Easily update your Jtagged Xbox 360 to Kernel / Dashboard 12611 with FbBuild 0.11

Discussion in 'Xbox 360 Guides' started by InsaneNutter, Nov 12, 2010.

  1. InsaneNutter

    InsaneNutter Resident Nutter Staff Member

    Joined:
    Jun 1, 2007
    Messages:
    12,386
    Likes Received:
    3,772
    Location:
    Yorkshire, England
    Note: This guide in now obsolete, have a look at my guide here if you wish to play the new games: Link: Easily update your Jtagged Xbox 360



    This guide aims to cover everything required to update your Jtagged Xbox 360 to the latest 12611 Kernel / Dashboard. I have tried to make the guide as detailed as possible so people still learning about all this can follow it, if you want a guide that is more to the point have a look at slimwadey's.

    Firstly my apologies for watermarking the images in this guide. I'm fed up of websites such as 360iso, 7sins, Gametuts and so on ripping tutorials I have put a lot of time in to creating and passing them off as there own. If you like this guide than by all means link to it here, I would be more than happy knowing you think this guide is worth linking to :) Please just don't copy + paste it, thanks.

    Secondly, thanks to ikari and everyone else who has contributed to FreeBoot / fbBuild. It is great what you guys have accomplished, it is appreciated by myself and many people who want to use FreeBoot for homebrew & region locked games, not for cheating on Xbox Live. Keep up the great work (Y)

    Anyway on to the guide:

    Things will you need to provide yourself: (these are unique to your Xbox 360)
    • Your original nand – you should have this. (it's beyond the scope of this tutorial using a donor nand from another 360)
    • Your CPU key – again you should have this, if not see the FAQ at the bottom on how to obtain it.
    Things you will need to download to complete this guide:
    Getting started:

    First unzip fbBuild 0.11, you should have some files / folders like in the image below

    [​IMG]

    Go in to the data folder and unzip the 12611 files in to there

    [​IMG]

    Now go in to the mydata folder and open cpukey.txt in notepad

    [​IMG]

    Replace the CPU key in there with the one from your console and save.

    Obtaining smc_config.bin, a decrypted KV.bin and a a decrypted SMC.bin

    To obtain smc_config.bin, a decrypted KV.bin and a decrypted SMC.bin we will use 360 Flash Dump Tool

    Unzip and run 360 Flash Dump Tool 0.97

    Go to Settings > Keys

    [​IMG]

    Now enter your CPU key and press ok

    [​IMG]

    Now in 360 Flash Dump tool go to Settings > Options and select "extract ibuild compatible files", then press ok

    [​IMG]

    Now you either want to open your original nand backup or a dump of your working XBR / FreeBoot nand and press extract.

    I used my original nand and had no problems what so ever, however a lot of people have had problems with that. However the people that had problems have stated this tutorial worked perfectly when using there XBR or FreeBoot nand.

    I would recommend you use your XBR / FreeBoot nand with this in mind, If you have used the aud-clamp wiring variation for the Jtag hack or modified your SMC in some way using your original nand will not work anyway.

    [​IMG]

    Extract your SMC, Keyvault and Config Blocks

    [​IMG]

    Its best to make a new folder to save the extracted files in, i saved the files in a folder called Extracted

    [​IMG]

    From the extracted files you want:
    • Extracted\freeBOOT\Data\smc_config.bin
    • Extracted\KeyVault\KV_dec.bin
    • Extracted\SMC\SMC_dec.bin
    Rename the files like so
    • smc_config.bin is fine how it is
    • Rename KV_dec.bin to KV.bin
    • Rename SMC_dec.bin to SMC.bin
    Copy these to the \fbBuild_0.1\mydata folder

    Your mydata folder should now look like this:

    [​IMG]


    Now in the fbBuild_0.1 folder open 1blkey.txt and enter the correct 1bl key, this is: DD88AD0C9ED669E7B56794FB68563EFA

    As I mentioned earlier the 1bl key is the same for all Xbox 360’s

    [​IMG]

    We now have all the files required to build the hacked nand image.

    Quick recap:
    • The data folder should contain the 12611 dashboard files
    The mydata folder should contain:
    • The consoles cpu key in the cpukey.txt file
    • KV.bin (decrypted)
    • SMC.bin (decrypted)
    • smc_config.bin
    • The 1blkey.txt file in the fbBuild_0.1 folder should contain the correct 1bl key.
    Building the image to flash:

    Open command prompt and navigate to the fbBuild_0.1 folder

    [​IMG]

    To build your hacked nand type:

    Code:
    fbbuild.exe -c <your console revision> -d mydata updflash.bin
    For <your console revision> you must select which revision your xbox 360 is

    Type one of the following depending on which revision it is, this can be: xenon, zephyr, falcon, jasper, jasper256, jasper512

    My console is a Jasper 512 so I would type:

    [​IMG]

    Your updflash.bin should be built successfully with no errors, the console type, nand size cpu key and 1bl key will be shown, check everything is correct.

