[Script Info]
Title: 
[Events]
Format: Layer, Start, End, Style, Name, MarginL, MarginR, MarginV, Effect, Text
Dialogue: 0,0:00:00.00,0:00:12.71,Default,,0000,0000,0000,,{\i1}rC3 Opening Music{\i0}
Dialogue: 0,0:00:12.71,0:00:19.34,Default,,0000,0000,0000,,Herald: So about our next speaker. He's a\Nsecurity researcher focused on embedded
Dialogue: 0,0:00:19.34,0:00:26.50,Default,,0000,0000,0000,,systems, secure communications and mobile\Nsecurity. He was nominated by
Dialogue: 0,0:00:26.50,0:00:39.94,Default,,0000,0000,0000,,Forbes for the 30 under 30 in technology\Nand also has won a OWASP Appsec CTF.
Dialogue: 0,0:00:39.94,0:00:46.79,Default,,0000,0000,0000,,He has also found and disclosed responsibly\Nmultiple vulnerabilities. And especially
Dialogue: 0,0:00:46.79,0:00:52.28,Default,,0000,0000,0000,,for you Nintendo aficionados I want you to\Nwatch out for the next intro, which is
Dialogue: 0,0:00:52.28,0:00:56.27,Default,,0000,0000,0000,,really amazing and you will all love.\NThank you very much.
Dialogue: 0,0:00:56.30,0:01:00.82,Default,,0000,0000,0000,,{\i1}shows nintendo cartridge{\i0}
Dialogue: 0,0:01:00.82,0:01:06.06,Default,,0000,0000,0000,,{\i1}plugs cartridge{\i0}
Dialogue: 0,0:01:09.53,0:01:10.53,Default,,0000,0000,0000,,{\i1}nintendo start sound plays{\i0}
Dialogue: 0,0:01:10.53,0:01:14.85,Default,,0000,0000,0000,,Thomas: Oh, damn it.\N{\i1}retrieves cartridge{\i0}
Dialogue: 0,0:01:14.85,0:01:19.98,Default,,0000,0000,0000,,{\i1}blows into cartridge{\i0}\N{\i1}plugs cartridge again{\i0}
Dialogue: 0,0:01:22.15,0:01:23.45,Default,,0000,0000,0000,,{\i1}nintendo start sound plays{\i0}
Dialogue: 0,0:01:26.24,0:01:29.42,Default,,0000,0000,0000,,{\i1}music plays{\i0}
Dialogue: 0,0:02:52.81,0:02:56.10,Default,,0000,0000,0000,,Thomas Roth: Uff, what a trip.\NWelcome to my talk on
Dialogue: 0,0:02:56.10,0:03:00.81,Default,,0000,0000,0000,,hacking the new Nintendo Game & Watch\NSuper Mario Brothers. My name is Thomas
Dialogue: 0,0:03:00.81,0:03:05.29,Default,,0000,0000,0000,,Roth and I'm a security researcher and\Ntrainer from Germany. And you can find me
Dialogue: 0,0:03:05.29,0:03:10.72,Default,,0000,0000,0000,,on Twitter at @ghidraninja and also on\NYouTube at stacksmashing. Now, this year
Dialogue: 0,0:03:10.72,0:03:16.44,Default,,0000,0000,0000,,marks the 35th anniversary of our favorite\Nplumber, Super Mario And to celebrate
Dialogue: 0,0:03:16.44,0:03:20.70,Default,,0000,0000,0000,,that, Nintendo launched a new game console\Ncalled the Nintendo Game & Watch Super
Dialogue: 0,0:03:20.70,0:03:26.67,Default,,0000,0000,0000,,Mario Brothers. The console is lightweight\Nand looks pretty nice, and it comes
Dialogue: 0,0:03:26.67,0:03:31.86,Default,,0000,0000,0000,,preinstalled with three games and also\Nthis nice animated clock. The three games
Dialogue: 0,0:03:31.86,0:03:36.92,Default,,0000,0000,0000,,are Super Mario Brothers, the original NES\Ngame, Super Mario Brothers 2 The Lost
Dialogue: 0,0:03:36.92,0:03:44.83,Default,,0000,0000,0000,,Levels and also a reinterpretation of an\Nold Game & Watch game called Ball. Now, as
Dialogue: 0,0:03:44.83,0:03:49.94,Default,,0000,0000,0000,,you probably know, this is not the first\Nretro console that Nintendo released. In
Dialogue: 0,0:03:49.94,0:03:57.40,Default,,0000,0000,0000,,2016, they released the NES Classic and\N2017 they released the SNES Classic. Now,
Dialogue: 0,0:03:57.40,0:04:01.73,Default,,0000,0000,0000,,these devices were super popular in the\Nhomebrew community, because they make it
Dialogue: 0,0:04:01.73,0:04:05.78,Default,,0000,0000,0000,,really easy to add additional ROMs to it.\NThey make it really easy to modify the
Dialogue: 0,0:04:05.78,0:04:10.54,Default,,0000,0000,0000,,firmware and so on. And you can basically\Njust plug them into your computer, install
Dialogue: 0,0:04:10.54,0:04:14.96,Default,,0000,0000,0000,,a simple software and you can do whatever\Nyou want with them. The reason for that is
Dialogue: 0,0:04:14.96,0:04:21.14,Default,,0000,0000,0000,,that they run Linux and have a pretty\Npowerful ARM processor on the inside. And
Dialogue: 0,0:04:21.14,0:04:27.36,Default,,0000,0000,0000,,so it's really a nice device to play with\Nand so on. And so when Nintendo announced
Dialogue: 0,0:04:27.36,0:04:31.65,Default,,0000,0000,0000,,this new console, a lot of people were\Nhoping for a similar experience of having
Dialogue: 0,0:04:31.65,0:04:38.81,Default,,0000,0000,0000,,a nice mobile home brew device. Now, if\Nyou were to make a Venn diagram of some of
Dialogue: 0,0:04:38.81,0:04:43.10,Default,,0000,0000,0000,,my biggest interests, you would have\Nreverse engineering, hardware hacking and
Dialogue: 0,0:04:43.10,0:04:48.54,Default,,0000,0000,0000,,retro computing. And this new Game & Watch\Nfits right in the middle of that. And so
Dialogue: 0,0:04:48.54,0:04:52.92,Default,,0000,0000,0000,,when it was announced on the 3rd of\NSeptember, I knew that I needed to have
Dialogue: 0,0:04:52.92,0:04:58.93,Default,,0000,0000,0000,,one of those. And given how hard the NES\Nand SNES classic were to buy for a while,
Dialogue: 0,0:04:58.93,0:05:03.39,Default,,0000,0000,0000,,I preordered it on like four or five\Ndifferent sites, a couple of which got
Dialogue: 0,0:05:03.39,0:05:09.47,Default,,0000,0000,0000,,canceled. But I was pretty excited, because\NI had three preorders and was supposed to
Dialogue: 0,0:05:09.47,0:05:15.38,Default,,0000,0000,0000,,ship on the 13th of November. And so I was\Nreally looking forward to this. And I was
Dialogue: 0,0:05:15.38,0:05:19.91,Default,,0000,0000,0000,,having breakfast on the 12th of November,\Nwhen suddenly the doorbell rang and DHL
Dialogue: 0,0:05:19.91,0:05:25.73,Default,,0000,0000,0000,,delivered me the new Game & Watch one day\Nbefore the official release. Now, at that
Dialogue: 0,0:05:25.73,0:05:30.30,Default,,0000,0000,0000,,point in time, there was no technical\Ninformation available about the device
Dialogue: 0,0:05:30.30,0:05:35.45,Default,,0000,0000,0000,,whatsoever. Like, if you searched for Game\N& Watch on Twitter, you would only find
Dialogue: 0,0:05:35.45,0:05:40.68,Default,,0000,0000,0000,,denouncements or maybe a picture of the\Nbox of someone who also received it early.
Dialogue: 0,0:05:40.68,0:05:44.90,Default,,0000,0000,0000,,But there were no teardowns, no pictures\Nof the insides and most importantly,
Dialogue: 0,0:05:44.90,0:05:50.32,Default,,0000,0000,0000,,nobody had hacked it yet. And this gave\Nme, as a hardware hacker, the kind of
Dialogue: 0,0:05:50.32,0:05:55.67,Default,,0000,0000,0000,,unique opportunity to potentially be the\Nfirst one to hack a new Nintendo console.
