Broadcasts.com - "HPR4022: dumping roms for fun and profit" (Hacker Public Radio)

Technology
SEE MORE
- classical
- general
- talk
- News
- Family
- Bürgerfunk
- pop
- Islam
- soul
- jazz
- Comedy
- humor
- wissenschaft
- opera
- baroque
- gesellschaft
- theater
- Local
- alternative
- electro
- rock
- rap
- lifestyle
- Music
- como
- RNE
- ballads
- greek
- Buddhism
- deportes
- christian
- piano
- djs
- Dance
- dutch
- flamenco
- social
- hope
- christian rock
- academia
- afrique
- Business
- musique
- ελληνική-μουσική
- religion
- World radio
- Zarzuela
- travel
- World
- NFL
- media
- Art
- public
- Sports
- Gospel
- st.
- baptist
- Leisure
- Kids & Family
- musical
- club
- Culture
- Health & Fitness
- True Crime
- Fiction
- children
- Society & Culture
- TV & Film
- gold
- kunst
- música
- gay
- Natural
- a
- francais
- bach
- economics
- kultur
- evangelical
- tech
- Opinion
- Government
- gaming
- College
- technik
- History
- Jesus
- Health
- movies
- radio
- services
- Church
- podcast
- Education
- international
- Transportation
- Other
- kids
- podcasts
- philadelphia
- Noticias
- love
- sport
- Salud
- film
- and
- 4chan
- Disco
- Stories
- fashion
- Arts
- interviews
- hardstyle
- entertainment
- humour
- medieval
- literature
- alma
- Cultura
- video
- TV
- Science
- en

HPR4022: dumping roms for fun and profit

Published: Jan. 2, 2024, midnight

disassembling - hex2bin is used for converting hexadecimal files into\\na binary file. - used z80dasm to disassemble machine code into\\nhexadecimal - use xxd to view the hex code and machine code side by side\\n- ghidra, reverse engineering suite used for analysis

\\n

https://www.noagendashow.net/ https://twostopbits.com/\\nhttps://en.wikipedia.org/wiki/Programmable_ROM https://en.wikipedia.org/wiki/Dual_in-line_package https://www.tablix.org/~avian/blog/articles/z80dasm/ https://ghidra-sre.org/\\nhttps://hex2bin.sourceforge.net/

\\n

1.prom-location-on-board.jpg 2.prom-ready-to-read.jpg

\\n

Intelhex file snipet:

\\n

:100600003E0FCD8E043E0ECD8E04211441360023C4\\n:1006100036003A6341326A41CDB204CDC404CD61A3\\n:1006200005215541CB46C46306210F41CB6E281CE2\\n:10063000210241CB4E28CE210F41CB7E2809FEEC72\\n:10064000CAC306FEED287CCD45071849CB66284570\\n:10065000210741CB76203B21154134CB8ECB9ECB5D\\n:10066000961832FEFFC8CB4E2808FEE42004CB8E3D\\n:10067000D1C9211941BED0FE31D8215541CB6628C0\\n:1006800003FE31C8321341CBA7CBAF215541CBD6A6\\n:10069000D1C9CD45072114413400003A2E41BEC2D4\\n:1006A0001E0636000000211541CB46216B417E2BF2\\n:1006B0002016BE200F3E132B772124413600210F38\\n:1006C000413EFFC934C31806BE28EA3EC9CD8E0498\\n:1006D0002115417EC60477CB5E200CCBA6AF01006E\\n:1006E00041CD9104C31E063E2018F3210F41CB6675\\n:1006F000202DCB6E28093A1341FEE4CCD107C93E28\\n:10070000FFC9CDEB06210F41CB662013CB6E28EF3E\\n:100710003A1341FEE12804FEE22004CDD107C93A94\\n:100720001341C93E200614219042772310FCC921B1\\n:100730002541367C233614CD5207C9212541362068\\n:1007400023362018F2FB2125413680233601CD5374\\n:1007500007C9F31680211241CBCECB964E0640CB73

