In theory, it could work for booting backups burnt to a disc but I don't believe anyone has managed to pull it off. As far as leading to an actual jailbreak of the console for homebrew outside of dev mode, it's not likelyI saw on his presentation months ago that the xbox one is also affected by it, so any hope for a jailbreak with this?
I saw on his presentation months ago that the xbox one is also affected by it, so any hope for a jailbreak with this?
The tech is available on the Xbox One. We would need to dump the interpreter's binary and look for vulnerabilities.
The tech is available on the Xbox One. We would need to dump the interpreter's binary and look for vulnerabilities.
how does someone start with doing this
It's cool.yes im pretty sure
Xbox Series X too works?Using this image: (by Shykelit above, who sent me the image months ago at the time of the Tweet). This is just executing Java code contained in the bluray disc.
More info:
A list of homebrew games you can play through this method:
As for reversing & exploiting the interpreter: it's very easy to obtain the binaries from a dev-mode console nowadays, so it isn't a far-fetched idea to maybe look up for vulns. If anyone wants to look into it feel free to ping me btw
It's cool.
Xbox Series X too works?
So realistically speaking, this is the only method someone can make a way to hack an xbox oneI'd think so. But I haven't checked myself
We should do some testing and post the results, its dire in the xbox one scene lolWonder if it will be possible to transfer over the contents of the Xbox One's memory to a PC via FTP with this method in mind?
I am interested in finding some vulnerabilities but i have no idea how to and where to look lol, i already have dev mode and everythingUsing this image: https://www.mediafire.com/file/6a6aexvvm36o3t3/Doom-BluPlay.iso/file (by Shykelit above, who sent me the image months ago at the time of the Tweet). This is just executing Java code contained in the bluray disc.
More info:
https://en.wikipedia.org/wiki/BD-J
A list of homebrew games you can play through this method:
https://www.blu-play.com/links
As for reversing & exploiting the interpreter: it's very easy to obtain the binaries from a dev-mode console nowadays, so it isn't a far-fetched idea to maybe look up for vulns. If anyone wants to look into it feel free to ping me btw
When you test it could you come here and let us know the result? Very thanks.I'd think so. But I haven't checked myself
I got my xbox one ready and dev mode too also with bdjb, so how do i start looking for vulnsI'd think so. But I haven't checked myself
read post number #7 of this thread.I got my xbox one ready and dev mode too also with bdjb, so how do i start looking for vulns
yeah the only thing that was said related to it is "so it isn't a far-fetched idea to maybe look up for vulns.", never mentioned where to look for the vulns or how we can do it lolread post number #7 of this thread.
ah, sorry buddy totally misread the post, apologies.yeah the only thing that was said related to it is "so it isn't a far-fetched idea to maybe look up for vulns.", never mentioned where to look for the vulns or how we can do it lol
no worriesah, sorry buddy totally misread the post, apologies.
ah i see, thanks, so bdjb is the only way forward right?BD-J and BD-JB are not the same thing. BD-J is a standard feature on all Bluray players which follow the standard properly. It allows java code execution in a sandboxed environment. BG-JB specifically targets the PS4/5 implementation of BD-J to allow for full userland code execution. While possible that Microsoft made a similar mistake with their implementation, it's extremely unlikely to be 1:1. Though it is a possible entry point to start looking for vulnerabilities.
BD-J and BD-JB are not the same thing. BD-J is a standard feature on all Bluray players which follow the standard properly. It allows java code execution in a sandboxed environment. BG-JB specifically targets the PS4/5 implementation of BD-J to allow for full userland code execution. While possible that Microsoft made a similar mistake with their implementation, it's extremely unlikely to be 1:1. Though it is a possible entry point to start looking for vulnerabilities.
this video shows that the BD-J exploit works though