DASH 5960 might have isues with this method. please comment your finding with real hardware. So after a few posts here and there about the xbox live accounts i "recovered" and shared for your pleasure and research, ive decided to greate a dedicated topic for this part. This might also help the research for a opensource xbox live, for I have discovered some things that might already be known but might surprice others. ive shared 2 accounts and the fIrst bytes of a working MU for your research if you dint have any. http://codeasm.com/xbox/files/Accounts/ Ive made a basic tutorial to add a live account to a MU here: http://assemblergames.com/l/threads/phantasy-star-online-xbox-gamertag.49737/#post-725868 Not everyone apears to find it easy to use, so I realy hope hexediting and just trying wont scare you. How and why does it work like this First some basics, an Xbox connects to live servers and authenticates the xbox with a "Machine account". This account is stored on the harddrive and is encrypted/hashed using a unique per xbox key. (I have some doc telling more details, will add soon) Then when the servers found this account to be vallid and not banned, a user live account is either send or one can recover a live account from the servers. (or create one) If the xbox is missing a machine account or incorrect one, the xbox cant connect to the xbox live server. This is the case with most xboxes where the harddrive is formated using unofficial tools. Or with Xqemu, no or formated drive is used. Xbox live accounts are also stored on the harddrive and are encrypted/hashed using the same basic principle as machine accounts, but can be transfered to a Memory Unit (MU). When stored on the MU, it can ofcourse not be encrypted using a unique machine specific code, because another Xbox cannot decrypt it using its own keys (These unique keys are never shared or transfered.) Thus MS has used a general key that all xboxes know and use to decrypt and vallidify the live accounts on a MU. when stored on the HDD, its encrypted using the xbox unique key. (its actualy not 1 key, its a combination of things like the Harddrive serial number, lock key and Online key (stored on eeprom).)* MS did actualy tell in their internal documents that they expect "us" to find the key used to encrypt the live account on a MU. Thus they expected Live accounts to be stolen, lent or even created out of thin air to be stored on a harddrive after alteration on a PC. Here comes the chain-of-trust, MS only allows live accounts from a xbox that logged in using a verified Machine account. Machine accounts are created on first logon to the internet. Its created by sending a connect request and a geneoligy database is queried with the serial number and more?* when the Database has records of this combination and no machine account had been made, one is created with a keypair. The key for the xbox is send over and the other part stored on the live server side* When a xbox with no machine account or invallid one connects, its returned with a error. Users are allowed to send the xbox to MS for repair (ofcourse that nolonger the case) They will have performed a sort of refurbishment by checking the xbox for problems and run a refurbishment program (wich installs a new serialnumber, updates the dashboard and then they normaly would have send it back... asuming that "hackers" and "modders" wont send their precious boxes to MS to be "fixed" yes, MS actualy knew and though about this. So far Ive figured this much (some poeple might know more. Code: 0x00-05 unkown SHA/3DES ? 0x06 unkown 0x09 TAB - Horizontal Tabulation? 0x1C flag 0x01/0x00 pincode 0x20-23 pincode [01 left trigger, 02 right trigger, (03 A, 04 B), 05 X, 06 Y, ] 0x24-2B Domain xbox.com Domain 0x38-43 K Realm PASSPORT.NET Kerberos Realm 0x50-5F unkown SHA/3DES ?* 0x60-63 unkown Same as on HDD and XMU(Angul) 0x64-6B unkown SHA/3DES ?* Where SHA/3DES doesnt realy mean its the hashcode, I just dont know its exact location, but the live account IS verified by the xbox. when the useraccount is stored on the harddrive, the first 6, and last two bigger bits of unkown code change (by the key used and hashing) (the x60-63 stays the same for some reason) Xqemu Xqemu sofar doesnt allow me to add a live account, maybe because by default the xbox uses the eeprom from Bunnie (we can change this, in source) And the harddrive I use, has no machine account (yet, I have machine accounts and eeprom pairs to try soon for myself) To connect a USB MU, there are simple instructions to connect real USB hardware. To connect a image of a usb stick use the following: Code: -drive if=none,id=stick,file=harddisk/mu.raw -device usb-storage,bus=usb-bus.0,port=3.3,drive=stick probably the usb part after you made the hub, and the name "stick" could be anything, please note its definition earlier in the line of code. This has been tested on Linux There has been added some basic Network support and Ive captures 4 packets of a early DHCP request. I want to create a reply server of some sorts and start some basic authentication. Others seem to have great succes already on this part. TUTORIAL to write or read a live acount to MU First of all, you can transfer 1 account per MU. getting a usb stick to work on the xbox is the easiest aswell. PLEASE, try the Hxd editing method first, its faster. Also, dont just try editing the name, it wont work* With https://mh-nexus.de/en/hxd/ you can even skip the xplorer step. Also, for making a backup, this