Jump to content

How to Dump Xbox One/Series games with GameScript and Vermintide 2. Durango Dumplings v2 (Monosodium glutamate edition)


Recommended Posts

  • Members

Credits: Big thanks to the Xbox One Research Team for finding this method. Thanks to InvoxiPlayGames for LicenseClipFinder. Thanks to the Xbox Scene Discord for all of the help😀

Compared to the Durango Dumpling V1, this method lets you dump games that are smaller than 2GB, and because we're not using temp XVDs, you also do not need to resize of the temp content partition on your Xbox. đŸ„ł

A. Preparing Warhammer Vermintide 2 Save file.

Prerequisites:

Download Dotnet 6.0 SDK x86_64 Binary for windows:

https://dotnet.microsoft.com/en-us/download/dotnet/thank-you/sdk-6.0.424-windows-x64-binaries

 

1. Extract dotnet-sdk-6.0.424-win-x64.zip to a new folder named dotnet. Move the dotnet folder to the root of your USB flash drive.

 

2. Download this XML and move to root of USB flash drive:

https://github.com/xboxoneresearch/Interop/blob/main/msbuild_tasks/mount_connectedstorage.xml

 

3. Copy this code and paste it in a file named dump.bat. Move dump.bat to the root of your USB flash drive: (credits to burninrubber0 in the Xbox Scene Discord for this code)

for /R /D %%d in (.\*) do (

mkdir D:\xb1\saves%%~pnxd

)

for /R %%f in (.\*) do (

copy %%f D:\xb1\saves%%~pnxf

)

image.png.fd45d05004d7c1d1f26d3cb41c420b49.png

4. On your Xbox, open the Game Script application, and use Collateral Damage Game Script exploit to gain reverse shell access from your PC.


 

4-1/2. To reduce the amount of "Fatal error. Internal CLR error" spam in the reverse shell (Xbox) command prompt, run this command after each Collateral Damage/GS exploit:

set DOTNET_CLI_TELEMETRY_OPTOUT=1

5. On the reverse shell on your PC, run this command:

D:\dotnet\dotnet.exe msbuild D:\mount_connectedstorage.xml

6. The output of the mount_connectedStorage.xml script will output the harddisk number (aka Harddisk#). That’s where your saves are located.

Run this command using that Harddisk# that it showed you (for ex, mine is Harddisk18):

mklink /j T:\connectedStorage "\\?\GLOBALROOT\Device\Harddisk18\Partition1\"

7. Then in the reverse shell, type in these three commands to change directory and copy your saves to your USB drive:

T:
cd connectedStorage
D:\dump.bat

 

8. Insert USB flash drive in PC. In the xb1\saves\ folder look for a folder that contains `u_####_C05F0100-EAC5-49EB-943F-1A0E3C108361`

This is the save folder for Warhammer Vermintide 2, open the folder, then open the next folder. You should see a file named with a unique id and a container file.

The file named after the unique id is the save. Open this save file in notepad.


 

9. On your pc download this Github repo: https://github.com/xboxoneresearch/LuaFFI-CE.

Open the stage1.lua in notepad, *change the IP address to your PC's IP ADDRESS*, copy everything in there, and put the code into your Vermintide 2 save (using notepad). Be sure to replace everything in the save with this code!


 

10. Put your updated save on your USB flash drive, then copy the save to where it should be in the Warhammer save folder.

Everybody's unique id will be different.

My location is: T:\connectedStorage\u_2535434839607031_C05F0100-EAC5-49EB-943F-1A0E3C108361\{F1997DC1-51FF-49CB-A9BA-59D042BB4AFB}

The command I used to copy the my save is below. Note, the name of your save file and the folder it's in will be different than mine.:

copy D:\{7621630A-3FAC-4645-8136-873124F4768C} T:\connectedStorage\u_2535434839607031_C05F0100-EAC5-49EB-943F-1A0E3C108361\{F1997DC1-51FF-49CB-A9BA-59D042BB4AFB}

Type "Yes" When Prompted to Overwrite

Part B. Dumping Game

Setting up Sharpshell and LicenseManager

To load the license in System OS, we will need Powershell on your USB flash drive.

