Close

Results 1 to 3 of 3
  1. #1
    DF Moderator BIG-TED's Avatar
    Join Date
    May 2001
    Location
    Leics UK
    Posts
    1,966
    Thanks
    402
    Thanked:        797
    Karma Level
    389

    Default Xbox One Symbolic Link Exploit

    We have a little bit more not enough for a full blown open exploit at present but its a chink in the armour. As posted before if you are on latest dash nothing for you at this time.

    Xenomega released a Exploit that allows us, to get access (browse/read/write) to encrypted mounted virtual harddisk Xbox One partitions, in alliance with symlinks.

    Xbox One Symbolic Link Exploit


    Access restricted/encrypted volumes using the Xbox File Explorer.


    Patched as of 5/5/2017: 10.0.15063.2022 (RS2_RELEASE_XBOX_1704.170501-1052). Thus in accordance with responsible disclosure.
    The Xbox One File Explorer does not check if a path is a symbolic link elsewhere, allowing an attacker to browse/read/write to mounted volumes which are normally restricted.
    This includes any encrypted virtual harddisk partitions (XVD files) which the console mounts for content such as gamesaves, etc.
    Prerequisites:


    Download Windows Server 2003 Resource Kit Tools, from which you'll need the "linkd" utility, as the program relies on it to create links, since mklink does not link to paths that do not exists, and the paths we intend to link to are likely non-existent on your computer.
    Instructions:


    Change the drive letter to your USB drive letter in Program.cs
    Run it
    Plug it into Xbox, use File Browser to browse through the symlinks, which will link to other parts of the system.

    [Only registered and activated users can see links. ]

    Ted
    Run your wife a nice hot bath, light some candles & pour some wine. Then you've at least 40 mins on the xbox plus a clean wife.

    Experts... x is an unknown quantity and spurt is a fast drip.

    Thanks to BIG-TED

    piggzy (11th June 2017) 


  2. #2
    DF Moderator piggzy's Avatar
    Join Date
    Jul 2014
    Location
    UK
    Posts
    3,309
    Thanks
    2,798
    Thanked:        1,470
    Karma Level
    284

    Default Re: Xbox One Symbolic Link Exploit

    I no longer see a viable exploit on the Xbox One before then next gen hardware is released.

    They did a fucking good job and credit to em..... bastards !

  3. #3
    DF Moderator BIG-TED's Avatar
    Join Date
    May 2001
    Location
    Leics UK
    Posts
    1,966
    Thanks
    402
    Thanked:        797
    Karma Level
    389

    Default Re: Xbox One Symbolic Link Exploit

    If they found something I imagine it would be kept quiet incase it could be carried to the new one and not patched.
    Just speculation you understand.

    Sent from my SM-G935F using Tapatalk
    Run your wife a nice hot bath, light some candles & pour some wine. Then you've at least 40 mins on the xbox plus a clean wife.

    Experts... x is an unknown quantity and spurt is a fast drip.

Similar Threads

  1. [Xbox One] Xbox One Edge Browser Exploit Released
    By BIG-TED in forum Microsoft Consoles
    Replies: 0
    Last Post: 2nd April 2017, 07:30 PM
  2. Symbolic Cyprus crossing reopens
    By 4me2 in forum News & Current Affairs
    Replies: 0
    Last Post: 3rd April 2008, 01:38 PM
  3. Sexual Predators Exploit Xbox 360 to Target Children
    By Raptor in forum Microsoft Consoles
    Replies: 19
    Last Post: 19th February 2008, 10:39 PM
  4. BIG RUMOUR: Xbox 360 Exploit- Linux
    By Billhouse in forum Microsoft Consoles
    Replies: 1
    Last Post: 1st January 2007, 09:56 PM

Social Networking Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •