XeLL also boots!
Chinese hacker zhangjiqi007 has managed to successfully 'glitch' the Corona v2 and was able to launch XeLL in order to grab the CPUkey.
Chinese hacker zhangjiqi007 managed to get a 66MB NAND dump of the Corona v2 board, that was also decryptable with the CPU key that he obtained from the console.
Here's the official info:
Members of Glitch360Team shared the Phison datasheet with several higher up members of the hacking community including zhangjiqi007 who deserves proper credit for finding the method to dump the nand extract the 64MB bootcode area and write the new information ... This is a huge step for this console type ... The datasheet is what allowed him to find what he needed to achieve this.
I have also been informed by Glitch360Team that they will be sharing some interesting findings regarding the Phison eMMC controller which they have made within the last few weeks.
This site will not be responsible for someone trying to steal credit or glory from the proper individuals , and from talking to orkid1818 in private messages as well as in the research forum while it seems it may be a language barrier , he truly doesn't seem to know what he is doing.
Here is a link to the Chinese forum that did this if you understand Chinese have at it: http://bbs.a9vg.com/thread-2239716-1-1.html
Bigger picture of the nanddump opening in RGBuild:
Now, it looks like the guy did it "the hardway":
1 : remove 4gb nand from mainboard and dump it externaly
2 : use xor hack to build ecc
3 : flash it in a 16mb nand
4 : solder the 16mb nand to the xbox motherboard (Changing something on the resistor configuration on the Corona board to make it works)
5 : grab keys
This means that, there is still no way to dump and decrypt the nand direclty from the nand.
And finally, here is a Pastebin of the XeLL output, where you can see that the NAND isnít properly recognized.
We can say from that:
Magic bytes are OK
Nand dump is 66 Mb (like the data part for Jasper BB nand)
The CPUKey decrypt the KV properly and display console info as Corona
Bootloader are the one from Corona
So, itís definitely legit!
Definitely, this is a big step. Stay tuned for more in the upcoming days!
Very cool, good find.
Consoles: Super Famicon, N64, PS1, Gamecube, Wii, Xbox 360, PS3, N3DS, Wii U.
the guy did it "the hardway" !