1. Visit the SharpShell repo, https://github.com/xboxoneresearch/SharpShell. Go to “Releases”, and download the latest release.

2. Visit https://github.com/PowerShell/PowerShell/releases/tag/v7.2.3 and download “PowerShell-7.2.3-win-x64.zip”

3.Extract Sharpshell.zip and move contents to the root of USB flash drive.

4. Extract PowerShell-7.2.3-win-x64.zip, take the contents of “ PowerShell-7.2.3-win-x64” and move them to the “pwsh” folder on your usb flash drive.

5. Visit https://github.com/xboxoneresearch/Interop and download the repo (Click green “Code” button, click “Download Zip”.

6. Extract the zip, on your PC double click on “genAio.bat”. This will create various .cs files.

7. Copy license.cs to the root of your USB flashdrive.

image.png.03a628f8477871e1569e5b66a45c2c51.png

Setting up TwoDump and Stage2.lua

1. On your PC, make a new folder named “TwoDump”

2. Download the latest release of the TwoDump server, move the .exe to the “TwoDump” folder https://github.com/xboxoneresearch/LuaFFI-CE/releases

3. On your PC download stage2.lua, move the .lua file to the “TwoDump” folder https://github.com/xboxoneresearch/LuaFFI-CE/blob/main/stage2.lua

image.png.3428da00755359f7a010c55a18c0f9d4.png

4. Download and compile https://github.com/InvoxiPlayGames/LicenseClipFinder. (or use this compiled version: https://drive.google.com/file/d/1rvQWw1txtdGEiK4jn6kGKybwJGkApeup/view?usp=sharing.) (This folder can be placed anywhere on your pc).

5. Next we will get the content id and license file name for the game we’re dumping. I'll be dumping Halo 5. 

6. Copy the contents of the Clip folder from the USB flash drive, to the “Clips” folder wherever LicenseClipFinder.exe is., if you didn't backup your licenses (aka Clip folder), skip to Part C.

7. Open a CMD/Powershell window in the same folder as LicenseClipFinder.exe, and run the exe. I’m dumping Halo 5, so I copied this to use later on

“.\Clips\7faccfe0-741d-4a48-b2d6-964e86235fa5 is for product: Halo 5: Guardians ContentID: d6069d66-8c0e-4011-ac22-1894ac1f1862”


image.thumb.png.af32dc6cbfab2fc1dd220651c6335fa7.png


 

8. On your PC edit stage2.lua in Notepad.

image.png.ccd15520396a9486ad97ca879ed5c3b8.png

9. Change serverIP to IP Address of PC.

10. Edit the xvdPath to the content id of the game you want to dump. ( For ex. I’m dumping Halo 5, so the content ID in this example is d6069d66-8c0e-4011-ac22-1894ac1f1862)

11. Ensure that the vermintide2XvcPath variable is set to the content id for your Warhammer Vermintide 2. (Use license clip finder to find this).

Starting the Dumping Program(s)

The dumping programs are used via the command line interface. In the TwoDump folder that you created, right click in the empty space and click “Open in Windows Terminal” (or shift+right click and click “Open Powershell Window Here”).

We will need three Powershell/terminal windows open:
i. In one window, run:

.\nc64.exe -lvnp 8124


ii. In the 2nd window, run:

 cat .\stage2.lua | .\nc64.exe -w 1 -lvp 8123


iii. In the 3rd window run,

.\Twodump.exe

8. Go to your Xbox, and make sure the game you're dumping and Warhammer Vermintide 2 are on Internal Storage.

9. Do the GameScript exploit (collateral damage), in reverse shell on PC type in this command to start Powershell:

D:\pwsh

10. Once powershell is started, you may be in D:\pwsh instead of D:\, so type this command to go back a folder:

cd ..