Dialogue: 0,0:05:55.67,0:06:00.20,Default,,0000,0000,0000,,And so I just literally dropped everything\Nelse I was doing and started investigating
Dialogue: 0,0:06:00.20,0:06:05.95,Default,,0000,0000,0000,,the device. Now, I should say that\Nnormally I stay pretty far away from any
Dialogue: 0,0:06:05.95,0:06:11.46,Default,,0000,0000,0000,,new console hacking. Mainly, because of the\Npiracy issues. I don't want to enable
Dialogue: 0,0:06:11.46,0:06:18.93,Default,,0000,0000,0000,,piracy. I don't want to deal with piracy.\NAnd I don't want to build tools that
Dialogue: 0,0:06:18.93,0:06:23.93,Default,,0000,0000,0000,,enable other people to pirate stuff,\Nbasically. But given that on this device,
Dialogue: 0,0:06:23.93,0:06:28.90,Default,,0000,0000,0000,,you cannot buy any more games and that all\Nthe games, that are on there, were basically
Dialogue: 0,0:06:28.90,0:06:33.84,Default,,0000,0000,0000,,already released over 30 years ago. I was\Nnot really worried about piracy and felt
Dialogue: 0,0:06:33.84,0:06:39.45,Default,,0000,0000,0000,,pretty comfortable in sharing all the\Nresults of the investigation and also
Dialogue: 0,0:06:39.45,0:06:44.49,Default,,0000,0000,0000,,the... basically the issues we found that\Nallowed us to customize the device and so
Dialogue: 0,0:06:44.49,0:06:49.39,Default,,0000,0000,0000,,on. And in this talk, I want to walk you\Nthrough, how we managed to hack the device
Dialogue: 0,0:06:49.39,0:06:54.93,Default,,0000,0000,0000,,and how you can do it at home using\Nrelatively cheap hardware. And, yeah, hope
Dialogue: 0,0:06:54.93,0:07:03.04,Default,,0000,0000,0000,,you enjoy it. Now, let's start by looking\Nat the device itself. The device is
Dialogue: 0,0:07:03.04,0:07:08.47,Default,,0000,0000,0000,,pretty lightweight and comes with a nicely\Nsized case. And so it really... for me, it
Dialogue: 0,0:07:08.47,0:07:14.89,Default,,0000,0000,0000,,sits really well in my hand. And it has a\Nnice 320 by 240 LCD display, a d-pad, A
Dialogue: 0,0:07:14.89,0:07:19.53,Default,,0000,0000,0000,,and B buttons and also three buttons to\Nswitch between the different game modes.
Dialogue: 0,0:07:19.53,0:07:23.94,Default,,0000,0000,0000,,On the right side we also have the power\Nbutton and the USB-C port. Now, before you
Dialogue: 0,0:07:23.94,0:07:28.64,Default,,0000,0000,0000,,get excited about the USB port, I can\Nalready tell you that unfortunately,
Dialogue: 0,0:07:28.64,0:07:33.03,Default,,0000,0000,0000,,Nintendo decided to not connect the data\Nlines off the USB port. And so you can
Dialogue: 0,0:07:33.03,0:07:38.55,Default,,0000,0000,0000,,really only use it for charging. Also,\Nbecause we are talking about Nintendo
Dialogue: 0,0:07:38.55,0:07:43.98,Default,,0000,0000,0000,,here, they use their proprietary tri-point\Nscrews on the device. And so to open it
Dialogue: 0,0:07:43.98,0:07:48.73,Default,,0000,0000,0000,,up, you need one of those special tri-\Npoint bits. Luckily, nowadays, most bit
Dialogue: 0,0:07:48.73,0:07:54.12,Default,,0000,0000,0000,,sets should have them, but it still would\Nsuck, if you order your unit and then you
Dialogue: 0,0:07:54.12,0:07:59.64,Default,,0000,0000,0000,,can't open it up, because you're missing a\Nscrewdriver. After opening it up, the
Dialogue: 0,0:07:59.64,0:08:03.78,Default,,0000,0000,0000,,first thing you probably notice is the\Nbattery. And if you've ever opened up a
Dialogue: 0,0:08:03.78,0:08:07.60,Default,,0000,0000,0000,,Nintendo switch joycon before, you might\Nrecognize the battery, because it's the
Dialogue: 0,0:08:07.60,0:08:12.73,Default,,0000,0000,0000,,exact same one that's used in the joycons.\NThis is very cool, because if down the
Dialogue: 0,0:08:12.73,0:08:16.53,Default,,0000,0000,0000,,line, like, let's say in two or three\Nyears, your battery of your Game & Watch
Dialogue: 0,0:08:16.53,0:08:20.65,Default,,0000,0000,0000,,dies, you can just go and buy a joycon\Nbattery, which you can have really
Dialogue: 0,0:08:20.65,0:08:26.52,Default,,0000,0000,0000,,cheaply, almost anywhere. Next to the\Nbattery, on the right side, we have a
Dialogue: 0,0:08:26.52,0:08:32.35,Default,,0000,0000,0000,,small speaker which is not very good. And\Nunderneath we have the main PCB with the
Dialogue: 0,0:08:32.35,0:08:37.51,Default,,0000,0000,0000,,processor, all the storage and so on and\Nso forth. Let's take a look at those. Now,
Dialogue: 0,0:08:37.51,0:08:44.78,Default,,0000,0000,0000,,the main processor of the device is an\NSTM32H7B0. This is a Cortex M7 from
Dialogue: 0,0:08:44.78,0:08:53.20,Default,,0000,0000,0000,,STMicroelectronics with 1.3 MB of RAM and\N128 kB of flash. It runs at 280 MHz and is
Dialogue: 0,0:08:53.20,0:08:59.46,Default,,0000,0000,0000,,a pretty beefy microcontroller. But it's\Nmuch less powerful than the processor in
Dialogue: 0,0:08:59.46,0:09:03.86,Default,,0000,0000,0000,,the NES or SNES classic. Like this\Nprocessor is really just a microcontroller
Dialogue: 0,0:09:03.86,0:09:09.26,Default,,0000,0000,0000,,and so it can't run Linux. It can't run,\Nlet's say, super complex software. Instead
Dialogue: 0,0:09:09.26,0:09:14.17,Default,,0000,0000,0000,,it'll be programed in some bare metal\Nway. And so we will have a bare metal
Dialogue: 0,0:09:14.17,0:09:20.58,Default,,0000,0000,0000,,firmware on the device. To the right of\Nit, you can also find a 1 MB SPI flash.
Dialogue: 0,0:09:20.58,0:09:26.18,Default,,0000,0000,0000,,And so overall, we have roughly 1.1 MB of\Nstorage on the device. Now, most
Dialogue: 0,0:09:26.18,0:09:31.28,Default,,0000,0000,0000,,microcontrollers or basically all\Nmicrocontrollers have a debugging port.
Dialogue: 0,0:09:31.28,0:09:36.37,Default,,0000,0000,0000,,And if we take a look at the PCB, you can\Nsee that there are five unpopulated
Dialogue: 0,0:09:36.37,0:09:40.98,Default,,0000,0000,0000,,contacts here. And if you see a couple of\Ncontacts, that are not populated close to
Dialogue: 0,0:09:40.98,0:09:47.51,Default,,0000,0000,0000,,your CPU, it's very likely, that it's the\Ndebugging port. And luckily, the datasheet
Dialogue: 0,0:09:47.51,0:09:54.45,Default,,0000,0000,0000,,for the STM32 is openly available. And so\Nwe can check the pinouts in the datasheet
Dialogue: 0,0:09:54.45,0:09:59.05,Default,,0000,0000,0000,,and then use a multimeter to to see\Nwhether these pins are actually the
Dialogue: 0,0:09:59.05,0:10:04.50,Default,,0000,0000,0000,,debugging interface. And turns out they\Nactually are. And so we can find the SWD
Dialogue: 0,0:10:04.50,0:10:11.63,Default,,0000,0000,0000,,debugging interface as well as Vcc and\Nground exposed on these pins. Now this
Dialogue: 0,0:10:11.63,0:10:16.78,Default,,0000,0000,0000,,means that we can use a debugger. So, for\Nexample, a J-link or ST-link or whatever
Dialogue: 0,0:10:16.78,0:10:21.98,Default,,0000,0000,0000,,to connect to the device. And because the\Nthe contacts are really easy to access,
Dialogue: 0,0:10:21.98,0:10:25.87,Default,,0000,0000,0000,,you don't even have to solder. You can\Njust hook up a couple of test pins and
Dialogue: 0,0:10:25.87,0:10:32.60,Default,,0000,0000,0000,,they will allow you to easily hook-up\Nyour debugger. Now, the problem is, on most
Dialogue: 0,0:10:32.60,0:10:36.90,Default,,0000,0000,0000,,devices, the debugging interface will be\Nlocked during manufacturing, this is done
Dialogue: 0,0:10:36.90,0:10:42.55,Default,,0000,0000,0000,,to prevent people like us to basically do\Nwhatever with the device and to prevent us
Dialogue: 0,0:10:42.55,0:10:47.45,Default,,0000,0000,0000,,from being able to dump the firmware,\Npotentially reflash it and so on. And so I
Dialogue: 0,0:10:47.45,0:10:52.19,Default,,0000,0000,0000,,was very curious to see, whether we can\Nactually connect to the debugging port.
Dialogue: 0,0:10:52.19,0:10:56.09,Default,,0000,0000,0000,,And when starting up J-link and trying to\Nconnect, we can see it can actually
Dialogue: 0,0:10:56.09,0:11:01.23,Default,,0000,0000,0000,,successfully connect. But, when you take a\Ncloser look, there's also a message that
Dialogue: 0,0:11:01.23,0:11:09.27,Default,,0000,0000,0000,,the device is active read protected. This\Nis because the chip, the STM32 chip,
Dialogue: 0,0:11:09.27,0:11:15.65,Default,,0000,0000,0000,,features something called RDP protection\Nlevel or readout protection level. This is
Dialogue: 0,0:11:15.65,0:11:20.30,Default,,0000,0000,0000,,basically the security setting for the\Ndebugging interface and it has three
Dialogue: 0,0:11:20.30,0:11:26.77,Default,,0000,0000,0000,,levels. Level zero means no protection is\Nactive. Level one means that the flash
Dialogue: 0,0:11:26.77,0:11:31.84,Default,,0000,0000,0000,,memory is protected and so we can't dump\Nthe internal flash of the device. However,
Dialogue: 0,0:11:31.84,0:11:36.94,Default,,0000,0000,0000,,we can dump the RAM contents and we can\Nalso execute code from RAM. And then
Dialogue: 0,0:11:36.94,0:11:42.24,Default,,0000,0000,0000,,there's also level two, which means that\Nall debugging features are disabled. Now,
Dialogue: 0,0:11:42.24,0:11:46.63,Default,,0000,0000,0000,,just because a chip is in level two,\Ndoesn't mean that you have to give up.
