Skip to content

Instantly share code, notes, and snippets.

@thejsa

thejsa/xval360.php

Created August 12, 2017 19:32
Show Gist options
  • Save thejsa/d8f77f322742c4bd54bbe71bf37351a3 to your computer and use it in GitHub Desktop.
Save thejsa/d8f77f322742c4bd54bbe71bf37351a3 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
xval360.php
<?php
/* Xbox 360 Xval Decryption
* Ported to PHP (from C#) by Brandon Wilson
* Ported to C# (from...something) by CLK
* Original code by Redline99: http://www.xboxhacker.org/index.php?topic=16401.msg125000#msg125000
*/
function decryptXValue($serial, $xval)
{
$deskey = @substr(@hash_hmac("sha1", "XBOX360SSB", $serial."\0", TRUE), 0, 8);
$result = @unpack("N*", @mcrypt_decrypt(MCRYPT_DES, $deskey, @pack("H*", @strtoupper($xval)),
MCRYPT_MODE_CBC, @str_repeat("\0", @mcrypt_get_iv_size(MCRYPT_DES, MCRYPT_MODE_CBC))));
$flags = ($result[1] << 32) | $result[2];
return $flags;
}
function addFlag($flag, $description)
{
echo "<TR><TD><FONT COLOR=\"red\"><B>".$flag."</B></FONT></TD><TD>".$description."</TD></TR>";
}
function displayInfo()
{
?>
<P><H3>Xbox 360 X Value Decrypter/Parser</H3></P>
<P>This is a simple mobile-friendly page that can show you the meaning of the encrypted "X value" from your Xbox 360 dashboard's "Console Information" screen.</P>
<P>Just enter your console serial number and the X value displayed in the dashboard (you can omit any dashes) and it'll show you whether you've been flagged for various Xbox Live ban-worthy events.</P>
<P>If your console has been flagged, <B>don't ask me, I can't help you</B> -- I just threw this up for convenience (for example, if you are out and about and need to check from your phone whether a potential used console purchase is worth it (or whatever other use you can think of)).</P>
<P>Do you not trust me not to do evil things with your console serial number, or do you just want to host this yourself (or see how it's done)? <A HREF="view.php">Click here to view the entire source</A>.</P>
<P>All credit goes to people in the Xbox 360 scene (CLK, Redline99, etc.), I had nothing to do with anything, just saw some code and ported it to PHP -- but if you want to contact me, <A HREF="mailto:brandonlw@gmail.com">go right ahead</A>.</P>
<P>My understanding is that there's now an "S value" and other stuff that probably obsoletes this, but hopefully it helps somebody out.</P>
<P>Want to test this out but don't want to use your personal information? Use these very public test cases from Google Images (if you recognize these numbers, shame on you):<BR />024025192407/B055-CB85-949B-0AB1<BR />306170493905/063C-7513-583D-C95D</P>
<?php
}
function displayResults()
{
define(FLAG_SSB_NONE, 0x0000);
define(FLAG_SSB_AUTH_EX_FAILURE, 0x0001);
define(FLAG_SSB_AUTH_EX_NO_TABLE, 0x0002);
define(FLAG_SSB_AUTH_EX_RESERVED, 0x0004);
define(FLAG_SSB_INVALID_DVD_GEOMETRY, 0x0008);
define(FLAG_SSB_INVALID_DVD_DMI, 0x0010);
define(FLAG_SSB_DVD_KEYFAULT_PAIR_MISMATCH, 0x0020);
