Xbox 360:Standard NAND

From ConsoleMods Wiki
Revision as of 17:52, 30 August 2023 by Nadaman (talk | contribs) (The example image of "a fake JR Programmer versus a real one" just seems to be a V1 versus a V2. There are tons of clones that look exactly like the V2 as well.)
Jump to navigation Jump to search

This guide will walk you through obtaining NAND dumps, creating a patched dump, and writing it to the console using a NAND-X, PicoFlasher, JR Programmer, Matrix Flasher, or xFlasher 360.

This guide applies to all motherboards except 4GB Corona motherboards. You can read the guide for reading 4GB Corona NANDs here.

Equipment Needed

  • One of the following NAND programmers:
  • One of the following USB cable types to connect the NAND programmer to a computer:
    • Mini-USB if you are using a NAND-X, Matrix, JR Programmer, or older xFlasher 360
    • Micro-USB if a Raspberry Pi (or another RP2040 SBC with a micro USB port) for PicoFasher
    • USB-C cable if using an newer xFlasher 360 or USB-C RP2040 SBC with PicoFlasher
  • A soldering iron, solder, and flux
  • Isopropyl alcohol (90% or higher recommended) and cotton swabs
  • 28AWG or 30AWG wire (Solid core recommended)

Installing Drivers

  1. Download and extract J-Runner with Extras.
  2. Press Win+R and type devmgmt.msc and press Enter to open Device Manager. You can also get to it by searching for it in the Start menu. Plug the USB cable into both your programmer and your PC. Windows should find it and it will appear as J-R PROGRAMMER or NAND-X or two USB Serial Port entries under the "Other Devices" category in Device Manager.
  3. Install drivers:
    • (xFlasher): Launch J-Runner with Extras, plug in your xFlasher, and click the xFlasher menu and "Install Drivers".
    • (JR Programmer / NAND-X / Matrix): If you are on Windows 10, you will need to disable signed driver enforcement. Once done, right-click the programmer’s name in Device Manager and select Update Driver Software… > Browse my computer for driver software > Browse… > navigate to your J-Runner folder > common > drivers > OK > Next. You may receive a popup saying that Windows can’t verify the publisher of the driver, select the option to install it anyway. It should successfully install and file your device under its own category in Device Manager. Your programmer’s LED light should also turn green.

Soldering to the Motherboard

xFlasher / JR Programmer / NAND-X

  1. Your kit will come with a cable with a white plug on one end and open wires on the other. Solder each wire according to the diagram below. Note that the wire colors may be different than the picture below in a knockoff kit, so go off of the wire position and not the color of the wires in that case.
    JR-NAND-X.png
  2. Once you’ve finished soldering, clean up any flux with isopropyl alcohol and cotton swabs.

Matrix

  1. Solder a wire to each of the labelled pads on the Matrix and to the corresponding pads marked J1D2/J2B1 (phat) or J2C1/J2C2 (slim) on the motherboard in the diagram below. USB-NAND-Flasher1.png
  2. Once you’ve finished soldering, clean up any flux with isopropyl alcohol and cotton swabs.

Picoflasher

  1. Solder each wire (or connect a pin header wire) to each of the labeled pads on the Raspberry Pi pictured in one of the diagrams below, and then solder the other ends of the wires to each of the corrasponding pads on the motherboard.
  2. Once you’ve finished soldering, clean up any flux with isopropyl alcohol and cotton swabs.

Phat PicoFlasher

Diagram for Phat motherboards

Trinity PicoFlasher

Diagram for Trinity motherboards

Corona 16MB PicoFlasher

Diagram for Corona motherboards

(Corona Only) Solder Bridges

Ensure to check these resistors and solder as noted.