Dialogue: 0,0:11:46.63,0:11:51.59,Default,,0000,0000,0000,,For example, in our talk wallet.fail a couple\Nof years ago, we showed how to use fault
Dialogue: 0,0:11:51.59,0:11:56.00,Default,,0000,0000,0000,,injection to bypass the level two\Nprotection and downgrade a chip to level
Dialogue: 0,0:11:56.00,0:12:00.82,Default,,0000,0000,0000,,one. However, on the Game & Watch, we are\Nlucky and the interface is not fully
Dialogue: 0,0:12:00.82,0:12:07.14,Default,,0000,0000,0000,,disabled. Instead, it's in level one. And\Nso we can still dump the RAM, which is a
Dialogue: 0,0:12:07.14,0:12:11.30,Default,,0000,0000,0000,,pretty good entry point, even though we\Ncan't dump the firmware yet. Now, having
Dialogue: 0,0:12:11.30,0:12:17.01,Default,,0000,0000,0000,,dumped the RAM of the device, I was pretty\Ncurious to see, what's inside of it. And
Dialogue: 0,0:12:17.01,0:12:21.66,Default,,0000,0000,0000,,one of my suspicions was, that potentially\Nthe emulator, that's hopefully running on
Dialogue: 0,0:12:21.66,0:12:29.00,Default,,0000,0000,0000,,the device, loads the original Super Mario\NBrothers ROM into RAM. And so, I was
Dialogue: 0,0:12:29.00,0:12:34.83,Default,,0000,0000,0000,,wondering whether maybe we can find the\NROM that the device uses in the RAM-dump.
Dialogue: 0,0:12:34.83,0:12:39.75,Default,,0000,0000,0000,,And so I opened up the RAM-dump in a hex\Neditor and I also opened up the original
Dialogue: 0,0:12:39.75,0:12:44.45,Default,,0000,0000,0000,,Super Mario Brothers ROM in a second\Nwindow in a hex editor and tried to find
Dialogue: 0,0:12:44.45,0:12:49.41,Default,,0000,0000,0000,,different parts of the original ROM in the\NRAM-dump. And it turns out that, yes, the
Dialogue: 0,0:12:49.41,0:12:55.38,Default,,0000,0000,0000,,NES ROM is loaded into RAM and it's always\Nat the same address. And so it's probably
Dialogue: 0,0:12:55.38,0:13:00.29,Default,,0000,0000,0000,,like during boot up, it gets copied into\NRAM or something along those lines. And so
Dialogue: 0,0:13:00.29,0:13:05.42,Default,,0000,0000,0000,,this is pretty cool to know, because it\Ntells us a couple of things. First off, we
Dialogue: 0,0:13:05.42,0:13:09.79,Default,,0000,0000,0000,,know now that the debug port is enabled\Nand working, but that it's unfortunately
Dialogue: 0,0:13:09.79,0:13:16.32,Default,,0000,0000,0000,,at RDP level one and so we can only dump\Nthe RAM. And we also know that the NES ROM
Dialogue: 0,0:13:16.32,0:13:21.26,Default,,0000,0000,0000,,is loaded into RAM. And this means that\Nthe device runs a real NES emulator. And
Dialogue: 0,0:13:21.26,0:13:25.68,Default,,0000,0000,0000,,so if we get lucky, we can, for example,\Njust replace the ROM that is used by
Dialogue: 0,0:13:25.68,0:13:29.84,Default,,0000,0000,0000,,the device and play, for example, \Nour own NES game.
Dialogue: 0,0:13:30.60,0:13:33.46,Default,,0000,0000,0000,,{\i1}little pause{\i0}
Dialogue: 0,0:13:33.93,0:13:37.01,Default,,0000,0000,0000,,Next, it was time to dump the flash chip
Dialogue: 0,0:13:37.01,0:13:41.16,Default,,0000,0000,0000,,of the device. For this, I'm using a\Ndevice called Mini Pro and I'm using one
Dialogue: 0,0:13:41.16,0:13:46.96,Default,,0000,0000,0000,,of these really useful SOIC8 clips. And so\Nthese ones you can simply clip onto the
Dialogue: 0,0:13:46.96,0:13:52.24,Default,,0000,0000,0000,,flash chip and then dump it. Now, one\Nwarning though, the flash chip on the device,
Dialogue: 0,0:13:52.24,0:13:56.22,Default,,0000,0000,0000,,is running at 1.8 volts. And so you want to\Nmake sure that your programmer also
Dialogue: 0,0:13:56.22,0:14:01.84,Default,,0000,0000,0000,,supports 1.8 volt operation. If you\Naccidentally try to read it out at 3.3 volts,
Dialogue: 0,0:14:01.84,0:14:06.77,Default,,0000,0000,0000,,you will break your flash. Trust\Nme, because it happened to me on one of my
Dialogue: 0,0:14:06.77,0:14:12.94,Default,,0000,0000,0000,,units. Now, with this flash dump from the\Ndevice, we can start to analyze it. And
Dialogue: 0,0:14:12.94,0:14:17.32,Default,,0000,0000,0000,,what I always like to do first, is take a\Nlook at the entropy or the randomness of
Dialogue: 0,0:14:17.32,0:14:23.35,Default,,0000,0000,0000,,the flash dump. And so using binwalk with\Nthe -E option, we get a nice entropy
Dialogue: 0,0:14:23.35,0:14:27.41,Default,,0000,0000,0000,,graph. And in this case, you can see we\Nhave a very high entropy over almost the
Dialogue: 0,0:14:27.41,0:14:32.90,Default,,0000,0000,0000,,whole flash contents. And this mostly\Nindicates, that the flash contents are
Dialogue: 0,0:14:32.90,0:14:37.24,Default,,0000,0000,0000,,encrypted. It could also mean compression,\Nbut if it's compressed, you would often
Dialogue: 0,0:14:37.24,0:14:43.53,Default,,0000,0000,0000,,see more like dips in the entropy. And in\Nthis case, it's one very high entropy
Dialogue: 0,0:14:43.53,0:14:48.83,Default,,0000,0000,0000,,stream. We also noticed, that there are no\Nrepetitions whatsoever, which also tells
Dialogue: 0,0:14:48.83,0:14:53.35,Default,,0000,0000,0000,,us that it's probably not like a simple\NXOR based encryption or so and instead
Dialogue: 0,0:14:53.35,0:14:58.34,Default,,0000,0000,0000,,something like AES or something similar.\NBut, just because the flash is encrypted
Dialogue: 0,0:14:58.34,0:15:02.20,Default,,0000,0000,0000,,doesn't mean we have to give up. On the\Ncontrary, I think now it starts to get
Dialogue: 0,0:15:02.20,0:15:06.83,Default,,0000,0000,0000,,interesting, because you actually have a\Nchallenge and it's not just plug and play,
Dialogue: 0,0:15:06.83,0:15:13.02,Default,,0000,0000,0000,,so to say. One of the biggest questions I\Nhad is, is the flash actually verified?
Dialogue: 0,0:15:13.02,0:15:18.16,Default,,0000,0000,0000,,Like does the device boot, even though the\Nflash has been modified? Because, if it
Dialogue: 0,0:15:18.16,0:15:24.79,Default,,0000,0000,0000,,does, this would open up a lot of attack\Nvectors, basically, as you will see. And
Dialogue: 0,0:15:24.79,0:15:30.72,Default,,0000,0000,0000,,so to verify this, I basically try to\Nput zeros in random places in the flash
Dialogue: 0,0:15:30.72,0:15:35.76,Default,,0000,0000,0000,,image. And so, I put some at adress zero,\Nsome at 0x2000 and so on. And then I
Dialogue: 0,0:15:35.76,0:15:39.91,Default,,0000,0000,0000,,checked whether the device would still\Nboot-up. And with the most flash
Dialogue: 0,0:15:39.91,0:15:44.37,Default,,0000,0000,0000,,modifications, it would still boot just\Nfine. This tells us, that even though the
Dialogue: 0,0:15:44.37,0:15:48.60,Default,,0000,0000,0000,,flash contents are encrypted, they are not\Nvalidated, they are not checksummed or
Dialogue: 0,0:15:48.60,0:15:54.61,Default,,0000,0000,0000,,anything. And so we can potentially trick\Nthe device into accepting a modified flash
Dialogue: 0,0:15:54.61,0:15:58.53,Default,,0000,0000,0000,,image. And this is really important to\Nknow, as you will see in a couple of
Dialogue: 0,0:15:58.53,0:16:05.31,Default,,0000,0000,0000,,minutes. My next suspicion was, that maybe\Nthe NES ROM we see in RAM, is actually
Dialogue: 0,0:16:05.31,0:16:12.84,Default,,0000,0000,0000,,loaded from the external flash. And so to\Nfind out whether that's the case, I again
Dialogue: 0,0:16:12.84,0:16:18.94,Default,,0000,0000,0000,,took the flash and I inserted zeros at\Nmultiple positions in the flash image.
