Xbox One:Scene History: Difference between revisions

From ConsoleMods Wiki
Jump to navigation Jump to search
(Add mentions of privleage escalation exploits for Dev Mode)
No edit summary
 
(10 intermediate revisions by 3 users not shown)
Line 43: Line 43:
'''September 19th''': Xbox One Research [https://xboxoneresearch.github.io/wiki/exploits/external-vbi-loading/ releases] a method to load a custom Virtual Boot Image (VBI) upon boot, which is a sort of pre-loader for the guest OS.
'''September 19th''': Xbox One Research [https://xboxoneresearch.github.io/wiki/exploits/external-vbi-loading/ releases] a method to load a custom Virtual Boot Image (VBI) upon boot, which is a sort of pre-loader for the guest OS.


'''November 9th''': Xbox One Research [https://xboxoneresearch.github.io/wiki/exploits/devmode-unattended-utilities/ releases] a Dev Mode privlage elevation exploit that leverages `UnattendedUtilities` to gain access to an admin account. It was patched on 10 days later with update `10.0.18363.8119 (19h1_release_xbox_dev_1911.18363.8119.191119-1135)`.
'''November 9th''': Xbox One Research [https://xboxoneresearch.github.io/wiki/exploits/devmode-unattended-utilities/ releases] a Dev Mode privlage elevation exploit that leverages `UnattendedUtilities` to gain access to an admin account. It was patched 10 days later with update `10.0.18363.8119 (19h1_release_xbox_dev_1911.18363.8119.191119-1135)`.


'''December 22nd''': TitleOSDev [https://github.com/TitleOS/ToastMyConsole releases] a WinJS exploit called ToastMyConsole. At a later unknown date, he also published a writeup on how it can allow Remote Code Execution (RCE) through Xbox Live messages.
'''December 22nd''': TitleOSDev [https://github.com/TitleOS/ToastMyConsole releases] a WinJS exploit called ToastMyConsole. At a later unknown date, he also [https://titleos.dev/xploring-xbox/ published a writeup] on how it can allow Remote Code Execution (RCE) through Xbox Live messages.


==2020==
==2020==
'''April 5th''': [https://titleos.dev/xploring-xbox/ TitleOSDev finds] that you can use the `File:\\` protocol in Edge to download any system file to the Downloads folder to be opened with the File Browser application.
'''July 16th''': Microsoft announces they are no longer manufacturing the Xbox One X and Xbox One S All-Digital Edition consoles.


'''September 15th''': OsirisX [https://www.youtube.com/watch?v=yOdLmBk03sM releases a video] demonstrating a method to launch Edge browser in an offline mode on retail consoles.  
'''September 15th''': OsirisX [https://www.youtube.com/watch?v=yOdLmBk03sM releases a video] demonstrating a method to launch Edge browser in an offline mode on retail consoles.  
Line 53: Line 57:
'''September 30th''': Two versions of the Xbox 360 emulator on Xbox One (XEO3 / emu.exe) were extracted from a plain text xvdp file.
'''September 30th''': Two versions of the Xbox 360 emulator on Xbox One (XEO3 / emu.exe) were extracted from a plain text xvdp file.


== 2023 ==
==2023==
'''September 9th:''' Kudayasu [https://github.com/Kudayasu/Artifice/releases/tag/v1.2.0 releases] a privilege escalation exploit for Dev Mode, granting access to an admin account in SystemOS by exploiting the OpenSSH service. It is still unpatched at this time.
 
'''January 18th''': XBONEmu, later renamed to [https://github.com/WinDurango-project/WinDurango WinDurango], a translation layer application to run Xbox One/Series games on PC, is created on GitHub.
 
'''September 9th''': Kudayasu releases [https://kudayasu.github.io/an-autopsy-of-artifice/ Artifice], a privilege escalation exploit for Dev Mode, granting access to an admin account in SystemOS by exploiting the OpenSSH service. It is still unpatched at this time.
 
==2024==
 
'''May 11th''': Xbox One Research releases a method to [https://torushyperv.github.io/xb1-xdk-activation-trick/xb1-xdk-activation-trick.html permanently activate Xbox One ERA XDK units].
 