    [​IMG]

    That’s it, your nand is built and ready to be flashed.


    Flashing the nand:

    Download Flash 360

    Unzip Flash 360 and copy the contents of the zip file to your Fat 32 formatted USB drive, then copy updflash.bin to the USB drive:

    [​IMG]

    Load Flash 360 from the USB Drive using FreeStyle Dash or XEX Menu:

    [​IMG]

    When Flash 360 has loaded press "A" to write updflash.bin to the nand:

    [​IMG]

    Press "B" to flash the KV/config in the FreeBoot nand:

    [​IMG]

    The error about the keyvault encrypted data check mismatch and about your current nand not been zeropaired are normal, press start to continue.

    [​IMG]
    • Your FreeBoot nand will now be flashed to the console, when it has finished do as instructed and press any button to continue.
    • Now press back, then back again and your console will shutdown.
    • Unplug the power brick and leave it disconnected for two minutes.
    • Re connect the power brick, power the console on and if everything has gone ok your console should boot in to the 12611 Dash.
    You can verify the console is on the 12611 by looking in system settings, although it should be obvious it is:

    [​IMG]

    And just to prove this is a jtag, a 1tb drive in the 12611 dash:

    [​IMG]

    Thats it, good luck and if you have any questions I will do my best to answer.


    FAQ:

    How do I restore the avatars?

    Restoring the avatars is simply a case of you running the official Microsoft 12611 update, only do this after you have upgraded to the 12611 dashboard using this tutorial. If you run this on a Jtag with an earlier dashboard you will find that you no longer have a Jtag.

    The Xbox 360 Kinect Dashboard Update 2.0.12611.0 With Avatars can be downloaded here.

    Simply extract the $SystemUpdate a Fat32 formatted USB drive, there is no need to copy the default.xex to the USB drive, that can cause E71 errors if you do.

    The USB drive should look like this:

    [​IMG]

    Just insert the USB stick in to the 360 and you will be asked to update, say yes and the 360 will re start and your avatars will be restored.

    There you go, you now have the 12166 dashboard on your Jtag with working avatars.

    How do i format my USB drive to Fat 32?

    Go to My Computer, right click on the USB drive and select format

    [​IMG]

    Select Fat 32 and Default allocation size, then press start.

    [​IMG]

    I don't know if my console is an Xenon, Zypher, Falcon, Jasper 16mb, Jasper 256mb or Jasper 512mb?

    To find out simply load Flash 360 like instructed in the guide above and you will be told the revision of your 360 and the nand size

    [​IMG]

    As it says in the picture this 360 is a 512mb Jasper

    How do i find out my consoles CPU key?

    1. Connect the 360 to the TV with the Component or VGA cable (Xell / Xellous do not not work with HDMI)
    2. Power on the console with the DVD eject button
    3. Have a camera ready
    4. Wait until the fuse sets are shown
    5. Take a photo quickly as they will usually scroll off the screen fast
    6. Combine fuse sets 3 and 5 or 4 and 6, this will give you the consoles CPU key
    Fuse set example:

    [​IMG]
    (Image found on Google)

    Take line 3 and 5

    3= E42D681ED06A6D1C
    5= 1FFD8E48C56A2058

    So my CPU Key is: E42D681ED06A6D1C1FFD8E48C56A2058

    How do i obtain smc_config.bin with Ibuild?

    (I have since found it is much easier to do this with 360 Flash Tool, however as i spent a while typing that up I have moved it here)

    [*]Download Ibuild

    You must extract your original nand with Ibuild to get this

    Unzip Ibuild then open a command prompt window in that folder

    For example here I opened command prompt and navigated to the Ibuild folder on my desktop using “cd C:\Users\Matty\Desktop\ibuild”

    [​IMG]

    You need to run the following command:

    Code:
    ibuild.exe x -d temp\ -p [cpu key] -b [1bl key] 7371.bin
    So for example:

    Code:
    ibuild.exe x -d temp\ -p 13378008313500f26816F9ACF23FEEA4 -b DD88AD0C9ED669E7B56794FB68563EFA 7371.bin
    • 13378008313500f26816F9ACF23FEEA4 is the cpu key
    • DD88AD0C9ED669E7B56794FB68563EFA is the 1bl key, the same on all 360’s
    • 7371.bin is my original nand
    • temp is the name of the folder we will be extracting the original nand to
    [​IMG]


    If you look in the temp folder you should have all the files extracted from your nand, look for smc_config.bin

    [​IMG]

    Copy it to your \fbBuild_0.1\mydata folder

    [​IMG]
     

    Attached Files:

  2. MasterChief

    MasterChief Addict

    Joined:
    Sep 17, 2009
    Messages:
    743
    Likes Received:
    89
    Location:
    The Internet
    That is basically how I upgraded yesterday afternoon, very good for newbies to follow. If your new to this you should definitely end up with a working 12611 jtag.
     