Dialogue: 0,0:16:18.94,0:16:24.55,Default,,0000,0000,0000,,Flashed that over, booted-up the game,\Ndumped the RAM and then compared the NES
Dialogue: 0,0:16:24.55,0:16:29.62,Default,,0000,0000,0000,,ROM that I'm now dumping from RAM with the\None that I dumped initially and checked
Dialogue: 0,0:16:29.62,0:16:35.40,Default,,0000,0000,0000,,whether they are equal. Because my\Nsuspicion was that maybe I can overwrite a
Dialogue: 0,0:16:35.40,0:16:41.52,Default,,0000,0000,0000,,couple of bytes in the encrypted flash and\Nthen I will modify the NES room. And after
Dialogue: 0,0:16:41.52,0:16:46.76,Default,,0000,0000,0000,,doing this for, like, I don't know, half\Nan hour, I got lucky and I modified 4
Dialogue: 0,0:16:46.76,0:16:51.40,Default,,0000,0000,0000,,bytes in the flash image and 4 bytes in the\NRAM...sorry...in the ROM that was loaded
Dialogue: 0,0:16:51.40,0:16:56.79,Default,,0000,0000,0000,,into RAM changed. And this tells us quite\Na bit. It means that the ROM is loaded
Dialogue: 0,0:16:56.79,0:17:04.45,Default,,0000,0000,0000,,from flash into RAM and that the flash\Ncontents are not validated. And what's
Dialogue: 0,0:17:04.45,0:17:10.28,Default,,0000,0000,0000,,also important is, that we change 4\Nbytes in the flash and now 4 bytes in
Dialogue: 0,0:17:10.28,0:17:15.51,Default,,0000,0000,0000,,the decrypted image changed. And this is\Nvery important to know, because if we take
Dialogue: 0,0:17:15.51,0:17:19.74,Default,,0000,0000,0000,,a look at what we would expect to happen\Nwhen we change the flash contents, there
Dialogue: 0,0:17:19.74,0:17:23.88,Default,,0000,0000,0000,,are multiple outcomes. And so, for\Nexample, here we have the SPI-flash
Dialogue: 0,0:17:23.88,0:17:29.31,Default,,0000,0000,0000,,contents on the left and the RAM contents\Non the right. And so the RAM contents are
Dialogue: 0,0:17:29.31,0:17:35.41,Default,,0000,0000,0000,,basically the decrypted version of the\NSPI-flash contents. Now let's say we
Dialogue: 0,0:17:35.41,0:17:41.75,Default,,0000,0000,0000,,change 4 bytes in the encrypted flash\Nimage to zeros. How would we expect the
Dialogue: 0,0:17:41.75,0:17:47.58,Default,,0000,0000,0000,,RAM contents to change, for example, if we\Nwould see that now 16 bytes in the RAM are
Dialogue: 0,0:17:47.58,0:17:52.96,Default,,0000,0000,0000,,changing, this means that we are\Npotentially looking at an encryption
Dialogue: 0,0:17:52.96,0:17:57.65,Default,,0000,0000,0000,,algorithm, such as AES in electronic\Ncodebook mode. Because, it's a block based
Dialogue: 0,0:17:57.65,0:18:03.18,Default,,0000,0000,0000,,encryption and so if we change four bytes\Nin the input data, a block size, in this
Dialogue: 0,0:18:03.18,0:18:09.73,Default,,0000,0000,0000,,case 16 bytes, in the output data would\Nchange. The next possibility is, that we
Dialogue: 0,0:18:09.73,0:18:16.16,Default,,0000,0000,0000,,change 4 bytes in the SPI-flash and all\Ndata afterwards will be changed. And in
Dialogue: 0,0:18:16.16,0:18:21.83,Default,,0000,0000,0000,,this case, we would look at some kind of\Nchaining cipher such as AES in the CBC
Dialogue: 0,0:18:21.83,0:18:27.60,Default,,0000,0000,0000,,mode. However, if we change 4 bytes in\Nthe SPI-flash and only 4 bytes in the
Dialogue: 0,0:18:27.60,0:18:33.51,Default,,0000,0000,0000,,RAM changed, we are looking at\Nsomething such as AES in counter mode. And
Dialogue: 0,0:18:33.51,0:18:40.27,Default,,0000,0000,0000,,to understand this, let's take a better\Nlook at how AES in CTR works. AES-CTR
Dialogue: 0,0:18:40.27,0:18:45.93,Default,,0000,0000,0000,,works by having your cleartext and xoring\Nit with an AES encryption stream, that is
Dialogue: 0,0:18:45.93,0:18:53.21,Default,,0000,0000,0000,,generated from a key, a Nonce and the\Ncounter algorithm. Now, the AES stream,
Dialogue: 0,0:18:53.21,0:18:57.37,Default,,0000,0000,0000,,that will be used to xor your your\Ncleartext will always be the same, if key
Dialogue: 0,0:18:57.37,0:19:02.84,Default,,0000,0000,0000,,and Nonce is the same. This is why it's\Nsuper important, that if you use AES-CTR,
Dialogue: 0,0:19:02.84,0:19:08.78,Default,,0000,0000,0000,,you always select a unique Nonce for each\Nencryption. If you encrypt similar data
Dialogue: 0,0:19:08.78,0:19:15.06,Default,,0000,0000,0000,,with the same Nonce twice, large parts of\Nthe resulting ciphertext will be the same.
Dialogue: 0,0:19:15.06,0:19:19.96,Default,,0000,0000,0000,,And so the cleartext gets xored with the\NAES-CTR stream and then we get our
Dialogue: 0,0:19:19.96,0:19:26.57,Default,,0000,0000,0000,,ciphertext. Now, if we know the cleartext,\Nas we do, because the cleartext is the ROM,
Dialogue: 0,0:19:26.57,0:19:32.27,Default,,0000,0000,0000,,that is loaded into RAM and we know the\Nciphertext, which we do, because it's the
Dialogue: 0,0:19:32.27,0:19:38.01,Default,,0000,0000,0000,,contents of the encrypted flash we just\Ndump. We can basically reverse the
Dialogue: 0,0:19:38.01,0:19:44.58,Default,,0000,0000,0000,,operation and as a result, we get the AES-\NCTR stream, that was used to encrypt the
Dialogue: 0,0:19:44.58,0:19:52.05,Default,,0000,0000,0000,,flash. And now this means, that we can\Ntake, for example, a custom ROM, xor it
Dialogue: 0,0:19:52.05,0:19:57.83,Default,,0000,0000,0000,,with the AES-CTR stream we just\Ncalculated and then generate our own
Dialogue: 0,0:19:57.83,0:20:02.01,Default,,0000,0000,0000,,encrypted flash image, for example, with a\Nmodified ROM. And so I wrote a couple of
Dialogue: 0,0:20:02.01,0:20:08.34,Default,,0000,0000,0000,,Python scripts to try this. And after a\Nwhile, I was running Hacked Super Mario
Dialogue: 0,0:20:08.34,0:20:14.29,Default,,0000,0000,0000,,Brothers instead of Super Mario Brothers.\NSo, wohoo, we hacked the Nintendo Game &
Dialogue: 0,0:20:14.29,0:20:18.87,Default,,0000,0000,0000,,Watch one day before the official release.\NAnd we can install modified Super Mario
Dialogue: 0,0:20:18.87,0:20:23.99,Default,,0000,0000,0000,,Brothers ROMs. Now, you can find the\Nscripts that I used for this on my Github.
Dialogue: 0,0:20:23.99,0:20:28.26,Default,,0000,0000,0000,,So it's in a repository called "Game &\NWatch Hacking". And I was super excited,
Dialogue: 0,0:20:28.26,0:20:33.57,Default,,0000,0000,0000,,because it meant, that I succeeded and that\NI basically hacked a Nintendo console one
Dialogue: 0,0:20:33.57,0:20:37.96,Default,,0000,0000,0000,,day before the official release.\NUnfortunately, I finished the level, but
Dialogue: 0,0:20:37.96,0:20:43.35,Default,,0000,0000,0000,,Toad wasn't as excited. He told me that\Nunfortunately, our firmware is still in
Dialogue: 0,0:20:43.35,0:20:50.05,Default,,0000,0000,0000,,another castle. And so on the Monday after\Nthe launch of the device, I teamed up with
Dialogue: 0,0:20:50.05,0:20:54.79,Default,,0000,0000,0000,,Konrad Beckman, a hardware hacker from\NSweden who I met at the previous Congress.
Dialogue: 0,0:20:54.79,0:20:59.85,Default,,0000,0000,0000,,And we started chatting and throwing ideas\Nback and forth and so on. And eventually
Dialogue: 0,0:20:59.85,0:21:05.62,Default,,0000,0000,0000,,we noticed that the device has a special\NRAM area called ITCM-RAM, which is a
Dialogue: 0,0:21:05.62,0:21:10.57,Default,,0000,0000,0000,,tightly coupled instruction RAM that is\Nnormally used for very high performance
Dialogue: 0,0:21:10.57,0:21:15.12,Default,,0000,0000,0000,,routines such as interrupt handlers and so\Non. And so it's in a very fast RAM area.
Dialogue: 0,0:21:15.12,0:21:22.16,Default,,0000,0000,0000,,And we realized that we never actually\Nlooked at the contents of that ITCM-RAM.
