XBOX 360 Firmware upgrade 
Sunday, December 20, 2009, 01:37 PM - Hacks
I was commisioned with a task to upgrade a couple 360's. Needless to say one of them was brand spanking new. Still in the box to be exact. Well, the 83850c Lite-on drives don't like to have their firmware dumped. Reading through countless articles and posts i decided a solder method was the only way to go.

With permission, i dove in.

This is the board with the protective film removed. I used my leatherman and scraped it off with my knife.

Here are my soldered joints. Not bad for a first time on a super small board ;)

And a close up of the solders. For size reference, these wires are strands of cat5e cable.

The switch to enable/disbale the ground.

All put back together and ready to dump :)

Use jungle flasher
1. Intro the drive
2. Read the firmware.
3. Make a dummy copy (right click)
4. Load dummy in source, let it auto-ixtreme it.
5. Repair drive (put all the cuts and solders back)
6. Intro it again.
7. Click "Write"
8. Enjoy

Defcon 16 
Wednesday, August 13, 2008, 09:26 PM - Hacks
Defcon 16 this year was good stuff. Me an Thurm drove down on wednesdat night so we could get our tickets early. We met up with Jake and Bryce and stayed at a Holiday Inn, which had very nice beds.

The second night we were there, we ate out at ??? and they had some sour cream chicken, sooo nice. I will put the name of place in when i remember it, i paid cash, so i cant go back and look.

A couple of my fav talks:

1. BackTrack Foo- From bug to 0day
2. Shifting the Focus of WiFi Security: Beyond Cracking your neighbor's WEP key.

The back of the badge has a 2-D barcode, which i figured to say: . It also has a SD card slot, USB connector solder points, and a dip switch solder point. I got a usb connector, but i dissapeared on the way home :(
The badge:

A crowd Shot:

** My badge either appears to be toast, or my battery is dead. I went to show someone and it wouldn't turn on. Turns out the battery was in backwards?? So, when i find a new battery i test it out.

Ignition Autoconnect crap errors "wzccmd.exe" 
Tuesday, June 3, 2008, 01:22 PM - Hacks
BYU-Idaho wireless requires the Ignition AutoConnect to be install to take care of the certificates in order to log on to their 802.1x wireless. In the process of using their setup program it crashes with wzccmd.exe. Google brought up like 3 results, all about spyware.

I gave up for a while. I use linux for everyday use so i didn't need to too badly. Linux (ubuntu 8.04) connects perfectly.

After plinking around with it today and sending hate mail to the help desk, i started looking around my system to find something that could possibly be conflicting. Long story short, i disabled the vmware network adapters in my network control panel. BAM! it worked.

Just disable your vmware adapters, install autoconnect, then re-enable them. Its working for me, so i am writing this post to help others who may have this same issue.

Adding media to a Razr V3m 
Monday, January 8, 2007, 08:00 PM - Hacks
My wife got a pink razr, we tried to put new ringtones on it, but it seems we are "locked out"... riiiiight. Locked out my butt! After some digging i found out how...

OK, so u can charge your phone on the usb port? And u have mpt 4.21a installed? And the last step we need to do is enable multimedia studio so u can add ringtones.

ok. u need to download 2 programs.
1) MSU (motorola software updater) this will get your phone into the correct mode to edit the seem files.
2) P2Kseem - this is what we will use to change the seem files.
here is a link to where u can download them...
Just download them, dont install them yet.

k. plug in phone, make sure it is in as usb modem. then run and install MSU 1st. U will be prompted with a series of 3 or 4 drivers, choose automatic install for all of them. Once done, it should display a box and show your ESN # on the left hand side. Let me know when u get to that point.

ok, go into device manager, and u should see:

Motorola USB Device
->Accessories Interface
->Data Logging MCU Interface
->Test Command Interface

If so, proceed to install and run p2kseem.

in the lower right side of the screen, there is a "load" box. Next to seem, type 2742. Leave record as 1. Then above that, change bytes to 0000. Then hit load from phone.

ok, u are probably looking at a whole bunch of stuff u dont recognize, haha. Now we are going to save a copy of your original seem. Click save to file in lower right corner. Pick a spot on ur comp. u have just saved ur original file. After that, we will do our 1st couple seem edits.

ok, now we are going to do the 2 seem edits to get your phone to work with mpt and multimedia.

1) enable USB file transfer. scroll down to the row 000060. Then use the right arrow until u get to Offset 006a. The top box (Bit 0) should be empty, and it should say Bluetooth or USB file transfer in MPT and E815 BT OBEX. Checkmark that box to turn it on

once you checkmark it, click "save to PHONE" it will ask if u are sure, say yes.

Now, we are going to load up a new seem file. Last time we did seem:2742, record:1, bytes:0000 This time, seem:2827, record:1, bytes:22 Then hit load from phone. Click save to file again to save this original seem.

Once you get that seem loaded and saved, we can change it.

Go to offset 0006. Then checkmark the boxes 0,2,3,6. Leave 1,4,5,7 empty. If u look in the upper right hand corner, u should now see:


Once u do that, click save to phone, when asked to verify, click yes again.

Now we have successfully changed 2 seem edits. The 1st enabled usb file transfer. This 2nd one will enable multimedia auto-detection for the phone as a v3mM (where the last M stands for multimedia)

Once done, and u have saved this to the phone, click Restart Phone. It will go thru a series of events. Once it says connected in the lower left corner again, u can close out of p2k seem ,and MSU, and unplug ur phone, plug it back in. Start MPT and u should see multimedia automatically enabled!

-You may have to rescan for a new phone, but it does work.

via ... azr-2.html

Saturday, December 30, 2006, 12:43 AM - Hacks
Coming with my new M3 card is DSlinux. Very small and with a screen font of 3, which is quite interesting.

Ok, do the port to the DS doesn't seem to bad, not super funtional, but not bad. The basic ARM processor doesn't allow a lot to be compiled, such as kismet and aircrack. There is a ARM build for aircrack, and i will look into it.

Here is a shot of DSlinux and BitchX via SSH and the WIFI.

Wii Spying 
Tuesday, November 21, 2006, 11:41 PM - Hacks
While running ettercap, my Wii tried to connect to these sites: :58886?

Port scan results:
(although i read somewhere that people were getting port 21 open on thier Wii)


Free Air... Free canned air that is... 
Sunday, August 13, 2006, 10:52 PM - Hacks
Had this wonderful idea to make a free air duster out of an old chemical sprayer.

Kunz motivated me to do it after he showed me someone elses on hackaday.

This is the whole sprayer.

Lucky me that this comes with a air spicket built in, i can fill it up at any gas sation/ dad's house...

Reading the warning label on the side reveals that this sucker can safely hold up to 200psi! I was only abe to get it up to ~120 psi (due to the limitations of my dads air compressor)

The nozzle, i used to spray a fine mist, but i gutted it to make a nice stream of air.

The GO lever, makes the air come out.

All in all not bad for FREE! Yeah, it was broken and didn't hold air, but i fixed the seal and away i went. It doesn't hold a charge for a very long time, but hey, its free. I figure i visit my dad once a week, i can just fill it when i head over.

