<?php
/* Xbox 360 Xval Decryption
 * Ported to PHP (from C#) by Brandon Wilson
 * Ported to C# (from...something) by CLK
 * Original code by Redline99: http://www.xboxhacker.org/index.php?topic=16401.msg125000#msg125000
 */ 
 
function decryptXValue($serial, $xval)
{
	$deskey = @substr(@hash_hmac("sha1", "XBOX360SSB", $serial."\0", TRUE), 0, 8);
	$result = @unpack("N*", @mcrypt_decrypt(MCRYPT_DES, $deskey, @pack("H*", @strtoupper($xval)),
		MCRYPT_MODE_CBC, @str_repeat("\0", @mcrypt_get_iv_size(MCRYPT_DES, MCRYPT_MODE_CBC))));
	$flags = ($result[1] << 32) | $result[2];
 
	return $flags;
}
 
function addFlag($flag, $description)
{
	echo "<TR><TD><FONT COLOR=\"red\"><B>".$flag."</B></FONT></TD><TD>".$description."</TD></TR>";
}
 
function displayInfo()
{
?>
	<P><H3>Xbox 360 X Value Decrypter/Parser</H3></P>
	<P>This is a simple mobile-friendly page that can show you the meaning of the encrypted "X value" from your Xbox 360 dashboard's "Console Information" screen.</P>
	<P>Just enter your console serial number and the X value displayed in the dashboard (you can omit any dashes) and it'll show you whether you've been flagged for various Xbox Live ban-worthy events.</P>
	<P>If your console has been flagged, <B>don't ask me, I can't help you</B> -- I just threw this up for convenience (for example, if you are out and about and need to check from your phone whether a potential used console purchase is worth it (or whatever other use you can think of)).</P>
	<P>Do you not trust me not to do evil things with your console serial number, or do you just want to host this yourself (or see how it's done)? <A HREF="view.php">Click here to view the entire source</A>.</P>
	<P>All credit goes to people in the Xbox 360 scene (CLK, Redline99, etc.), I had nothing to do with anything, just saw some code and ported it to PHP -- but if you want to contact me, <A HREF="mailto:brandonlw@gmail.com">go right ahead</A>.</P>
	<P>My understanding is that there's now an "S value" and other stuff that probably obsoletes this, but hopefully it helps somebody out.</P>
	<P>Want to test this out but don't want to use your personal information? Use these very public test cases from Google Images (if you recognize these numbers, shame on you):<BR />024025192407/B055-CB85-949B-0AB1<BR />306170493905/063C-7513-583D-C95D</P>
<?php
}
 
function displayResults()
{
	define(FLAG_SSB_NONE,                       0x0000);
	define(FLAG_SSB_AUTH_EX_FAILURE,            0x0001);
	define(FLAG_SSB_AUTH_EX_NO_TABLE,           0x0002);
	define(FLAG_SSB_AUTH_EX_RESERVED,           0x0004);
	define(FLAG_SSB_INVALID_DVD_GEOMETRY,       0x0008);
	define(FLAG_SSB_INVALID_DVD_DMI,            0x0010);
	define(FLAG_SSB_DVD_KEYFAULT_PAIR_MISMATCH, 0x0020);
	define(FLAG_SSB_CRL_DATA_INVALID,           0x0040);
	define(FLAG_SSB_CRL_CERTIFICATE_REVOKED,    0x0080);
	define(FLAG_SSB_UNAUTHORIZED_INSTALL,       0x0100);
	define(FLAG_SSB_KEYVAULT_POLICY_VIOLATION,  0x0200);
	define(FLAG_SSB_CONSOLE_BANNED,             0x0400);
	define(FLAG_SSB_ODD_VIOLATION,              0x0800);
 