Dialogue: 0,0:21:22.16,0:21:26.54,Default,,0000,0000,0000,,And so we dumped it from the device using\Nthe debugging port. And it turns out that
Dialogue: 0,0:21:26.54,0:21:33.02,Default,,0000,0000,0000,,this ITCM-RAM contains ARM code. And so,\Nagain, the question is, where does this
Dialogue: 0,0:21:33.02,0:21:37.57,Default,,0000,0000,0000,,ARM code come from, does it maybe just\Nlike the NES ROM come from the external
Dialogue: 0,0:21:37.57,0:21:45.74,Default,,0000,0000,0000,,flash? And so basically, I repeated the\Nwhole thing that we also did with the NES
Dialogue: 0,0:21:45.74,0:21:52.26,Default,,0000,0000,0000,,ROM and just put zeros at the very\Nbeginning of the encrypted flash. Rebooted
Dialogue: 0,0:21:52.26,0:21:57.72,Default,,0000,0000,0000,,the device and dumped the ITCM-RAM and I\Ngot super lucky on the first try already
Dialogue: 0,0:21:57.72,0:22:03.99,Default,,0000,0000,0000,,the ITCM contents changed. And because the\NITCM contains code, not just data, so
Dialogue: 0,0:22:03.99,0:22:09.30,Default,,0000,0000,0000,,early we only had the NES-ROM, which is\Njust data, but this time the RAM contains
Dialogue: 0,0:22:09.30,0:22:14.85,Default,,0000,0000,0000,,code. This means that with the same x or\Ntrick we used before, we could inject
Dialogue: 0,0:22:14.85,0:22:21.53,Default,,0000,0000,0000,,custom ITCM code into the external flash,\Nwhich would then be loaded into RAM when
Dialogue: 0,0:22:21.53,0:22:27.62,Default,,0000,0000,0000,,the device boots. And because it's a\Npersistent method, we can then reboot the
Dialogue: 0,0:22:27.62,0:22:32.52,Default,,0000,0000,0000,,device and let it run without the debugger\Nconnected. And so whatever code we load
Dialogue: 0,0:22:32.52,0:22:38.49,Default,,0000,0000,0000,,into this ITCM area will be able to\Nactually read the flash. And so we could
Dialogue: 0,0:22:38.49,0:22:43.28,Default,,0000,0000,0000,,potentially write some code that gets\Nsomehow called by the firmware and then
Dialogue: 0,0:22:43.28,0:22:49.54,Default,,0000,0000,0000,,copies the internal flash into RAM from\Nwhere we then can retrieve it using the
Dialogue: 0,0:22:49.54,0:22:57.56,Default,,0000,0000,0000,,debugger. Now, the problem is, let's say\Nwe have a custom payload somehow in this
Dialogue: 0,0:22:57.56,0:23:04.75,Default,,0000,0000,0000,,ITCM area. We don't know which address of\Nthis ITCM code gets executed. And so we
Dialogue: 0,0:23:04.75,0:23:09.41,Default,,0000,0000,0000,,don't know whether the firmware will jump\Nto adress zero or adress 200 or whatever.
Dialogue: 0,0:23:09.41,0:23:14.27,Default,,0000,0000,0000,,But there's a really simple trick to still\Nbuild a successful payload. And it's
Dialogue: 0,0:23:14.27,0:23:19.23,Default,,0000,0000,0000,,called a NOP slide. A NOP, or no\Noperation, is an instruction that simply
Dialogue: 0,0:23:19.23,0:23:25.10,Default,,0000,0000,0000,,does nothing. And if we fill most of the\NITCM-RAM with NOPs and put our payload at
Dialogue: 0,0:23:25.10,0:23:31.70,Default,,0000,0000,0000,,the very end, we build something that is\Nbasically a NOP-slide. And so when the
Dialogue: 0,0:23:31.70,0:23:37.26,Default,,0000,0000,0000,,CPU, indicated by Mario here, jumps to a\Nrandom address in that whole NOP-slide, it
Dialogue: 0,0:23:37.26,0:23:43.50,Default,,0000,0000,0000,,will start executing NOPs and slide down\Ninto our payload and execute it. And so
Dialogue: 0,0:23:43.50,0:23:49.10,Default,,0000,0000,0000,,even if Mario jumps right in the middle of\Nthe NOP-slide, he will always slide down
Dialogue: 0,0:23:49.10,0:23:54.92,Default,,0000,0000,0000,,the slide and end up in our payload. And\NKonrad wrote this really, really simple
Dialogue: 0,0:23:54.92,0:23:58.33,Default,,0000,0000,0000,,payload, which is only like 10\Ninstructions, which basically just copies
Dialogue: 0,0:23:58.33,0:24:03.98,Default,,0000,0000,0000,,the internal flash into RAM from where we\Ncan then retrieve it using the debugger.
Dialogue: 0,0:24:03.98,0:24:08.28,Default,,0000,0000,0000,,So wohoo, super simple exploit. We have a\Nfull firmware backup and a full flash
Dialogue: 0,0:24:08.28,0:24:13.59,Default,,0000,0000,0000,,backup and now we can really fiddle with\Neverything on the device. And we've
Dialogue: 0,0:24:13.59,0:24:17.70,Default,,0000,0000,0000,,actually released tools to do this\Nyourself. And so if you want to back up
Dialogue: 0,0:24:17.70,0:24:23.16,Default,,0000,0000,0000,,your Nintendo Game & Watch, you can just\Ngo onto my GitHub and download the game
Dialogue: 0,0:24:23.16,0:24:27.67,Default,,0000,0000,0000,,and watch backup repository, which\Ncontains a lot of information on how to
Dialogue: 0,0:24:27.67,0:24:33.27,Default,,0000,0000,0000,,back it up. It does check something and\Nso on to ensure that you don't
Dialogue: 0,0:24:33.27,0:24:38.42,Default,,0000,0000,0000,,accidentally brick your device and you can\Neasily back up the original firmware,
Dialogue: 0,0:24:38.42,0:24:43.61,Default,,0000,0000,0000,,install homebrew, and then always go back\Nto the original software. We also have an
Dialogue: 0,0:24:43.61,0:24:50.63,Default,,0000,0000,0000,,awesome support community on Discord. And\Nso if you ever need help, I think you will
Dialogue: 0,0:24:50.63,0:24:55.27,Default,,0000,0000,0000,,find success there. And so far we haven't\Nhad a single bricked Game & Watch and so
Dialogue: 0,0:24:55.27,0:25:02.20,Default,,0000,0000,0000,,looks to be pretty stable. And so I\Nwas pretty excited because the quest was
Dialogue: 0,0:25:02.20,0:25:11.17,Default,,0000,0000,0000,,over. Or is it? If you ever claim on the\Ninternet that you successfully hacked an
Dialogue: 0,0:25:11.17,0:25:18.18,Default,,0000,0000,0000,,embedded device, there will be exactly one\Nresponse and one response only: but does
Dialogue: 0,0:25:18.18,0:25:23.61,Default,,0000,0000,0000,,it run Doom? Literally my Twitter DMs, my\NYouTube comments, and even my friends were
Dialogue: 0,0:25:23.61,0:25:28.72,Default,,0000,0000,0000,,spamming me with the challenge to get Doom\Nrunning on the device. But to get Doom
Dialogue: 0,0:25:28.72,0:25:34.39,Default,,0000,0000,0000,,running, we first needed to bring up all\Nthe hardware. And so we basically needed
Dialogue: 0,0:25:34.39,0:25:40.07,Default,,0000,0000,0000,,to create a way to develop and load\Nhomebrew onto the device. Now, luckily for
Dialogue: 0,0:25:40.07,0:25:44.88,Default,,0000,0000,0000,,us, most of the components on the board\Nare very well documented and so there are
Dialogue: 0,0:25:44.88,0:25:50.04,Default,,0000,0000,0000,,no NDA components. And so, for example,\Nthe processor has an open reference manual
Dialogue: 0,0:25:50.04,0:25:56.89,Default,,0000,0000,0000,,and open source library to use it. The\Nflash is a well-known flash chip. And so
Dialogue: 0,0:25:56.89,0:26:00.44,Default,,0000,0000,0000,,on and so forth. And there are only a\Ncouple of very proprietary or custom
Dialogue: 0,0:26:00.44,0:26:06.28,Default,,0000,0000,0000,,components. And so, for example, the LCD\Non the device is proprietary and we had to
Dialogue: 0,0:26:06.28,0:26:12.69,Default,,0000,0000,0000,,basically sniff the SPI-bus that goes to\Nthe display to basically decode the
Dialogue: 0,0:26:12.69,0:26:19.16,Default,,0000,0000,0000,,initialization of the display and so on.\NAnd after a while, we had the full
Dialogue: 0,0:26:19.16,0:26:24.54,Default,,0000,0000,0000,,hardware running, we had LCD support, we\Nhad audio support, deep support, buttons
Dialogue: 0,0:26:24.54,0:26:29.21,Default,,0000,0000,0000,,and even flashing tools that allow you to\Nsimply use an SWD debugger to dump and
Dialogue: 0,0:26:29.21,0:26:33.82,Default,,0000,0000,0000,,rewrite the external flash. And you can\Nfind all of these things on our GitHub.