'''May 11th''': User onebawbag [https://twitter.com/onebawbag/status/1789333419261821032 on Twitter] successfully dumps Xbox One / Series game.
 
'''May 12th''': User Doom on the Obscure Gamers discord successfully achieves code execution on the Xbox One's bootrom (0SP), as described in this [https://twitter.com/notnotzecoxao/status/1789845232382517330 twitter thread].
 
'''May 15th''': Xbox One Research reveals a GameOS exploit and game dumping method in more detail on their blog, titled: "[https://xboxoneresearch.github.io/games/2024/05/15/xbox-dump-games.html Durango Dumplings]" up to firmware version 4478.
 
'''June 8th''': carrot_c4k3 / Emma joins Xbox One Research and, together with Landaire, [https://xboxoneresearch.github.io/wiki/exploits/game-script-code-exec/ publishes a proof of concept] for an exploit for the "Game Script" App, used as an entry point to exploiting SystemOS up to firmware version 4909.
 
'''June 12th''': The game to exploit GameOS easily and dump Games via "Durango Dumplings V1" is revealed - "Warhammer: Vermintide 2".
 
'''July 22nd''': Two new [[Xbox_360:Xenon_Fusion_Emulator|xefu files]], xefu2019 and xefu2021c, are found.
 
'''July 27th''': [https://github.com/xboxoneresearch/SharpShell SharpShell], a bootstrapper to allow PowerShell to run on Xbox One/Series consoles, is released by xboxoneresearch.
 
'''August 15th''': [https://xboxoneresearch.github.io/news/2024/08/15/news-recap.html Durango Dumplings v2 (Monosodium glutamate edition)] is released, allowing game dumping on 4478, 4908, and 4909. This removes restrictions from V1 including the 2GB minimum size, 39GB maximum size, and breaking of games after they are dumped.
 
'''August 26th''': A new [[Xbox_360:Xenon_Fusion_Emulator|xefu file]], xefu2021a, is found.
 
'''September 8th''': [https://x.com/xwineone/status/1832740078658974168 XWine1], a translation layer application to run Xbox One/Series games on PC, is announced with six compatible titles.


==Unknown==
'''September 14th''': A new [[Xbox_360:Xenon_Fusion_Emulator|xefu file]], xefu2021b, [https://x.com/DerfJagged/status/1835092871025741847 is found].


* [https://titleos.dev/xploring-xbox/ TitleOSDev finds] that you can use the `File:\\` protocol in Edge to download any system file to the Downloads folder to be opened with the File Browser application.
'''October 3rd''': A new [https://x.com/DerfJagged/status/1841857616340733971 Xbox Game Dumping Pack] is announced to make the Durango Dumplings v2 method menu-driven with significant reductions in the amount of time needed to dump games.

Latest revision as of 19:21, 6 October 2024

This page outlines major points in the Xbox One's history, including both official historical points and the Xbox One hacking scene's milestones.

If you like this article, see The History of the Xbox Scene and The History of the Xbox 360 Scene pages

2013

May 21st: Microsoft announces the Xbox One.

June 6th: Microsoft announces that the Xbox One must be connected to the Internet every 24 hours, game discs cannot be used on multiple consoles, and that the Kinect must always be connected. After severe backlash citing DRM overreach concerns and issues surrounding people lacking a reliable internet connection, this decision was reversed.

November 16th: C4eva dumps the first Xbox One game.

November 25th: The Xbox One NAND is dumped.

November 29th: Juvenal releases a method for upgrading the Xbox One hard drive to 1TB.

December 8th: Tuxuser releases Xbox One NAND Filesystem Tool, a program which displays various information about a NAND dump.

December 24th: Swizzy posts a method to dump Xbox One games.

December 26th: Team Xecuter releases a guide on how to read and write the Xbox One NAND, and shows pictures of an adapter to do so.

2014

March 13th: An anonymous individual creates a driver to enable Xbox One controller support on PC.

May 27th: Angerwound releases application to browse external storage devices formatted by the Xbox One.

