XBFLASH - utility to unpack/repack Xbox Flash BIOS images.

The primary reason for this utility is for the purpose of writing 
interoperable software under Sect. 1201 (f) Reverse Engineering exception 
of the DMCA.

For details on the data structures of the Xbox Flash image, see article
at:

    http://xbox-linux.sourceforge.net/articles.php?aid=1&sub=Flash%20structures


Building the project:
---------------------

To build: Use MS Visual Studio 6.x.  You'll also need the Microsoft
"cabinet sdk" (for compress/decompress).  This can be downloaded from
the following address:

	http://msdn.microsoft.com/library/en-us/dnsamples/cab-sdk.exe

I built the project in "c:\projects\xbflash", and had the MS cab SDK
installed in "c:\ms cabinet sdk".  You may need to change the project
setting if you use different directory paths.


To use:
-------

	First, you will need the RC4 key used to decrypt the Xbox's 2BL (secondary
boot loader).  This key is stored in the 'hidden' MCPX ROM.  Without this key,
you won't be able to do anything with this utility.  I cannot tell you how to
find this key (nor will I give it to you).  I assume that if you're patching 
your OS, you probably have the skills to get the key yourself.

1. Start with an existing ROM image - NOTE: Config file only knows
   about 'rev1.0' Xbox Flash/Kernel - I don't know if it'll deal
   with newer kernel or 'patched' ROMs.

2. Modify 'xbflash.ini' to contain a valid RC4 key

3. To 'unpack' the ROM into component pieces, type the following
   command:

       xbflash -unpack xbflash.ini infile.rom outdirname

   This will ready 'infile.rom', and create 3 files inside the
   directory 'outdirname':

       outdirname/2bl.img - Decrypted 'bootloader2'
       outdirname/xboxkrnl.img - Decrypted/decompressed Kernel
       outdirname/remainder.img - Remainder of input .rom file

4. Make any changes you want to '2bl.img'/'xboxkrnl.img', and any
   x-code change to 'remainder.img'

5. To re-pack, run the following command:

       xbflash -pack xbflash.ini indirname outfile.rom

   This will take the component files from the directory 'indirname',
   compress/encrypt them, generate the correct SHA-1 hash, and
   write an 'outfile.rom'.

Licensing/copyrights:
---------------------
sha-1, rc4 functions are Copyright (C) 1995-1997 Eric Young.  They come from
	the 'cryptlib3.0' library, which can be found at:

		http://www.cs.auckland.ac.nz/~pgut001/cryptlib/download.html

	The license (found at the above site) is GPL-compatible

All other files are Copyright (C) 2002 Paul Bartholomew, and are released under
the GNU General Public License.  See "COPYING.txt" for more information.