Dialogue: 0,0:26:33.82,0:26:38.52,Default,,0000,0000,0000,,Now, if you want to mod your own Game &\NWatch, all you need is a simple debugging
Dialogue: 0,0:26:38.52,0:26:46.84,Default,,0000,0000,0000,,adapter such as a cheap, three dollar ST-\Nlink, a J-link or a real ST-link device,
Dialogue: 0,0:26:46.84,0:26:51.14,Default,,0000,0000,0000,,and then you can get started. We've also\Npublished a base project for anyone who
Dialogue: 0,0:26:51.14,0:26:54.91,Default,,0000,0000,0000,,wants to get started with building their\Nown games for the Game & Watch. And so
Dialogue: 0,0:26:54.91,0:26:58.67,Default,,0000,0000,0000,,it's really simple. It's just a frame\Nbuffer you can draw to, input is really
Dialogue: 0,0:26:58.67,0:27:04.47,Default,,0000,0000,0000,,simple and so on. And as said, we have a\Nreally helpful community. Now with all the
Dialogue: 0,0:27:04.47,0:27:10.00,Default,,0000,0000,0000,,hardware up and running, I could finally\Nstart porting Doom. I started by looking
Dialogue: 0,0:27:10.00,0:27:15.42,Default,,0000,0000,0000,,around for other ports of Doom to an\NSTM32. And I found this project by floppes
Dialogue: 0,0:27:15.42,0:27:22.01,Default,,0000,0000,0000,,called stm32doom. Now the issue is,\Nstm32doom is designed for a board with
Dialogue: 0,0:27:22.01,0:27:28.34,Default,,0000,0000,0000,,eight megabytes of RAM and also the data\Nfiles for Doom were stored on external USB
Dialogue: 0,0:27:28.34,0:27:37.63,Default,,0000,0000,0000,,drive. On our platform, we only have 1.3\NMB of RAM, 128 kB of flash and only 1 MB
Dialogue: 0,0:27:37.63,0:27:42.60,Default,,0000,0000,0000,,of external flash and we have to fit all\Nthe level information, all the code and
Dialogue: 0,0:27:42.60,0:27:50.88,Default,,0000,0000,0000,,so on in there. Now, the Doom level\Ninformation is stored in so-called WAD -
Dialogue: 0,0:27:50.88,0:27:57.24,Default,,0000,0000,0000,,Where's All my Data files. And these data\Nfiles contain the sprites, the textures,
Dialogue: 0,0:27:57.24,0:28:03.23,Default,,0000,0000,0000,,the levels and so on. Now the WAD for Doom\N1 is roughly four megabytes in size and
Dialogue: 0,0:28:03.23,0:28:11.44,Default,,0000,0000,0000,,the WAD for Doom 2 is 40 MB in size. But\Nwe only have 1.1 MB of storage. Plus we
Dialogue: 0,0:28:11.44,0:28:16.39,Default,,0000,0000,0000,,have to fit all the code in there. So\Nobviously we needed to find a very, very
Dialogue: 0,0:28:16.39,0:28:22.20,Default,,0000,0000,0000,,small Doom port. And as it turns out,\Nthere's a file called Mini-WAD, which is a
Dialogue: 0,0:28:22.20,0:28:27.68,Default,,0000,0000,0000,,minimal Doom, I wrote, which is basically\Nall the bells and whistles are stripped
Dialogue: 0,0:28:27.68,0:28:34.24,Default,,0000,0000,0000,,from the WAD file and everything replaced\Nby simple outlines and so on. And while
Dialogue: 0,0:28:34.24,0:28:38.13,Default,,0000,0000,0000,,it's not pretty, I was pretty confident\Nthat I could get it working as it's only
Dialogue: 0,0:28:38.13,0:28:46.32,Default,,0000,0000,0000,,250 kB of storage, down from 40 megabytes.\NNow, in addition to that, a lot of stuff
Dialogue: 0,0:28:46.32,0:28:51.30,Default,,0000,0000,0000,,on the Chocolate Doom port itself had to\Nbe changed. And so, for example, I had to
Dialogue: 0,0:28:51.30,0:28:56.15,Default,,0000,0000,0000,,rip out all the file handling and add a\Ncustom file handler. I had to add support
Dialogue: 0,0:28:56.15,0:29:01.23,Default,,0000,0000,0000,,for the Game & Watch LCD, button input\Nsupport. And I also had to get rid of a
Dialogue: 0,0:29:01.23,0:29:05.35,Default,,0000,0000,0000,,lot of things to get it running somewhat\Nsmoothly. And so, for example, the
Dialogue: 0,0:29:05.35,0:29:10.63,Default,,0000,0000,0000,,infamous Wipe effect had to go and I also\Nhad to remove sound support. Now, the next
Dialogue: 0,0:29:10.63,0:29:16.27,Default,,0000,0000,0000,,issue was that once it was compiling, it\Nsimply would not fit into RAM and crash
Dialogue: 0,0:29:16.27,0:29:22.82,Default,,0000,0000,0000,,all the time. Now on the device, we have\Nroughly 1.3 MB of RAM in different RAM
Dialogue: 0,0:29:22.82,0:29:27.51,Default,,0000,0000,0000,,areas. And for example just the frame\Nbuffer, that we obviously need, takes up
Dialogue: 0,0:29:27.51,0:29:36.35,Default,,0000,0000,0000,,154 kB off that. Then we have 160 kB of\Ninitialized data, 320 kB of uninitialized
Dialogue: 0,0:29:36.35,0:29:42.00,Default,,0000,0000,0000,,data and a ton of dynamic allocations that\Nare done by Chocolate Doom. And these
Dialogue: 0,0:29:42.00,0:29:46.61,Default,,0000,0000,0000,,dynamic allocations were a huge issue\Nbecause the Chocolate Doom source code
Dialogue: 0,0:29:46.61,0:29:52.48,Default,,0000,0000,0000,,does a lot of small allocations, which are\Nonly used for temporary data. And so they
Dialogue: 0,0:29:52.48,0:29:58.60,Default,,0000,0000,0000,,get freed again and so on, and so your\Ndynamic memory gets very, very fragmented
Dialogue: 0,0:29:58.60,0:30:02.71,Default,,0000,0000,0000,,very quickly, and so eventually there's\Njust not enough space to, for example,
Dialogue: 0,0:30:02.71,0:30:09.79,Default,,0000,0000,0000,,initialize the level. And so to fix this,\NI took the Chocolate Doom code and I
Dialogue: 0,0:30:09.79,0:30:15.11,Default,,0000,0000,0000,,changed a lot of the dynamic allocations\Nto static allocations, which also had the
Dialogue: 0,0:30:15.11,0:30:22.03,Default,,0000,0000,0000,,big advantage of making the error messages\Nby the compiler much more meaningful.
Dialogue: 0,0:30:22.03,0:30:27.34,Default,,0000,0000,0000,,Because it would actually tell you: Hey,\Nthis and this data does not fit into RAM.
Dialogue: 0,0:30:27.34,0:30:31.99,Default,,0000,0000,0000,,And eventually, after a lot of trial and\Nerror and copying as many of the original
Dialogue: 0,0:30:31.99,0:30:39.40,Default,,0000,0000,0000,,assets as possible into the minimal IWAD,\NI got it. I had Doom running on the
Dialogue: 0,0:30:39.40,0:30:45.03,Default,,0000,0000,0000,,Nintendo Game & Watch Super Mario Brothers\Nand I hopefully calmed the internet gods
Dialogue: 0,0:30:45.03,0:30:49.75,Default,,0000,0000,0000,,that forced me to do it. Now,\Nunfortunately, the USB port is physically
Dialogue: 0,0:30:49.75,0:30:55.69,Default,,0000,0000,0000,,not connected to the processor and so it\Nwill not be possible to hack the device
Dialogue: 0,0:30:55.69,0:31:00.39,Default,,0000,0000,0000,,simply by plugging it into your computer.\NHowever, it's relatively simple to do this
Dialogue: 0,0:31:00.39,0:31:06.79,Default,,0000,0000,0000,,using one of these USB-Debuggers. Now, the\Nmost requested type of homebrew software
Dialogue: 0,0:31:06.79,0:31:12.87,Default,,0000,0000,0000,,was obviously emulators. And I'm proud to\Nsay that by now we actually have kind of a
Dialogue: 0,0:31:12.87,0:31:19.21,Default,,0000,0000,0000,,large collection of emulators running on\Nthe Nintendo Game & Watch. And it all
Dialogue: 0,0:31:19.21,0:31:23.37,Default,,0000,0000,0000,,started with Conrad Beckman discovering\Nthe Retro Go Project, which is an emulator
Dialogue: 0,0:31:23.37,0:31:29.97,Default,,0000,0000,0000,,collection for a device called the Odroid\NGo and the Odroid Go is a small handheld
Dialogue: 0,0:31:29.97,0:31:35.88,Default,,0000,0000,0000,,with similar input and size constraints as\Nthe Nintendo Game & Watch. And so it's
Dialogue: 0,0:31:35.88,0:31:40.63,Default,,0000,0000,0000,,kind of cool to port this over because it\Nbasically already did all of the hard
Dialogue: 0,0:31:40.63,0:31:47.67,Default,,0000,0000,0000,,work, so to say. And Retro Go comes with\Nemulators for the NES, for the Gameboy and
Dialogue: 0,0:31:47.67,0:31:52.77,Default,,0000,0000,0000,,the Gameboy color and even for the Sega\NMaster System and the Sega Game Gear. And
Dialogue: 0,0:31:52.77,0:31:58.29,Default,,0000,0000,0000,,after a couple of days, Conrad actually\Nwas able to show off his NES emulator
Dialogue: 0,0:31:58.29,0:32:02.96,Default,,0000,0000,0000,,running Zelda and other games such as\NContra and so on, on the Nintendo Game &
