It would be nice to see rewards that scale with severity. Ultimately they did accomodate me by sending a gift card I can use instead of coupons I would likely have given away, so I appreciate that. Most companies don't offer me anything!
I am an experienced C# / .NET Windows desktop developer of more than 15 years with an interest in file systems, reverse-engineering, and security. Some of my recent security disclosures have been front-page news on major media outlets such as Automotive News[1] and TechCrunch[2].
Currently seeking new opportunities in the C# / .NET and/or security space.
It takes in the RSA signature, SHA data hash, and RSA key type.
Key types are: XE_PIRS_RSA_KEY = 0x0, XE_LIVEDRM_RSA_KEY = 0x1, XE_DEVICE_RSA_KEY = 0x2 (this is the Sata verification key), XE_XSIGNER2_RSA_KEY = 0x3
It uses key type to load the corresponding public key from memory at static addresses, then verification takes place.
Glad everyone enjoyed the writeup! I have several more interesting writeups planned, including a significant hack disclosure (not Xbox/gaming related), so keep an eye out (:
I worked for them a little bit and their product is really impressive and works great.
reply