11. In the reverse shell window run this command:

Add-Type -Path license.cs

12. If no errors are returned, run this command. Change the name of the license file to what LicenseClipFinder showed you earlier:

[LicenseManager]::LoadLicenseFile("S:\Clip\*NAME-OF-LICENSE-FILE*")

image.png.e85e4af37b99a05d2f6b59121276356a.png

13. Start Warhammer Vermintide 2.

11. Mash the A button through the FMV intros

12. Press A. on the title screen, then you should see the dump start in the terminal windows on your PC.

image.thumb.png.5d06ce2e57a3b67e763f6595fa150282.png

image.thumb.png.9329727cfb763ce99c16692630f26aab.png

image.thumb.png.42008b971f3d6edeea115aeea0000968.png

13. When the dump is done, it will prompt you to exit.

image.thumb.png.c49efbccea58aff646df796c6ccd6aaa.png

PART C. Backing up Licenses

Licenses are important for every title installed on your Xbox. If you do not have a license file for the app, the Xbox will not let you run it, or dump it.

1. On your Xbox, open Game Script and do the “Collateral Damage” exploit.

2. Insert USB flash drive into the Xbox.

3. In Reverse Shell on your PC, type in these two commands. One makes the Clip folder, the other copies the licenses to the USB flash drive:

mkdir D:\Clip
copy S:\Clip D:\Clip


 

License Clip Finder.rar

  • Like 2
  • Thanks 1
Link to comment
Share on other sites

  • HoRnEyDvL changed the title to How to Dump Xbox One/Series games with GameScript and Vermintide 2. Durango Dumplings v2 (Monosodium glutamate edition)

Nice tutorial, well done.

About backing up the licenses, why do we need them? Can I, for example, backup a game and it's license from my Xbox, then format the HDD of my Xbox, reinstall the OS and then restore the backup I made of the game and license, all with my Xbox offline, and in the end am I able to play the game without connecting to the internet to get a new license?

Edited by peido
extra stuff
Link to comment
Share on other sites

  • Members
1 hour ago, peido said:

Nice tutorial, well done.

About backing up the licenses, why do we need them? Can I, for example, backup a game and it's license from my Xbox, then format the HDD of my Xbox, reinstall the OS and then restore the backup I made of the game and license, all with my Xbox offline, and in the end am I able to play the game without connecting to the internet to get a new license?

Thanks! 🙂

I highly recommend having multiple backups of all your licenses (and games if possible).

Let's say you're a Series user, and you have a game installed on Internal Storage and the Expansion card. If you remove the game from Internal Storage, but leave it on the External Card, the license will be lost. And you will either have to use the Advance File Explorer Full Trust or GameScript Exploit to copy the license from the usb drive to S:\Clip.

Not sure what would happen in your hypothetical example of formatting the xbox, reinstalling the OSU, then moving the licenses back over.

  1. If you have to reset the xbox then you will be stuck in OOBE and unable to create a user account.
  2. If it's possible to install the OSU to refresh the software and keep your user, apps (i.e gamescript), and firmware then maybe? But you might lose your license to Gamescript and the only way to get it may be to connect to XBL and update, rendering GS useless.
  3. semi related According to what I heard, Gen8 xboxes store the S:\ partition for SystemOS on flash storage in the console, instead of HDD. Gen9 xbox store the S:\ Partition on the SSD. 
  • Like 1
Link to comment
Share on other sites

I see, it is useful to backup the licenses.

About the example I gave, I see now it wasn't a good example, because, like you said, how would I reinstall GameScript, and other issues...

Thanks 🙂

Edited by peido
extra stuff
Link to comment
Share on other sites

  • Members
On 9/3/2024 at 12:17 PM, didi44 said:

Warhammer 40.000: Darktide not working?

No Warhammer 40,000: Darktide will work, I think it requires an active connection to XBL to start. As of this moment, Warhammer Vermintide 2 is the only vulnerable title that will work offline.

  • Like 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...