Jump to content

Recommended Posts

Tuxuser released a new version of his (PC) python based nand extractor. It scans the Filesystem header from your dumped Xbox One Nand Flash Image and extract the files on your PC.





Following the release Log:



Xbox One NAND Filesystem tool

Parses Xbox One Nanddumps for filesystem header and extracts the binary files. It's probably not very compatible and contains bugs for sure :P


Python 3.*
Xbox One eMMC NAND Dump
Python libs: construct


nandone.py [-h] [--extract] filename


-h Help

--extract Extract found files

Example: nandone.py --extract nanddump.bin


Major rewrite
Scan for filesystem header at ?all? 3 offsets
Extract files by name


ExtractSFBXdata: Extracting the bootblock @ addr 0x0
mmap: Fixing memory issues on 32bit systems by reading in chunks
DumpSFBX: SFBX size is now read dynamically, not fixed anymore
'sfbxscan' is obsolete, that's done automatically now, if needed
XVD header gets detected and printed in info output
Filetype-magic is appended to extracted filenames
Some cleanup
Support for parsing and extracting SFBX entries
Possibility to scan for SFBX block
Additional error checking


Initial release




Source: Github.com



  • Like 4

Share this post

Link to post
Share on other sites

Yeah,it is important to bear in mind that all Nand Files are encrypted. Probably we have some options. First we attack directly the Platform Security Processor (the PSP is inside the Xbox One CPU and monitored all encryption and decryption operations of the KeyVault and the PSP stored different Keys) to get important keys for decryption, or we can Hack the Host OS (if we can escape from VM), to get directly access to the PSP via Software like Xell. If we have the decryption Keys, we can decrypt all dumped Nand Files from each Xbox One and can do nasty things.

  • Like 2

Share this post

Link to post
Share on other sites

I have a question i do APU swaps to fix xbox ones with dead apus do u need to dump the whole nand or only a part of it ? so that works on the new motherboard .



Share this post

Link to post
Share on other sites

If the south bridge is not paired it should be possible. You need a complete raw dump of your nand.


  • Like 1

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...