2017

March 28th: Unknownv2 releases a Proof of Concept demonstrating the ability to use CVE-2016-7200 and CVE-2016-7201 ("Chakra" by brianairb) on the Xbox One to leak memory addresses. Last working in dashboard 10.0.14393.2152.

June 2nd: Xenomega releases Xbox One Symbolic Link Exploit, which had been patched on 5/5/2017 with update 10.0.15063.2022 (RS2_RELEASE_XBOX_1704.170501-1052). It describes how the Xbox One File Explorer does not check if a path is a symbolic link elsewhere, allowing an attacker to browse/read/write to mounted volumes which are normally restricted. This vulnerability allows an individual to obtain game saves from their consoles, modify them by hand, then inject them back into the filesystem.

June 13th: Team Vantage releases Vantage, a tool that connects to your Xbox One cloud save system and allows modification of game saves (cloud save access method no longer working).

2018

June 11th: Xbox One Research releases a privilege escalation exploit for Dev Mode, granting access to an admin account in SystemOS through a VSProfiling account.

2019

September 19th: Xbox One Research releases a method to load a custom Virtual Boot Image (VBI) upon boot, which is a sort of pre-loader for the guest OS.

November 9th: Xbox One Research releases a Dev Mode privlage elevation exploit that leverages UnattendedUtilities to gain access to an admin account. It was patched 10 days later with update 10.0.18363.8119 (19h1_release_xbox_dev_1911.18363.8119.191119-1135).

December 22nd: TitleOSDev releases a WinJS exploit called ToastMyConsole. At a later unknown date, he also published a writeup on how it can allow Remote Code Execution (RCE) through Xbox Live messages.

2020

April 5th: TitleOSDev finds that you can use the File:\\ protocol in Edge to download any system file to the Downloads folder to be opened with the File Browser application.

July 16th: Microsoft announces they are no longer manufacturing the Xbox One X and Xbox One S All-Digital Edition consoles.

September 15th: OsirisX releases a video demonstrating a method to launch Edge browser in an offline mode on retail consoles.

September 30th: Two versions of the Xbox 360 emulator on Xbox One (XEO3 / emu.exe) were extracted from a plain text xvdp file.

2023

January 18th: XBONEmu, later renamed to WinDurango, a translation layer application to run Xbox One/Series games on PC, is created on GitHub.

September 9th: Kudayasu releases Artifice, a privilege escalation exploit for Dev Mode, granting access to an admin account in SystemOS by exploiting the OpenSSH service. It is still unpatched at this time.

2024

May 11th: Xbox One Research releases a method to permanently activate Xbox One ERA XDK units.

May 11th: User onebawbag on Twitter successfully dumps Xbox One / Series game.

May 12th: User Doom on the Obscure Gamers discord successfully achieves code execution on the Xbox One's bootrom (0SP), as described in this twitter thread.

May 15th: Xbox One Research reveals a GameOS exploit and game dumping method in more detail on their blog, titled: "Durango Dumplings" up to firmware version 4478.

June 8th: carrot_c4k3 / Emma joins Xbox One Research and, together with Landaire, publishes a proof of concept for an exploit for the "Game Script" App, used as an entry point to exploiting SystemOS up to firmware version 4909.

June 12th: The game to exploit GameOS easily and dump Games via "Durango Dumplings V1" is revealed - "Warhammer: Vermintide 2".

July 22nd: Two new xefu files, xefu2019 and xefu2021c, are found.

July 27th: SharpShell, a bootstrapper to allow PowerShell to run on Xbox One/Series consoles, is released by xboxoneresearch.

August 15th: Durango Dumplings v2 (Monosodium glutamate edition) is released, allowing game dumping on 4478, 4908, and 4909. This removes restrictions from V1 including the 2GB minimum size, 39GB maximum size, and breaking of games after they are dumped.

August 26th: A new xefu file, xefu2021a, is found.

September 8th: XWine1, a translation layer application to run Xbox One/Series games on PC, is announced with six compatible titles.

September 14th: A new xefu file, xefu2021b, is found.

October 3rd: A new Xbox Game Dumping Pack is announced to make the Durango Dumplings v2 method menu-driven with significant reductions in the amount of time needed to dump games.