Reading the NAND

  1. Plug your Xbox 360 power supply in, but do not turn the console on. You can leave the RF board disconnected to prevent turning it on by accident.
    • If you are using an xFlasher, set the switch to SPI.
  2. Plug the white end of the cable into the bottom port of the programmer. Plug the mini-USB cable into the programmer and your PC.
  3. Launch J-Runner. Select "Read Nand" in the top left. It may prompt you for your Xbox 360’s model, make the correct selection and click OK. If everything is wired properly, it will read your NAND twice and automatically compare the dumps. If it says "Device Not Found" or anything about missing CB/CD files, see the troubleshooting steps at the bottom of this page. If you get messages about bad blocks, ignore them. When it has finished, it will tell you if the two dumps are an exact match. If they are, you can close J-Runner and proceed. If they aren’t, take more dumps until you get matching ones.
  4. Copy one of the dumps to a safe place such as cloud storage or send it to yourself in an email to keep it safe. They are located in the output folder in the J-Runner directory.

(Phat Only) Checking your CB if it's JTAGable

This section is only if you have a phat Xbox 360 that has a dashboard/kernel version of 2.0.7371.0 or lower.

Open J-Runner and select "…" next to the Load Source field and choose the nanddump1.bin or nanddump2.bin file. On the right-hand side, note the value next to the 2BL [CB] label. If your CB is on the list below, it is patched and your console is not JTAGable.

Model Unexploitable CB Versions
Xenon 1922, 1923, 1940, 7373
Zephyr 4571, 4572, 4578, 4579, 4580
Falcon/Opus 5771
Jasper 6750

Writing the NAND

Windbond Xbox 360 E RAM
  1. In J-Runner, select "…" next to the Load Source field and choose your nanddump1.bin or nanddump2.bin. In the top right of the window, select the latest the dashboard version in the dropdown menu next to "Dash Version".
    • If you want to add a dashboard, extract it to the XeBuild folder inside your J-Runner directory, and restart J-Runner.
  2. Select the appropriate radio button in the top right of the window:
    • JTAG - For JTAG, R-JTAG, or R-JTOP.
    • Glitch - For RGH1.
    • Glitch2 - For RGH1.2, RGH2, RGH3, EXT_CLK, or S-RGH.
    • Glitch2m - Same as Glitch2 but only used if your eFuses are in a non-bootable state.
  3. Put a check in the appropriate check box (if applicable) in the top right of the window:
    • If you are using JTAG, select JTAG and leave the R-JTAG checkbox unchecked.
      • If you are using R-JTAG or R-JTOP, the R-JTAG checkbox would be enabled.
      • If you are not on a Xenon console, select Aud_Clamp for either of these three modifications.
    • If you are using RGH 1.2 or S-RGH, select SMC+
    • If you are on a non-Xenon console with EXT_CLK, select SMC+
    • If you are using RGH2 with an X360ACE, select SMC+
    • If you are using RGH2 or RGH2+ with a CR3/CR4, select CR4
    • If you are using RGH3, select RGH3
    • If you have an Xbox 360 E motherboard with Windbond RAM, select WB 2K
  4. Select the "Create XeLL" button and wait for it to finish.
  5. Select the "Write XeLL" button and select your system and press OK. It will write the modified NAND dump to the motherboard.
    • If it says "Device Not Found" or Flash Config 0x00000000, see the troubleshooting steps at the bottom of this page.
  6. Once it has successfully written to the motherboard, unplug the power cable from your Xbox 360 and unplug the USB cable from the computer and programmer.
  7. Go back the page you were originally on for wiring instructions.

Troubleshooting

  • "Device Not Found"
    • Re-insert the USB cable
    • Check that the drivers are properly installed
  • "Flash Config 0x00000000"
    • Check that your power brick is plugged in, with an amber colored LED, and that it is plugged into your console completely (console turned off).
    • Check your soldering to your motherboard. Each point should be solidly connected and have a shiny round joint.
    • Check that you’ve cleaned up any flux you had used. Depending on the type, it may be conductive and cause issues. MG 835 is strongly suggested to avoid this.
  • "Wrong Version"
    • Re-insert the USB cable
  • What should I do if I ripped off a soldering pad?
    • Look online for an alternate point to solder onto. Practice more on junk electronics before attempting to continue.