is easy. Make sure you use a MU or usbstick that is formated by the xbox. We wont try doing it ourselfes, the xbox might not accepting it and just formats it anyway. great test to check compatibility anyway. SO FORMAT IN XBOX FIRST. WARNING If your xbox is new, softmodded, harddrive replaced... you might not be able to transfer the live account, for your system lacks the necesairy "machine account". and these are no longer made, for the live servers are gone* Windows, with Xplorer Connect a MU with an account to your PC (DONT FORMAT IN PC PLEASE) open Xplorer and find your MU (you can transfer whatever you want, but you CANT find the live account) Make a full MU backup to file (Drive>Backup Image...) Open HxD or your favorite editor, Open your just made backup Go to step 4 of "Windows, direct edit..." Windows , direct edit with HxD(or any hexeditor with raw diskediting) Connect a MU with an account to your PC (DONT FORMAT IN PC PLEASE) Open HxD or any Hexeditor that can open usb storage devices and can edit them (unless only getting the data is required) (TIP2, open as administrator) Please use HxD, press the disk icon(next to the chip) named "open disk" you can leave the readonly on, if you only want to get the account, writing one, requires the dangerous "editing" mode...be save, stay of any harddrives.. smartass. If you have done everything good so far, you should see your live account or atleast the MU name you gave it, or MS did by formating. IF THE FIRST WORD is NOT FATX, GET OF THAT DEVICE. its not formated or its your windows drive Xbox Memory by CodeAsm posted Aug 26, 2015 at 11:22 AM select the bytes 50(hex) to and with BB(hex) (a total of 6C(hex), or 108bytes) (decimal 80-187) Tis, is your live account. Or you OVERWRITE a live account of 108bytes into here. Here you can view the selected account, regardless of the contents, it should contain your account. OR you "overwrite" the bytes there with the ones you want to have. Save, hope it works if you saved to a just made backup if you followed this with xplorer. go to step 7, else,... save and done Right, so you saved back to your backup (can take a while if a large MU is used) Xplorer, go to the (Drive>Restore Image...) and again, this can take a while... You should now have either a backup of your live account "encrypted" with the general encryption key, ready for writing to a MU. Or its on you MU and your xbox should see it.... BUT A big isue I found, if your xbox has NEVER EVER been on xbox live. and/or had his harddrive replaced and contents replaced with like slayersdisk... LONG STORY SHORT your xbox does NOT have a machine account, it wont decrypt the MU, you wont see any live accounts. maybe you can fix that by a devkit menu and generating some fake accounts but why you need this tutorial. *Your system is hacked, modded or Xqemu and has NO machine account? your out of luck today, but this is also a reason we need a opensource xbox live or smart people finding out how the xbox live system works. Please, if you DO have a working xbox with live accounts. Make a EEPROM backup and FULL hdd backup (or atleast the full config sectors... no idea? full hdd, its just 8gb) Now you should have a working combo of eeprom and machine account (maybe record the hdd lock key aswell) Linux I am a linux user myself, but using DD for this small bit I still prefer a hexeditor (Graphical, CLI) Did try to find a way for dd but it doesnt work if the underlaying system cant access bytes for bytes (like default is 512 bytes for a reason ) but if you want to try, PLEASE check yourself,... I could not entirely make it work on some images I got. get live account (seems to be broken) Code: dd if=~/xqemu/harddisk/mutest.raw bs=1 count=108 skip=50 of=liveaccount.xbla Write live account (cant work on devices with read/write larger than a byte?) Code: dd if=angul.xbla bs=1 count=108 seek=50 of=~/xqemu/harddisk/mutest.raw Just try HxD or something, it works under wine aswell. just dd the drives first few sectors and edit that image. later write back the image Whats next? Ill see if I can dump a eeprom and machine account pair for public use, unless others like to share something like that themselfes. (do we have the eeprom from the godfather xdk kit? does it contain a machine account?) Some kind of Xbox live simulated OS or program to allow some basic live account menus to function. (maybe to simulate account recovery, creditcard changing, pincode removal (could be handy) generate machineaccounts? Find the magic keys for the MU, so we can change a Live account name. Hints I got, 3DES with a fixed key that every xbox knows. I asume only after a machine account has been created or connected to xbox live atleast once (because my Xqemu, machine accountless xbox does not detect an embeded xbox account on the MU, but the used space does have a value.) Updates: 24-7-2016: Added my newest tutorial. No spellcheck yet, sorry. Hope it works. thinking about a linux one. 14-11-2016: Using xqemu it apears 5960 might have trouble reading your xbox live account. please report if you are using dash 5960 and either have succes or trouble getting your live account from MU on Xbox hdd. Word of thanks I would have never started this research or topic if I havent known assemblergames, thanks to alott of people here we can have nice things, so consider if you read this to Donate some money to the Assemblergames website, support some fundraisers for awesome prototype games and I hope you enjoy.