive Flashing]]===
===[[Xbox_360:Drive_Flashing|DVD Drive Flashing]]===
*An Xbox 360 with a DVD drive flashed with custom firmware will allow you to play retail game backups with burned DVDs, but will not allow access to homebrew, emulators, game mods, backups of digital games, or even a region unlock.
*An Xbox 360 with a DVD drive flashed with custom firmware will allow you to play retail game backups with burned DVDs, but will not allow access to homebrew, emulators, game mods, backups of digital games, or even a region unlock.
Line 90: Line 93:
*DVD drive flashing with a any phat or Slim DG-16D4S DVD drive does not require any soldering unlike JTAG or the Reset Glitch Hack.
*DVD drive flashing with a any phat or Slim DG-16D4S DVD drive does not require any soldering unlike JTAG or the Reset Glitch Hack.


===[[Xbox_360:Optical_Drive_Emulators_(ODEs)|Optical Disc Emulator]]===  
===[[Xbox_360:Optical_Drive_Emulators_(ODEs)|Optical Disc Emulator]]===
*The Xbox 360 had a few optical disc emulators released for it, such as the [[Xbox_360:XK3Y_ODE|XK3Y ODE]], [[Xbox_360:Wasabi360|Wasabi360]], and [[Xbox_360:Boxzii_(X360DOCK)|Boxzii]]. These devices allowed you to play .iso dumps of retail games through USB or eSATA storage.
*The Xbox 360 had a few optical disc emulators released for it, such as the [[Xbox_360:XK3Y_ODE|XK3Y ODE]], [[Xbox_360:Wasabi360|Wasabi360]], and [[Xbox_360:Boxzii_(X360DOCK)|Boxzii]]. These devices allowed you to play .iso dumps of retail games through USB or eSATA storage.


Line 97: Line 100:
===[[Xbox_360:KK_Exploit|King Kong Exploit]]===
===[[Xbox_360:KK_Exploit|King Kong Exploit]]===


{{Note|This hack is not recommended as it is very limited and only for very old dashboards. It is just listed here for completeness.}}
{{Note|This hack is not recommended as it is very limited and only for very old dashboards. It is just listed here for completeness.}}  


*The King Kong Exploit used a modified copy of ''Peter Jackson's King Kong'' to allow the Xbox to boot into a Linux distribution. The KK exploit didn't allow access to homebrew outside of Linux.
* The King Kong Exploit used a modified copy of ''Peter Jackson's King Kong'' to allow the Xbox to boot into a Linux distribution. The KK exploit didn't allow access to homebrew outside of Linux.
* This exploit did not permanently modify the console's operating system, and the game had to be loaded every time you wanted to use Linux. Since you needed to boot into a game backup, the DVD drive needed to be flashed as well.
*This exploit did not permanently modify the console's operating system, and the game had to be loaded every time you wanted to use Linux.
*Since the exploit relies on booting a modified game, the console either needed a DVD drive with modified firmware or a hotswap method in order to boot it.
*The King Kong Exploit only worked on consoles with a '''2.0.4532''' or '''2.0.4548''' kernel/dashboard, and there's no method to downgrade a retail Xbox 360 to a kernel vulnerable to the KK exploit due to the CPU's eFuses.
*The King Kong Exploit only worked on consoles with a '''2.0.4532''' or '''2.0.4548''' kernel/dashboard, and there's no method to downgrade a retail Xbox 360 to a kernel vulnerable to the KK exploit due to the CPU's eFuses.

Latest revision as of 12:29, 1 May 2024

Over the years, Xbox 360 consoles have had several motherboard revisions. It is important to identify the motherboard revision to see what exploits are compatible and work best with your console. The steps for the mod itself will also vary depending on the motherboard. The easiest way is to look at the motherboard's PSU connector (phat) or required amperage (phat or Slim). Octal450's identification wizard is a useful & user friendly tool for identifying an Xbox 360 motherboard. You can view the buying guide for more information on specific revisions and how to identify an Xbox 360's motherboard.

Xbox 360 ("phat")

Phat.png

If your console is running dashboard/kernel 2.0.7371 or lower, it will have access to the JTAG exploit. However, some Jasper consoles manufactured with 7371 were patched against the JTAG exploit, in which case their CB needs to be checked after a NAND dump. Referbished Xenon consoles with Elpis GPUs will also usually have a JTAG patched CB.

If your console's dashboard/kernel is above 2.0.7371 and/or has a patched CB, you can use various Reset Glitch Hack methods. 2.0.14699 and lower on original consoles have access to RGH 1, but anything newer is also compatible with RGH 1.2, RGH 2 (non-Xenon), RGH 3, and EXT_CLK (Xenon/Zephyr). The newer RGH methods can also be used on 14699 and older dashboard versions.

There is also R-JTAG which requires dashboard/kernel 2.0.14719 or higher, and R-JTOP which requires dashboard/kernel 2.0.15572 or higher. They are essentially RGH but instead of glitching the CPU directly into a custom bootloader and into a modified NAND, they glitch the LDV check of the bootloader to boot into a JTAGable bootloader, and into a JTAG NAND. There is usually no need to use these methods over normal RGH, as they require more steps for little benefit.

Any DVD drive in an original console can be flashed without soldering. However, the Lite-On DG-16D2S requires a probe tool to retreive the DVD key without modifying the console's motherboard. If the console was JTAGed or RGHed, the DVD key can be retreived from XeLL.

All original consoles are also compatible with ODEs, but you will need to extract the DVD key. Getting the DVD key is the same process as if you wanted to flash it.