  3. gomson

    gomson Member

    Joined:
    Dec 8, 2008
    Messages:
    12
    Likes Received:
    0
    Thanks for the detailed tutorial mate. Very nice...
    I have a question though...
    I have a JAsper BB jtaged with 9199 dashboard. I essentially used the aud_clamp variation from this tutorial
    Alternate JTAG SMC/Points Tutorial - Team Xecuter
    and everything works fine. What I'd like to know is... can I use Flash360 to get a backup of my current jtagged nand, extract my smc files from that and use those instead of getting the files from the original nand backup....?
     
  4. timewyrm

    timewyrm Member

    Joined:
    Mar 21, 2010
    Messages:
    5
    Likes Received:
    0
    Hi, I could really do with some help:

    I managed to get to section about "building the image to flash". Here I had a problem, something to do with smc_config.bin not being the right size (mine was only 16KB and the correct one should be 128KB ?).
    So, then I tried your method involving ibuild, but I had problems here as well with the same file (unable to determine image type).
    After some reading
    Code:
    http://forums.xbox-scene.com/index.php?s=&showtopic=712076&view=findpost&p=4681136
    I downloaded the dummy smc_config.bin and created the updflash.bin file successfully.

    What I want to know is whether using the "dummy" smc_config.bin file, will have any bad effects (i.e. brick my jtag)?
    I'd feel a lot better if I could find another way to create/extract my own correct smc_config.bin file, rather than use somebody elses.
     
  5. gomson

    gomson Member

    Joined:
    Dec 8, 2008
    Messages:
    12
    Likes Received:
    0
    I'm in the same boat as you are dude...
    I've finally decided to just wait a while till there's a proper tried and tested method of updating. i mean my jtag still works perfectly and since I don't need the dashboard update, I'll just see how things turn out...
     
  6. MasterChief

    MasterChief Addict

    Joined:
    Sep 17, 2009
    Messages:
    743
    Likes Received:
    89
    Location:
    The Internet
    You should be fine doing that, the SMC will be patched for the aud_clamp variation of the jtag hack so should work on your console.
    I have read on other forums people just dumped there freeboot 9199 nand and use it like the original nand with no problems, its going from XBR to FreeBoot back in the day that caused a lot of problems.

    The problem with using an smc_config.bin from a different console is that important configurations which are not 100% compatible with your own Xbox are being used, and your original ones are basically lost, for example, lost MAC address, lost calibration data which might lead to wrong temperature readings and more.

    It should work, but if possible you would be better off with your own.

    You could try RAW2SMC, this is a tiny utility to convert a config_raw.bin file dumped via Xellous or NandPro into a smc_config.bin file that can be used with ibuild.

    If you power the 360 on with the eject button and boot Xellous I think you can download a config_raw.bin over the network by entering the 360's IP address in to your web browser.

    Hope that helps you, good luck with upgrading.
     

    Attached Files:

  7. timewyrm

    timewyrm Member

    Joined:
    Mar 21, 2010
    Messages:
    5
    Likes Received:
    0
    Hi MasterChief, thanks for the advice.

    I've tried to connect to the 360 via my browser, but I can't. I've currently got xell running :(
     
  8. MasterChief

    MasterChief Addict

    Joined:
    Sep 17, 2009
    Messages:
    743
    Likes Received:
    89
    Location:
    The Internet
  9. timewyrm

    timewyrm Member

    Joined:
    Mar 21, 2010
    Messages:
    5
    Likes Received:
    0
    Just checked again, and I am actually running xellous (I've got the httpd). Can you access the 360 wirelessly via the network adapter, because the light on my xbox 360 wireless adapter isn't showing.

    I'm trying to access
    Code:
    http://192.168.1.99
    in firefox.
     
  10. sirleo

    sirleo Member

    Joined:
    Nov 12, 2010
    Messages:
    9
    Likes Received:
    0
    Hello, i have one question, could you to generate in a row 3 files, and then compare it?

    fbbuild.exe -c <your console revision> -d mydata updflash1.bin
    fbbuild.exe -c <your console revision> -d mydata updflash2.bin
    fbbuild.exe -c <your console revision> -d mydata updflash3.bin

    fc updflash1.bin updflash2.bin
    fc updflash1.bin updflash3.bin
    fc updflash2.bin updflash3.bin

    are the same?
     
