Hackers on the XBH forums managed to change DVD key and Game Region Code in the Xbox 360 ‘Key Vault’ (that stores on flashchip: console certificate(s), per-box private keys, DVD key, however NOT any code-related encryption keys).
However you should know the ‘Key Vault’ is encrypted with the per-xbox360 ‘CPU key’, so that means this hack is only possible on Hypervisor exploitable Xbox360s (kernel 4532 and 4548) for now. You will of course also have to read/flash the Xbox360 flashchip (by desoldering it and read/flash it with programmer or for example use the versatile Infectus dev chip)
From SeventhSon on xboxhacker.net (free reg. req.):
I successfully changed the DVD key and region code of a 360. So it’s all confirmed.
As for landmarks and interweb fame. All I did towards this was to reverse the plaintext KV signature to figure out how to modify and resign the KV contents. And even this work was built on the efforts of other hackers. For example, I didn’t locate the region code in the KV and a lot of the SHA1 and RC4 encryption code was reversed and documented by others way before I started looking at it. *If* the region code tests are successful, then the following people contributed *much more* to this achievement than me.
Takires, TheSpecialist, Robinsod, tmbinc.
The following assumes you have the correct 1BL key and CPU key set in the flashtool.
- Dump the NAND from the US 360 (528-bytes-per-page)
- Open in the latest flashtool (v0.8) and click [extract]
- Edit extracted KV.bin and change 16-bits at offset 0xB8 from 0x00FF to 0x02FE
- Open in flashtool and click [patch], check the “patch keyvault” box and select the KV.bin modified in step 3
- Click [OK] and choose output file
- Flash output image back to the NAND of the US 360
- Try an EU game or two.
Arakon tested this successfully:
My USA 360 just booted a PAL (non-regionfree) game. the region patching WORKS.
Microsoft, Xbox 360, Hack, Hacker, Hacking, DVD, Key, Game Region, Xbox News