define(FLAG_SSB_CRL_DATA_INVALID, 0x0040);
define(FLAG_SSB_CRL_CERTIFICATE_REVOKED, 0x0080);
define(FLAG_SSB_UNAUTHORIZED_INSTALL, 0x0100);
define(FLAG_SSB_KEYVAULT_POLICY_VIOLATION, 0x0200);
define(FLAG_SSB_CONSOLE_BANNED, 0x0400);
define(FLAG_SSB_ODD_VIOLATION, 0x0800);
$serial = strtoupper(ereg_replace("[^A-Za-z0-9]", "", strip_tags($_POST['ConsoleSerial'])));
$xval = strtoupper(ereg_replace("[^A-Za-z0-9]", "", strip_tags($_POST['XValue'])));
$flags = decryptXValue($serial, $xval);
echo "Decrypted X value is: <B>".sprintf("0x%08X", $flags)."</B><BR /><BR />";
if ($flags == FLAG_SSB_NONE)
{
echo "<FONT COLOR=\"green\"><B>Secdata is clean!</B></FONT>";
}
else if ($flags == 0xFFFFFFFFFFFFFFFF)
{
echo "<FONT COLOR=\"red\"><B>Secdata is invalid (all 0xFF)!</B></FONT>";
}
else if (($flags >> 32) != 0)
{
echo "<FONT COLOR=\"red\"><B>Secdata decryption error!</B></FONT>";
}
else
{
echo "<TABLE BORDER=\"1\">";
if ($flags & FLAG_SSB_AUTH_EX_FAILURE)
addFlag("FLAG_SSB_AUTH_EX_FAILURE", "AuthEx Challenge Failure (AP25)");
if ($flags & FLAG_SSB_AUTH_EX_NO_TABLE)
addFlag("FLAG_SSB_AUTH_EX_NO_TABLE", "AuthEx Table Missing");
if ($flags & FLAG_SSB_AUTH_EX_RESERVED)
addFlag("FLAG_SSB_AUTH_EX_RESERVED", "AuthEx Reserved Flag");
if ($flags & FLAG_SSB_INVALID_DVD_GEOMETRY)
addFlag("FLAG_SSB_INVALID_DVD_GEOMETRY", "Invalid DVD Geometry");
if ($flags & FLAG_SSB_INVALID_DVD_DMI)
addFlag("FLAG_SSB_INVALID_DVD_DMI", "Invalid DVD DMI");
if ($flags & FLAG_SSB_DVD_KEYFAULT_PAIR_MISMATCH)
addFlag("FLAG_SSB_DVD_KEYVAULT_PAIR_MISMATCH", "DVD Keyvault Pair Mismatch");
if ($flags & FLAG_SSB_CRL_DATA_INVALID)
addFlag("FLAG_SSB_CRL_DATA_INVALID", "Invalid CRL Data");
if ($flags & FLAG_SSB_CRL_CERTIFICATE_REVOKED)
addFlag("FLAG_SSB_CRL_CERTIFICATE_REVOKED", "CRL Certificate Revoked");
if ($flags & FLAG_SSB_UNAUTHORIZED_INSTALL)
addFlag("FLAG_SSB_UNAUTHORIZED_INSTALL", "Unauthorized Install");
if ($flags & FLAG_SSB_KEYVAULT_POLICY_VIOLATION)
addFlag("FLAG_SSB_KEYVAULT_POLICY_VIOLATION", "Keyvault Policy Violation");
if ($flags & FLAG_SSB_CONSOLE_BANNED)
addFlag("FLAG_SSB_CONSOLE_BANNED", "Console Banned");
if ($flags & FLAG_SSB_ODD_VIOLATION)
addFlag("FLAG_SSB_ODD_VIOLATION", "ODD Violation");
if ($flags & 0xFFFFF000)
addFlag(sprintf("0x%08X", $flags & 0xFFFFF000), "Unknown Violation(s)");
echo "</TABLE>";
}
echo "<P><A HREF=\"index.php\">Return</A></P>";
}
echo "<HTML><HEAD>";
echo "<TITLE>Xbox 360 - Check X Value Flags</TITLE>";
echo "</HEAD><BODY STYLE=\"font-family: Verdana\">";
displayInfo();
if ($_POST['submit'] == "Display")
{
displayResults();
}
else
{
?>
<FORM METHOD="post" ACTION="index.php">
<TABLE>
<TR><TD>Console Serial Number:</TD><TD><INPUT TYPE="text" NAME="ConsoleSerial" /></TD></TR>
<TR><TD>Console X Value:</TD><TD><INPUT TYPE="text" NAME="XValue" /></TD></TR>
<TR><TD COLSPAN="2"><INPUT TYPE="submit" NAME="submit" VALUE="Display" /></TD></TR>
</TABLE>
</FORM>
<?php
}
echo "</BODY></HTML>";
?>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment