Can the BD-JB Blu-ray Disc Java Sandbox Escape by TheFlow be used on the xbox one

[XboxModder2]

Because BD-J is not an exploit. It's a feature of the Bluray standard. Easiest way I can try explain is imagine you have BD-J which is like 10% of the system's functionality unlocked (But planned like that by Sony/Microsoft/etc). BD-JB exploits the already unlocked 10% to unlock an extra 40% of that functionality, which is the exploit part of this all. (The percentages are just arbitrary numbers with no real meaning other than to portray my point.)

The names do cause a lot of confusion, but there is a big difference between the two.

Ah alright, so lets say i wanna look for vulns considering we already have the binaries with dev mode and everyone, where do i start looking, or rather how

 

[Tomato123]

Ah alright, so lets say i wanna look for vulns considering we already have the binaries with dev mode and everyone, where do i start looking, or rather how

If your entry point is via BD-J, then you need to look at the java environment which is running on the Xbox. I don't own an Xbox One anymore so unfortunately I can't give any detailed info.

 

[XboxModder2]

If your entry point is via BD-J, then you need to look at the java environment which is running on the Xbox. I don't own an Xbox One anymore so unfortunately I can't give any detailed info.

Alright thank you!

 

[Torus]

Basically what @Tomato123 said:

• BD-J: Feature that consists in basically including very limited Java code in BluRay discs, for the readers to execute. This code is, again, Java bytecode, not native bytecode. In other words, it runs in a (sort of) VM. And has a very limited set of capabilities. All modern consoles support this (xbox one, xbox series X presumably - i have not tested it and I'm not interested in researching the Series X/S -, PS3, PS4 and PS5)
• BD-JB: Name of the exploit for the BD-J implementation of the PS4/PS5. Very surely, the same vulnerability does not exist in the Xbox one.

Looking for vulns @brouh :

BD-JB in the PS4/PS5 basically manages to "escape" the VM that executes the Java code, and (without going into details) gets to run native code. Then it also exploits a kernel vulnerability to gain more privileges if I recall correctly.

What I was suggesting in earlier posts is that, the VM application in the Xbox One, which executes the Java code, could theoretically have vulnerabilities. Hence it would be interesting to investigate. But that application is not the same one that runs on the PS4/PS5, it is probably a custom one made by Microsoft for the Xbox one. So the vulns (if any) would be different.

You'll likely need to do static reverse engineering of that application, using tools like Ghidra, IDA Pro, or radare2.
To do that, you first also need to find the application itself in your devmode console, and extract it to your PC. Where can you find the binary in charge of executing BD-J in the xbox one? Honestly no idea. I took a quick look at the drivers in C:\Windows\System32 in the Xb1 to see if I could quickly identify something related to ODD, BD, BluRay but I saw nothing. I'll let you know if I stumble upon it, or, if someone knows where to look into, don't hesitate to share w/ all of us

 

[XboxModder2]

Basically what @Tomato123 said:

• BD-J: Feature that consists in basically including very limited Java code in BluRay discs, for the readers to execute. This code is, again, Java bytecode, not native bytecode. In other words, it runs in a (sort of) VM. And has a very limited set of capabilities. All modern consoles support this (xbox one, xbox series X presumably - i have not tested it and I'm not interested in researching the Series X/S -, PS3, PS4 and PS5)
• BD-JB: Name of the exploit for the BD-J implementation of the PS4/PS5. Very surely, the same vulnerability does not exist in the Xbox one.

Looking for vulns @brouh :

BD-JB in the PS4/PS5 basically manages to "escape" the VM that executes the Java code, and (without going into details) gets to run native code. Then it also exploits a kernel vulnerability to gain more privileges if I recall correctly.

What I was suggesting in earlier posts is that, the VM application in the Xbox One, which executes the Java code, could theoretically have vulnerabilities. Hence it would be interesting to investigate. But that application is not the same one that runs on the PS4/PS5, it is probably a custom one made by Microsoft for the Xbox one. So the vulns (if any) would be different.

You'll likely need to do static reverse engineering of that application, using tools like Ghidra, IDA Pro, or radare2.
To do that, you first also need to find the application itself in your devmode console, and extract it to your PC. Where can you find the binary in charge of executing BD-J in the xbox one? Honestly no idea. I took a quick look at the drivers in C:\Windows\System32 in the Xb1 to see if I could quickly identify something related to ODD, BD, BluRay but I saw nothing. I'll let you know if I stumble upon it, or, if someone knows where to look into, don't hesitate to share w/ all of us

I do think @Mezone0 on twitter is the guy that knows where to look, he shared this 11 months ago

Not sure if he's still active though