\\n

xxd output showing text that\'s displayed on the screen when the\\ndevice boots

\\n

000025d0: f4f5 f6f7 f9ef e1e2 0ded e8f8 30e4 3d3b  ............0.=;\\n000025e0: 272f e550 3839 4f4b 4c2c 2e49 3637 5548  \'/.P89OKL,.I67UH\\n000025f0: 4a4e 4d59 3435 5446 4756 4252 3233 4553  JNMY45TFGVBR23ES\\n00002600: 4458 4357 e631 5141 5ae7 20ec ebea 2020  DXCW.1QAZ. ...\\n00002610: 2020 2020 0f53 454c 4543 5420 4143 5449      .SELECT ACTI\\n00002620: 5649 5459 1053 454c 4543 5420 434c 4153  VITY.SELECT CLAS\\n00002630: 5320 312d 3906 4c45 5353 4f4e 1053 454c  S 1-9.LESSON.SEL\\n00002640: 4543 5420 4c45 5645 4c20 312d 3405 4c45  ECT LEVEL 1-4.LE\\n00002650: 5645 4c12 5345 4c45 4354 2053 4543 5449  VEL.SELECT SECTI\\n00002660: 4f4e 2031 2d32 1231 2d45 5841 4d50 4c45  ON 1-2.1-EXAMPLE\\n00002670: 2050 524f 4752 414d 5310 322d 4241 5349   PROGRAMS.2-BASI\\n00002680: 4320 434f 4d50 5554 4552 1045 5841 4d50  C COMPUTER.EXAMP\\n00002690: 4c45 2050 524f 4752 414d 530e 5052 452d  LE PROGRAMS.PRE-\\n000026a0: 4241 5349 4320 5631 2e30 1253 454c 4543  BASIC V1.0.SELEC

\\n

z80dasm output:

\\n

    push af         ;0040   f5  .\\n    push bc         ;0041   c5  .\\n    push de         ;0042   d5  .\\n    push hl         ;0043   e5  .\\n    ld hl,0410fh        ;0044   21 0f 41    ! . A\\n    res 4,(hl)      ;0047   cb a6   . .\\n    res 5,(hl)      ;0049   cb ae   . .\\n    set 6,(hl)      ;004b   cb f6   . .\\n    bit 0,(hl)      ;004d   cb 46   . F\\n    jr nz,27        ;004f   20 19     .\\n    bit 1,(hl)      ;0051   cb 4e   . N\\n    jr z,41     ;0053   28 27   ( \'\\n    ld hl,0410eh        ;0055   21 0e 41    ! . A\\n    inc (hl)            ;0058   34  4\\n    ld a,(hl)           ;0059   7e  ~\\n    cp 032h     ;005a   fe 32   . 2\\n    jr nz,32        ;005c   20 1e     .\\n    ld (hl),000h        ;005e   36 00   6 .\\n    ld hl,0410ch        ;0060   21 0c 41    ! . A\\n    inc (hl)            ;0063   34  4\\n    jr nz,24        ;0064   20 16     .\\n    inc hl          ;0066   23  #\\n    inc (hl)            ;0067   34  4\\n    jr 20       ;0068   18 12   . .\\n    ld hl,0410ch        ;006a   21 0c 41    ! . A\\n    inc (hl)            ;006d   34  4\\n    jr nz,14        ;006e   20 0c     .\\n    inc hl          ;0070   23  #\\n    inc (hl)            ;0071   34  4\\n    ld a,(hl)           ;0072   7e  ~\\n    cp 00ch     ;0073   fe 0c   . .\\n    jr nz,7     ;0075   20 05     .\\n    ld hl,0410fh        ;0077   21 0f 41    ! . A\\n    set 2,(hl)      ;007a   cb d6   . .