  11. timewyrm

    timewyrm Member

    Joined:
    Mar 21, 2010
    Messages:
    5
    Likes Received:
    0
    Finally managed to do it!
    Thanks for the help MasterChief.

    I connected the 360 straight to my router, which allowed my pc to connect to it, and then I followed your advice about downloading the config_raw.bin file, and the rest is history!
     
  12. gomson

    gomson Member

    Joined:
    Dec 8, 2008
    Messages:
    12
    Likes Received:
    0
    OMG!!!!!,
    It worked!!!
    Many many thanks for this tutorial, this one was by the most easiest and well explained way of doing it that made sense and worked..
    KUDOS!!!!!

    oohh, in case anybody is wondering. what I did was use 360 flash tool to make a backup of my current working nand, the 9199 jtagged one..
    extracted the files as indicated by the tutorial from that nand backup and I followed the rest of the tutorial and voila!!
    Also, for those who were worried, is was done WITHOUT having the resistor removed or the bridge installed...

    Thanks again to InsaneNutter
     
  13. InsaneNutter

    InsaneNutter Resident Nutter Staff Member

    Joined:
    Jun 1, 2007
    Messages:
    12,386
    Likes Received:
    3,772
    Location:
    Yorkshire, England
    Glad it worked for you gosmon, I have had a few PM's from people saying that using the FreeBoot 9199 nand and not the original worked perfectly for them.

    Removing the R6T3 resistor or bridging U6T1 is not essential, however it is highly recommended as will stop your console from blowing an efuse. That would render your Jtag useless if that was to happen.

    They dont match comparing them how you say
     
  14. sirleo

    sirleo Member

    Joined:
    Nov 12, 2010
    Messages:
    9
    Likes Received:
    0
    Hello, finally I upgraded my jasper512 to 12611, step by step with your tutorial. But my first two attempts was failed with E79, because i used my original nand backup (first full dump by lpt). In the last attempt i used flashdump from freeboot 9199, and now its working well.

    Note: you need to take already patched SMC from your XBR/FreeBoot NAND working in console.

    Thanks for nice tutorial.
     
  15. MasterChief

    MasterChief Addict

    Joined:
    Sep 17, 2009
    Messages:
    743
    Likes Received:
    89
    Location:
    The Internet
    I'm not sure why everyone is having problems with the SMC from the original nand?

    I upgraded my own Jasper 512 exactly the same way Nutter did in his tutorial and everything went fine, I have also done a friends Falcon too.

    For some testing I used my SMC from Freeboot 9199 on my Jasper and that appears to work ok too... I guess it would be better for people to use SMC from Freeboot 9199 then, although I have had no problems with either...

    I did NOT use the aud-clamp Jtag variation if that helps anyone.
     
  16. Coko

    Coko New Member

    Joined:
    Nov 13, 2010
    Messages:
    2
    Likes Received:
    0
    Will this guide work with xp as I have tryed every other guide around and xp won't let it create image, I already have my backed up image as well as original.Thanks
     
  17. sirleo

    sirleo Member

    Joined:
    Nov 12, 2010
    Messages:
    9
    Likes Received:
    0
    [​IMG][​IMG]
    [​IMG][​IMG]

    I have Jasper512. The KV.bin and SMC_Config.bin are the same in all 4 nand files, but SMC.bin is different only at original nand, also has different 6BL and 7BL sections.

    Please take a screenshot from yours source nand files used for 12611, whether they have the data in sections 6BL and 7BL?

    I made jtag by this diagram:

    [​IMG]
     
  18. InsaneNutter

    InsaneNutter Resident Nutter Staff Member

    Joined:
    Jun 1, 2007
    Messages:
    12,386
    Likes Received:
    3,772
    Location:
    Yorkshire, England
    Everything is the same for me on the Original 7371, FreeBoot 9199 and FreeBoot 12611.
     

    Attached Files:

  19. timewyrm

    timewyrm Member

    Joined:
    Mar 21, 2010
    Messages:
    5
    Likes Received:
    0
    My SMC came from my xbr nand, don't know if that makes any difference (as to why it caused a problem)


    BTW, I just realised that I forgot to thank InsaneNutter for his tutorial. Seriously, it's really easy to follow and the only time I had a problem, it had nothing to do with the instructions.
    Thanks InsaneNutter!
     
  20. sirleo

    sirleo Member

    Joined:
    Nov 12, 2010
    Messages:
    9
    Likes Received:
    0
    OK, for summarizing your Original 7371 is a XBR nand backup? or backup from a new non-jtaged console from shop when you readed nand for first time ?
     

Share This Page