Dialogue: 0,0:32:02.96,0:32:09.23,Default,,0000,0000,0000,,Watch. This is super fun and initially we\Nonly had really a basic emulator that
Dialogue: 0,0:32:09.23,0:32:13.17,Default,,0000,0000,0000,,could barely play and we had a lot of\Nframe drops, we didn't have nice scaling,
Dialogue: 0,0:32:13.17,0:32:18.29,Default,,0000,0000,0000,,VSync and so on. But now after a couple of\Nweeks, it's really a nice device to use
Dialogue: 0,0:32:18.29,0:32:24.09,Default,,0000,0000,0000,,and to play with. And so we also have a\NGameboy emulator running and so you can
Dialogue: 0,0:32:24.09,0:32:29.44,Default,,0000,0000,0000,,play your favorite Gameboy games such as\NPokémon, Super Mario Land and so on on the
Dialogue: 0,0:32:29.44,0:32:35.16,Default,,0000,0000,0000,,Nintendo Game & Watch if you own the\Ncorresponding ROM Backups. And we also
Dialogue: 0,0:32:35.16,0:32:38.65,Default,,0000,0000,0000,,experimented with different scaling\Nalgorithms to make the most out of the
Dialogue: 0,0:32:38.65,0:32:43.31,Default,,0000,0000,0000,,screen. And so you can basically change\Nthe scaling algorithm that is used for the
Dialogue: 0,0:32:43.31,0:32:48.16,Default,,0000,0000,0000,,display, depending on what you prefer. And\Nyou could even change the palette for the
Dialogue: 0,0:32:48.16,0:32:54.45,Default,,0000,0000,0000,,different games. We also have a nice game\Nchooser menu which allows you to basically
Dialogue: 0,0:32:54.45,0:32:59.24,Default,,0000,0000,0000,,have multiple ROMs on the device that you\Ncan switch between. We have safe state
Dialogue: 0,0:32:59.24,0:33:04.21,Default,,0000,0000,0000,,support and so if you turn off the device,\Nit will save wherever you left off and you
Dialogue: 0,0:33:04.21,0:33:08.87,Default,,0000,0000,0000,,can even come back to your save game once\Nthe battery run out. You can find the
Dialogue: 0,0:33:08.87,0:33:14.38,Default,,0000,0000,0000,,source code for all of that on the Retro\NGo repository from Conrad. And it's
Dialogue: 0,0:33:14.38,0:33:20.71,Default,,0000,0000,0000,,really, really awesome. Other people build\Nfor example emulators for the CHIP-8
Dialogue: 0,0:33:20.71,0:33:25.43,Default,,0000,0000,0000,,system and so the CHIP-8 emulator comes\Nwith a nice collection of small arcade
Dialogue: 0,0:33:25.43,0:33:31.27,Default,,0000,0000,0000,,games and so on, and it's really fun and\Nreally easy to develop for it. And so
Dialogue: 0,0:33:31.27,0:33:37.01,Default,,0000,0000,0000,,really give this a try if you own a Game &\NWatch and want to try homebrew on it. Tim
Dialogue: 0,0:33:37.01,0:33:41.59,Default,,0000,0000,0000,,Schuerwegen is even working on an\Nemulator for the original Game & Watch
Dialogue: 0,0:33:41.59,0:33:45.92,Default,,0000,0000,0000,,games. And so this is really cool because\Nit basically turned the Nintendo Game &
Dialogue: 0,0:33:45.92,0:33:53.13,Default,,0000,0000,0000,,Watch into an emulator for all Game &\NWatch games that were ever released. And
Dialogue: 0,0:33:53.13,0:33:57.86,Default,,0000,0000,0000,,what was really amazing to me is how the\Ncommunity came together. And so we were
Dialogue: 0,0:33:57.86,0:34:02.14,Default,,0000,0000,0000,,pretty open about the progress on Twitter.\NAnd also Conrad was Twitch streaming a lot
Dialogue: 0,0:34:02.14,0:34:06.48,Default,,0000,0000,0000,,of the process. And we opened up a discord\Nwhere people could join who were
Dialogue: 0,0:34:06.48,0:34:11.85,Default,,0000,0000,0000,,interested in hacking on the device. And\Nit was amazing to see what came out of the
Dialogue: 0,0:34:11.85,0:34:16.72,Default,,0000,0000,0000,,community. And so, for example, we now\Nhave a working storage upgrade that works
Dialogue: 0,0:34:16.72,0:34:21.18,Default,,0000,0000,0000,,both with homebrew but also with the\Noriginal firmware. And so instead of one
Dialogue: 0,0:34:21.18,0:34:25.32,Default,,0000,0000,0000,,megabyte of storage, you can have 60\Nmegabytes of flash and you just need to
Dialogue: 0,0:34:25.32,0:34:30.55,Default,,0000,0000,0000,,replace a single chip, which is pretty\Neasy to do. Then for understanding the
Dialogue: 0,0:34:30.55,0:34:35.69,Default,,0000,0000,0000,,full hardware. Daniel Cuthbert and Daniel\NPadilla provided us with high resolution x
Dialogue: 0,0:34:35.69,0:34:41.01,Default,,0000,0000,0000,,ray images, which allowed us to fully\Nunderstand every single connection, even
Dialogue: 0,0:34:41.01,0:34:46.38,Default,,0000,0000,0000,,of the PGA parts, without desoldering\Nanything. Then Jake Little of Upcycle
Dialogue: 0,0:34:46.38,0:34:52.98,Default,,0000,0000,0000,,Electronics traced on the x rays and also\Nusing a multimeter every last trace on the
Dialogue: 0,0:34:52.98,0:34:58.22,Default,,0000,0000,0000,,PCB, and he even created a schematic of\Nthe device, which gives you all the
Dialogue: 0,0:34:58.22,0:35:02.26,Default,,0000,0000,0000,,details you need when you want to program\Nsomething also and it was really, really
Dialogue: 0,0:35:02.26,0:35:07.10,Default,,0000,0000,0000,,fun. Sander van der Wel for example even\Ncreated a custom backplate and now there
Dialogue: 0,0:35:07.10,0:35:13.22,Default,,0000,0000,0000,,are even projects that try to replace the\Noriginal PCB with a custom PCB with an
Dialogue: 0,0:35:13.22,0:35:20.02,Default,,0000,0000,0000,,FPGA and an ESP 32. And so it's really\Nexciting to see what people come up with.
Dialogue: 0,0:35:20.02,0:35:24.82,Default,,0000,0000,0000,,Now, I hope you enjoyed this talk and I\Nhope to see you on our discord if you want
Dialogue: 0,0:35:24.82,0:35:35.02,Default,,0000,0000,0000,,to join the fun. And thank you for coming.
Dialogue: 0,0:35:35.02,0:35:41.33,Default,,0000,0000,0000,,Herald: Hi. Wow, that was a really amazing\Ntalk. Thank you very much Thomas. As
Dialogue: 0,0:35:41.33,0:35:48.14,Default,,0000,0000,0000,,announced in the beginning we do accept\Nquestions from you and we have quite a
Dialogue: 0,0:35:48.14,0:35:54.45,Default,,0000,0000,0000,,few. Let's see if we manage to make it\Nthrough all of them. The first one is:
Dialogue: 0,0:35:54.45,0:35:59.65,Default,,0000,0000,0000,,Q: Did you read the articles about\NNintendo observing hackers, like private
Dialogue: 0,0:35:59.65,0:36:04.80,Default,,0000,0000,0000,,investigators, et cetera and are you\Nsomehow worried about this?
Dialogue: 0,0:36:04.80,0:36:08.40,Default,,0000,0000,0000,,Thomas: Oh, what's going on with my\Ncamera? Looks like Luigi messed around
Dialogue: 0,0:36:08.40,0:36:17.54,Default,,0000,0000,0000,,with my video setup here. Yeah, I so I've\Nread those articles, but so I believe that
Dialogue: 0,0:36:17.54,0:36:22.21,Default,,0000,0000,0000,,in this case, there is no piracy issue,\Nright? Like, I'm not allowing anyone to
Dialogue: 0,0:36:22.21,0:36:26.94,Default,,0000,0000,0000,,play any new games. If you wanted to to\Ndump a Super Mario ROM, you would have
Dialogue: 0,0:36:26.94,0:36:32.16,Default,,0000,0000,0000,,done it 30 years ago or on the NES Classic\Nor on the Switch or on any of the hundred
Dialogue: 0,0:36:32.16,0:36:37.24,Default,,0000,0000,0000,,consoles Nintendo launched in between. And\Nso I'm really not too worried about it, to
Dialogue: 0,0:36:37.24,0:36:41.48,Default,,0000,0000,0000,,be honest.\NHerald: I also think the aspect of the
Dialogue: 0,0:36:41.48,0:36:50.27,Default,,0000,0000,0000,,target audience is to be seen here. So off\Nto the next question which is: Do you
Dialogue: 0,0:36:50.27,0:36:55.46,Default,,0000,0000,0000,,think that there is a reason why an\Nexternal flash chip has been used?
Dialogue: 0,0:36:55.46,0:37:02.85,Default,,0000,0000,0000,,Thomas: Yeah. So the internal flash of the\NSTM32-H7B0 is relatively small. It's only
Dialogue: 0,0:37:02.85,0:37:08.45,Default,,0000,0000,0000,,128 kB. And so they simply couldn't\Nfit everything in, like basically even
Dialogue: 0,0:37:08.45,0:37:13.24,Default,,0000,0000,0000,,just the frame buffer. Even just a frame\Nbuffer picture also is larger than the
Dialogue: 0,0:37:13.24,0:37:19.10,Default,,0000,0000,0000,,internal flash. And so I think that's why\Nthey did it and I'm glad they did.