Xbox 360 S ("Slim")

Slim.png

S consoles can use most RGH methods, but cannot use R-JTAG/JTOP or the original SMC JTAG exploit since the CB bootloader in Slim CPUs aren't compatible with JTAGable Phat bootloaders. They also cannot use RGH 1.

DVD drives from S consoles are flashable if they came with a Lite-On DG-16D4S (usually came with Trinity and some early Corona consoles), but if they have a Hitachi DL10N (uncommon, but could come with any Slim motherboard) or DG-16D5S (usually Corona/Waitsburg slims) you need to buy an aftermarket DVD drive PCB and RGH the console to get the DVD key. The PCB in Lite-On drives also have some of the wires soldered to the PCB, but the Hitachi drives instead have ribbon cables for all connections so replacing the PCB for a Slim Hitachi drive is easier.

  • DG-16D4S drives with MXIC flash need a probe tool like the phat D2S, but uses a different type of probe tool. It must be a probe tool for a Slim 16D4S. Do not use a probe tool intended for a 16D2S and vise versa.
  • Some DG-16D4S drives come with a "Windbond" flash chip (example) which requires the infamous Kamikaze mod in order to flash custom firmware. It involves drilling a specific area on the chip to unlock write permissions.

All S consoles are compatible with ODE devices, but you will need to extract the DVD key. If your console has a Lite-On DG-16D5S or Hitachi DL10N, the only way to get the DVD key is to RGH the console.

Xbox 360 E

E.png

Stingray motherboards in the 360 E are similar to Corona/Waitsburg motherboards in 360 S, but with some features cut like the AV port and one of the USB ports. Thus, they also need a postfix adapter like on Waitsburg Slims and have the same RGH methods available.

DVD drives in Xbox 360 E's are usually a DG-16D5S, which are not flashable and the DVD key cannot be extracted. The same applies to the Hitachi DL10N. It is possible to get the DVD key with RGH, but flashing requires a PCB replacement. S/E Hitachi drives don't have any wires soldered to the PCB, so PCB replacements for those will be easier.

Stringray Xbox 360 E's can use ODEs, but you will need to RGH the console to get the DVD key.

Winchester boards are not exploitable in any way. This includes RGH/JTAG, drive flashing, and ODEs.

Choosing what kind of hack to use

RGH/JTAG

  • Various Reset Glitch Hack or JTAG methods will fully unlock the console for homebrew, emulators, unencrypted game backups, region free DVD movies/games, running Linux, etc.
  • Hacks that fully unlock the console like RGH or JTAG require soldering, and there is no software alternative.

Which RGH/JTAG method should I use?

The below chart highlights the recommended hack to use on each console. Xbox 360:Exploit Chart has a more detailed chart that shows many more RGH methods.

Dashboard Xenon Zephyr Falcon/Opus1 Jasper Tonasket5 Trinity Corona Winchester
≤73712 JTAG JTAG JTAG JTAG N/A N/A N/A N/A
>7371 EXT_CLK3 EXT_CLK RGH1.2 RGH1.2 RGH1.2 RGH1.24 or RGH34 RGH1.24 or RGH34 N/A

1 Opus is just Falcon without HDMI, so they are grouped togeather.

2 Must check CB via NAND dump to see if it is JTAGable. Most - but not all - consoles under 7371 and some on 7371 have an unpatched CB. This mainly effects Jasper systems, as some were manufactured with a patched CB when brand new.

3 RGH is not currently working on Elpis Xenons with Samsung RAM. A solution is being investigated, but it works on all other Xenons with Infineon/Qimonda RAM.

4 Requires scraping solder mask off of a tiny point (more difficult). S-RGH is a viable alternative that has easier soldering.

5 Most Tonasket consoles are more commonly known as Jaspers with Kronos GPUs. RGH methods are the same, but are never JTAG exploitable.

DVD Drive Flashing

  • An Xbox 360 with a DVD drive flashed with custom firmware will allow you to play retail game backups with burned DVDs, but will not allow access to homebrew, emulators, game mods, backups of digital games, or even a region unlock.
  • DVD drive flashing with a any phat or Slim DG-16D4S DVD drive does not require any soldering unlike JTAG or the Reset Glitch Hack.

Optical Disc Emulator

  • The Xbox 360 had a few optical disc emulators released for it, such as the XK3Y ODE, Wasabi360, and Boxzii. These devices allowed you to play .iso dumps of retail games through USB or eSATA storage.
  • ODEs have not been manufactured in a long time, and were expensive. Similarly to a flashed DVD drive, these didn't unlock the console for unsigned software and were only used for playing disc backups. They tend to not be very common on the used market either.

King Kong Exploit

Exclamation-circle-fill.svgThis hack is not recommended as it is very limited and only for very old dashboards. It is just listed here for completeness.


  • The King Kong Exploit used a modified copy of Peter Jackson's King Kong to allow the Xbox to boot into a Linux distribution. The KK exploit didn't allow access to homebrew outside of Linux.
  • This exploit did not permanently modify the console's operating system, and the game had to be loaded every time you wanted to use Linux.
  • Since the exploit relies on booting a modified game, the console either needed a DVD drive with modified firmware or a hotswap method in order to boot it.
  • The King Kong Exploit only worked on consoles with a 2.0.4532 or 2.0.4548 kernel/dashboard, and there's no method to downgrade a retail Xbox 360 to a kernel vulnerable to the KK exploit due to the CPU's eFuses.
Retrieved from "https://consolemods.org/wiki/index.php?title=Xbox_360:Getting_Started&oldid=42318"