I’m just going to keep guessing; it’s much easier than digging up actual, empirical data. I’m starting to come to grips with the idea that the number of valid sectors contained on a DVD disc is something that’s interpreted by the optical drive firmware and enforced by the same (as is the case for RPC-2 DVD region encoding). If that’s true, there is no point in using direct SCSI access to beg for sectors beyond the magic 6,992 limit on a standard Xbox disc. Ways around this? There’s the Xbox-Linux FTP trick alluded to in my cursory post on the matter…

Continue reading →

After yesterday’s post I received a tip that I may wish to try getting at the Xbox disc data using the low-level Linux SCSI layer– the facility commonly known as SCSI generic, or simply ‘sg’. In order to make use of this facility, it is necessary to configure your Linux kernel with the right support (CONFIG_CHR_DEV_SG, CONFIG_BLK_DEV_IDESCSI, but not CONFIG_BLK_DEV_IDECD). Download and install the SCSI generic utilities from here (which do not compile on my AMD64 machine; fortunately, the x86-compiled utilities and associated shared library drop into the system perfectly). There are about 30 little sg* utilities in the package. One that caught my attention was sg_dd– your typical ‘dd’ Unix command, but for interacting with a SCSI device. I tested it out on a typical Xbox DVD:

$ sudo sg_dd if=/dev/sg0 of=dvd bs=2048 bpt=1 count=20
20+0 records in
20+0 records out

And, indeed, the beginning of the disc has the markings of a typical DVD filesystem. So let’s try to read beyond the 6,992-sector limit on a standard Xbox disc:

$ sudo sg_dd if=/dev/sg0 of=dvd bs=2048 bpt=1 count=2 skip=6991
reading: SCSI status: Check Condition
 Fixed format, current;  Sense key: Illegal Request
 Additional sense: Logical block address out of range

 Raw sense data (in hex):
        70 00 05 00 00 00 00 0a  00 00 00 00 21 00 00 00
        00 00
plus...: Driver_status=0x08 [DRIVER_SENSE, SUGGEST_OK]
sg_read failed, seek=1
Some error occurred,  remaining block count=1
1+0 records in
1+0 records out

I had to deal with all this SCSI nonsense in a previous life and I admit that this output is conjuring some sour memories. Anyway, it seems that the stock sg_dd command can not read beyond what the DVD header structure ostensibly reports as the size of the disc. There are a number of other utilities I need to investigate for potential. Failing that, it’s possible — with at least a modicum of effort — to program the sg layer. There may yet be a solution.

Related posts:

• Xbox Media Redux
• Studying Xbox Multimedia

Pursuant to my post last week regarding Xbox media, I received some suggestions to throw some leading Windows utilities at the problem, notably Nero and IsoBuster. They both report the same as my results in Linux.

IsoBuster:

Nero:

I’m sure there were a lot of people out there who already knew this stuff. But it’s hard to find specifics on the internet (sort of like heavy technical details of reverse engineering).

…at least, that’s what I would like to do. I bought a used Xbox game nearly 2 years ago with the intention of opening up the disc and studying the contents for interesting multimedia formats. I picked up a few more titles some months ago because I heard these games had some unique multimedia targets. Today, close to 5 years after the Xbox’s initial launch, I tried to examine the disc contents. I ran into a few problems.

I had always heard that Xbox discs have a standard DVD-video structure at the front in order to accommodate the eventuality that the disc may be placed into a standard DVD player. Sure enough, treating the disc like a DVD shows a 13-second, totally X-treme Xbox video followed by a still screen instructing the user, in several languages, to play the disc in the proper game console.

If you use standard CD/DVD system tools to study the Xbox disc, it will be reported as having 6,992 2048-byte sectors, a little over 14 megabytes of DVD-video data. This page on Xbox-Linux describes the Xbox DVD filesystem (XDVDFS) format. However, the markers discussed in that document (“MICROSOFT*XBOX*MEDIA”) do not occur in this 14-megabyte data segment. I imagine the game data starts immediately after this segment. As the document explains, the Xbox DVDs have a fraudulent TOC which tells standard DVD-ROM drives that the disc is much shorter than it actually is. Trying to seek past that point manually just results in an unceremonious EOF.

A brief perusal of BitTorrent sites reveals that many people have absolutely no trouble ripping Xbox games for the purpose of distribution. How do they do it? Apparently, by modding an Xbox, running Linux on it, logging into the Xbox, loading a game disc into the Xbox’s drive, FTP’ing to another computer, and reading the raw game sectors from the disc using the Xbox’s drive, which apparently uses a different set of rules for reading. Not being in possession of an Xbox and having no desire to invest in one at this time, I am at a bit of a loss to study these discs, unless there is a solution I am overlooking.

Based on the filesystem format doc, I am quite confident I could write a FUSE module for browsing the filesystem in short order, based largely on my gcfuse code.