\\n

If you\'ve gotten this far, the forth code, read bottom up:

\\n

-promreader\\nmarker -promreader\\n\\n2variable low-mem\\n2variable high-mem\\n\\n\\\\ 22-29\\n$22 constant LOW-BYTE\\n$21 constant DDRA\\n$20 constant PINA\\n\\n\\\\ 53=PB0, 52=PB1\\n$25 constant PAGE\\n$24 constant DDRB\\n$23 constant PINB\\n%0000.0001 constant PAGE-SELECT\\n%0000.0010 constant CHIP-ENABLE\\n\\n\\\\ 37-30 (reversed on board)\\n$28 constant HIGH-BYTE\\n$27 constant DDRC\\n$26 constant PINC\\n\\n\\\\ 49-42 (reversed on board)\\n$10b constant  PORTL\\n$10a constant  DDRL\\n$109 constant  DATA\\n\\nvariable LineFeed\\nvariable Address\\nvariable CheckSum\\n\\n$10 constant ByteCount\\n0 constant RecordType\\n\\n: port-init ( -- )\\n  PAGE-SELECT DDRB mset\\n  CHIP-ENABLE DDRB mset\\n  $ff DDRA mset\\n  $ff DDRC mset\\n  $ff DDRL mclr\\n  $ff PORTL mset\\n  CHIP-ENABLE PAGE mset\\n  PAGE-SELECT PAGE mclr\\n;\\n\\n: hex>ascii ( n -- c c ) dup $f0 and 4 rshift swap $0f and digit swap digit ;\\n\\n: checksum+ ( n -- )  CheckSum @ + CheckSum ! ;\\n\\n: .output ( n -- )  ( dup ) ( checksum+ ) emit emit ;\\n\\n: address ( n -- )\\n  Address @\\n  dup $ff00 and 8 rshift swap\\n  $00ff and swap\\n  dup checksum+\\n  hex>ascii\\n  .output\\n  hex>ascii\\n  .output\\n;\\n\\n: add>bytes ( n -- n n ) dup $ff00 and 8 rshift swap $00ff and ;\\n\\n: build-record ( n -- ) dup checksum+ hex>ascii .output ;\\n\\n: header ( -- )\\n    ." :"\\n    ByteCount build-record\\n    Address @ add>bytes swap build-record build-record\\n    RecordType build-record\\n;\\n\\n: .checksum ( -- )\\n  CheckSum @ invert 1+\\n  build-record\\n  0 CheckSum !\\n  cr\\n;\\n\\n\\n: address+ ( -- n ) Address @ 1+ dup Address ! ;\\n\\n: line-feed+ ( -- )\\n  LineFeed @ 1+\\n  dup\\n  ByteCount = if\\n    ( .checksum )\\n    0 LineFeed !\\n    cr\\n  else\\n    LineFeed !\\n  then\\n;\\n\\n: read-data ( -- d )\\n  CHIP-ENABLE PAGE mclr 10 ms\\n  DATA c@ 10 ms\\n  CHIP-ENABLE PAGE mset 10 ms\\n  ;\\n\\n: set-high-byte HIGH-BYTE c! ;\\n\\n: set-low-byte LOW-BYTE c! ;\\n\\n: get-data ( -- n )\\n  Address @ add>bytes\\n  set-low-byte\\n  set-high-byte\\n  read-data\\n  build-record\\n;\\n\\n: page-read ( -- )\\n  0 CheckSum ! 0 Address ! cr\\n  begin\\n    0\\n    header\\n    begin\\n      get-data\\n      Address @ 1+ Address !\\n      1+\\n      dup 16 =\\n    until\\n    drop\\n    .checksum\\n    Address @\\n    0=\\n  until\\n  ." :00000001FF" cr\\n;\\n\\n\\n: dump-prom ( -- )\\n  port-init\\n  ." Page 1" cr\\n  page-read\\n  PAGE-SELECT PAGE mset\\n  ." Page 2" cr\\n  page-read\\n  ;

\\n

PROM location on board
\\n

\\n

PROM ready to read
\\n