Dialogue: 0,0:37:19.10,0:37:26.73,Default,,0000,0000,0000,,Herald: Sure. And is the decryption done\Nin software or is it a feature of the
Dialogue: 0,0:37:26.73,0:37:30.46,Default,,0000,0000,0000,,microcontroller?\NThomas: So the microcontroller has an
Dialogue: 0,0:37:30.46,0:37:36.16,Default,,0000,0000,0000,,integrated feature called OTF-DEC and\Nbasically the flash is directly mapped
Dialogue: 0,0:37:36.16,0:37:41.11,Default,,0000,0000,0000,,into memory and they have this chip\Nprefill called OTF DEC that automatically
Dialogue: 0,0:37:41.11,0:37:45.43,Default,,0000,0000,0000,,provides the decryption and so on. And so\Nit's done all in hardware and you can even
Dialogue: 0,0:37:45.43,0:37:48.35,Default,,0000,0000,0000,,retrieve the keys from hardware,\Nbasically.
Dialogue: 0,0:37:48.35,0:37:57.91,Default,,0000,0000,0000,,Herald: OK, very nice. And also, the next\Nquestion is somehow related to that: Is in
Dialogue: 0,0:37:57.91,0:38:03.52,Default,,0000,0000,0000,,your opinion the encryption Nintendo has\Napplied even worth the effort for them?
Dialogue: 0,0:38:03.52,0:38:07.43,Default,,0000,0000,0000,,It feels like it's just there to give\Nshareholders a false sense of security.
Dialogue: 0,0:38:07.43,0:38:12.71,Default,,0000,0000,0000,,What would you think about that?\NThomas: I think from my perspective, they
Dialogue: 0,0:38:12.71,0:38:16.49,Default,,0000,0000,0000,,choose just the right encryption because\Nit was a ton of fun to reverse engineer
Dialogue: 0,0:38:16.49,0:38:21.91,Default,,0000,0000,0000,,and try to to bypass it and so it was an\Nawesome challenge and so I think they did
Dialogue: 0,0:38:21.91,0:38:26.90,Default,,0000,0000,0000,,everything right. But I also think in the\Nend, it's such a simple device and it's
Dialogue: 0,0:38:26.90,0:38:31.57,Default,,0000,0000,0000,,like if you take a look at what people are\Nbuilding on top of it with like games and
Dialogue: 0,0:38:31.57,0:38:36.68,Default,,0000,0000,0000,,all that kind of stuff. I think they did\Neverything right, but probably it was just
Dialogue: 0,0:38:36.68,0:38:41.57,Default,,0000,0000,0000,,a tick markup. Yeah, we totally locked\Ndown JTAG and yeah, but I think it's fun
Dialogue: 0,0:38:41.57,0:38:44.61,Default,,0000,0000,0000,,because again, it doesn't open up any\Npiracy issues.
Dialogue: 0,0:38:44.61,0:38:51.14,Default,,0000,0000,0000,,Herald: Sure. The one thing is related to\Nthe NOP slide, which you very, very well
Dialogue: 0,0:38:51.14,0:39:01.19,Default,,0000,0000,0000,,animated. So wouldn't starts of\Nsubroutines be suitable as well for that,
Dialogue: 0,0:39:01.19,0:39:11.46,Default,,0000,0000,0000,,for that goal. The person asking says that\Na big push R4, R5, etc. instructions are
Dialogue: 0,0:39:11.46,0:39:20.64,Default,,0000,0000,0000,,quite recognizable. How would ... Yeah\NThomas: Yeah. So absolutely. The time from
Dialogue: 0,0:39:20.64,0:39:25.02,Default,,0000,0000,0000,,finding the data in the ITCM-RAM and\Nactually exploiting it was less than an
Dialogue: 0,0:39:25.02,0:39:29.95,Default,,0000,0000,0000,,hour. And so if we would have tried to\Nreverse engineer it, it would be more
Dialogue: 0,0:39:29.95,0:39:33.66,Default,,0000,0000,0000,,work. Like absolutely possible and also\Nnot difficult, but just filling the RAM
Dialogue: 0,0:39:33.66,0:39:38.56,Default,,0000,0000,0000,,with NOP took a couple of minutes and so\Nwas really the easiest way and the fastest
Dialogue: 0,0:39:38.56,0:39:45.42,Default,,0000,0000,0000,,way without fiddling around in Ghidra or so.\NHerald: OK, cool, thanks. And this is more
Dialogue: 0,0:39:45.42,0:39:54.33,Default,,0000,0000,0000,,a remark than a question. The person says\Nit's strange that an STAN5281 does not
Dialogue: 0,0:39:54.33,0:39:59.63,Default,,0000,0000,0000,,mention a single time that the data is not\Nverified during encryption. I think it's
Dialogue: 0,0:39:59.63,0:40:05.76,Default,,0000,0000,0000,,more a fault on STs than Nintendos site.\NWhat would you think about that?
Dialogue: 0,0:40:05.76,0:40:10.69,Default,,0000,0000,0000,,Thomas: Yeah, I would somewhat agree\Nbecause in this case, even if you don't
Dialogue: 0,0:40:10.69,0:40:17.67,Default,,0000,0000,0000,,have JTAG, like an ARM thum instruction is\N2-4 bytes and so you have a relatively small
Dialogue: 0,0:40:17.67,0:40:21.86,Default,,0000,0000,0000,,space to brute force to potentially get an\Ninteresting branch instruction and so on.
Dialogue: 0,0:40:21.86,0:40:28.01,Default,,0000,0000,0000,,So I think it's yeah, I mean, it's\Nnot perfect, but also doing verification
Dialogue: 0,0:40:28.01,0:40:33.41,Default,,0000,0000,0000,,is very expensive, computational wise and\Nso I think it should just be the firmware
Dialogue: 0,0:40:33.41,0:40:37.16,Default,,0000,0000,0000,,that actually verifies the contents of the\Nexternal flash.
Dialogue: 0,0:40:37.16,0:40:44.11,Default,,0000,0000,0000,,Herald: OK, so I think we should ask 2\Nquestions more and then we can go back to
Dialogue: 0,0:40:44.11,0:40:52.00,Default,,0000,0000,0000,,the studio. There is a question about the\NAS encryption keys. Have you managed to
Dialogue: 0,0:40:52.00,0:40:57.35,Default,,0000,0000,0000,,recover them?\NThomas: Yes, we did. But so it's an
Dialogue: 0,0:40:57.35,0:41:01.70,Default,,0000,0000,0000,,applicational AST, and they do some crazy\Nshifting around with the keys but I think
Dialogue: 0,0:41:01.70,0:41:07.40,Default,,0000,0000,0000,,even just today, like an hour before the\Ntalk, a guy, sorry I'm not sure it's a
Dialogue: 0,0:41:07.40,0:41:12.65,Default,,0000,0000,0000,,guy, a person on our discord actually\Nmanaged to rebuild the full encryption.
Dialogue: 0,0:41:12.65,0:41:16.78,Default,,0000,0000,0000,,But we, I personally wasn't never\Ninterested in that because after you've
Dialogue: 0,0:41:16.78,0:41:22.08,Default,,0000,0000,0000,,downgraded to RTP 0, the device. You can\Njust access the memory mapped flash and
Dialogue: 0,0:41:22.08,0:41:24.74,Default,,0000,0000,0000,,get the completely decrypted flash\Ncontents basically.
Dialogue: 0,0:41:24.74,0:41:32.01,Default,,0000,0000,0000,,Herald: Sure. Thanks. And a last question\Nabout the LCD-Controller, whether it's
Dialogue: 0,0:41:32.01,0:41:38.18,Default,,0000,0000,0000,,used by writing pixels over SPI or if it\Nhas some extra features, maybe even
Dialogue: 0,0:41:38.18,0:41:40.93,Default,,0000,0000,0000,,background or sprites or something like\Nthat?
Dialogue: 0,0:41:40.93,0:41:46.81,Default,,0000,0000,0000,,Thomas: So the the LCD itself doesn't have\Nany special features. It has one SPI bus
Dialogue: 0,0:41:46.81,0:41:50.93,Default,,0000,0000,0000,,to configure it and then a parallel\Ninterface where - so it takes up a lot
Dialogue: 0,0:41:50.93,0:41:56.81,Default,,0000,0000,0000,,of pins. But the chip itself has a\Nhardware called LTDC, which is an LCD
Dialogue: 0,0:41:56.81,0:42:00.77,Default,,0000,0000,0000,,controller, which provides two layers with\Nalpha blending and some basic windowing
Dialogue: 0,0:42:00.77,0:42:06.63,Default,,0000,0000,0000,,and so on.\NHerald: OK, cool then thank you very, very
Dialogue: 0,0:42:06.63,0:42:11.80,Default,,0000,0000,0000,,much for the great talk and the great\Nintro. And with that, back to our main
Dialogue: 0,0:42:11.80,0:42:14.86,Default,,0000,0000,0000,,studio in the orbit. Thank you very much.\NBack to orbit.
Dialogue: 0,0:42:14.86,0:42:17.98,Default,,0000,0000,0000,,{\i1}rC3 postroll music{\i0}
Dialogue: 0,0:42:17.98,0:42:56.00,Default,,0000,0000,0000,,Subtitles created by c3subtitles.de\Nin the year 2020. Join, and help us!