	$serial = strtoupper(ereg_replace("[^A-Za-z0-9]", "", strip_tags($_POST['ConsoleSerial'])));
	$xval = strtoupper(ereg_replace("[^A-Za-z0-9]", "", strip_tags($_POST['XValue'])));
	$flags = decryptXValue($serial, $xval);
 
	echo "Decrypted X value is: <B>".sprintf("0x%08X", $flags)."</B><BR /><BR />";
	if ($flags == FLAG_SSB_NONE)
	{
		echo "<FONT COLOR=\"green\"><B>Secdata is clean!</B></FONT>";
	}
	else if ($flags == 0xFFFFFFFFFFFFFFFF)
	{
		echo "<FONT COLOR=\"red\"><B>Secdata is invalid (all 0xFF)!</B></FONT>";
	}
	else if (($flags >> 32) != 0)
	{
		echo "<FONT COLOR=\"red\"><B>Secdata decryption error!</B></FONT>";
	}
	else
	{
		echo "<TABLE BORDER=\"1\">";
		if ($flags & FLAG_SSB_AUTH_EX_FAILURE)
			addFlag("FLAG_SSB_AUTH_EX_FAILURE", "AuthEx Challenge Failure (AP25)");
		if ($flags & FLAG_SSB_AUTH_EX_NO_TABLE)
			addFlag("FLAG_SSB_AUTH_EX_NO_TABLE", "AuthEx Table Missing");
		if ($flags & FLAG_SSB_AUTH_EX_RESERVED)
			addFlag("FLAG_SSB_AUTH_EX_RESERVED", "AuthEx Reserved Flag");
		if ($flags & FLAG_SSB_INVALID_DVD_GEOMETRY)
			addFlag("FLAG_SSB_INVALID_DVD_GEOMETRY", "Invalid DVD Geometry");
		if ($flags & FLAG_SSB_INVALID_DVD_DMI)
			addFlag("FLAG_SSB_INVALID_DVD_DMI", "Invalid DVD DMI");
		if ($flags & FLAG_SSB_DVD_KEYFAULT_PAIR_MISMATCH)
			addFlag("FLAG_SSB_DVD_KEYVAULT_PAIR_MISMATCH", "DVD Keyvault Pair Mismatch");
		if ($flags & FLAG_SSB_CRL_DATA_INVALID)
			addFlag("FLAG_SSB_CRL_DATA_INVALID", "Invalid CRL Data");
		if ($flags & FLAG_SSB_CRL_CERTIFICATE_REVOKED)
			addFlag("FLAG_SSB_CRL_CERTIFICATE_REVOKED", "CRL Certificate Revoked");
		if ($flags & FLAG_SSB_UNAUTHORIZED_INSTALL)
			addFlag("FLAG_SSB_UNAUTHORIZED_INSTALL", "Unauthorized Install");
		if ($flags & FLAG_SSB_KEYVAULT_POLICY_VIOLATION)
			addFlag("FLAG_SSB_KEYVAULT_POLICY_VIOLATION", "Keyvault Policy Violation");
		if ($flags & FLAG_SSB_CONSOLE_BANNED)
			addFlag("FLAG_SSB_CONSOLE_BANNED", "Console Banned");
		if ($flags & FLAG_SSB_ODD_VIOLATION)
			addFlag("FLAG_SSB_ODD_VIOLATION", "ODD Violation");
		if ($flags & 0xFFFFF000)
			addFlag(sprintf("0x%08X", $flags & 0xFFFFF000), "Unknown Violation(s)");
		echo "</TABLE>";
	}
 
	echo "<P><A HREF=\"index.php\">Return</A></P>";
}
 
	echo "<HTML><HEAD>";
	echo "<TITLE>Xbox 360 - Check X Value Flags</TITLE>";
	echo "</HEAD><BODY STYLE=\"font-family: Verdana\">";
 
	displayInfo();
	if ($_POST['submit'] == "Display")
	{
		displayResults();
	}
	else
	{
?>
	<FORM METHOD="post" ACTION="index.php">
		<TABLE>
			<TR><TD>Console Serial Number:</TD><TD><INPUT TYPE="text" NAME="ConsoleSerial" /></TD></TR>
			<TR><TD>Console X Value:</TD><TD><INPUT TYPE="text" NAME="XValue" /></TD></TR>
			<TR><TD COLSPAN="2"><INPUT TYPE="submit" NAME="submit" VALUE="Display" /></TD></TR>
		</TABLE>
	</FORM>
<?php
	}
 
	echo "</BODY></HTML>";
?>