2020-12-27, 18:00–18:40 (Europe/Berlin), rC2
On November 13., Nintendo launched its newest retro console, the Nintendo Game and Watch - but by then it was already hacked!
In contrast to the other Nintendo classic consoles (NES & SNES), Nintendo upped their game this time: A locked processor, AES-CTR encrypted flash & co. made it significantly harder to hack it, but in the end it was still hacked - one day before release.
This talk walks through the whole process of opening it up, exploiting the firmware up to bringing homebrew to a new console - in a fun, beginner friendly way.
Your princess is AES encrypted in another castle
The Nintendo Game & Watch was anticipated by a lot of retro-interested folks, and the clear expectation was: We wan't to get more games onto this device!
But Nintendo made the life of hackers harder: The CPU is locked, the external flash AES encrypted, and the USB-C connector does not have its data-lines connected.
But not so fast! In this talk we learn how to exploit the firmware, get code-execution via a NOP-slide, dump the ROMs & RAMs of the device and achieve what everyone has been asking for: DOOM running on the Nintendo Game & Watch.
If you are interested in the full flow from opening up a device, exploiting it, to writing custom drivers for homebrew, this is your talk! And all you need to follow along are a Game & Watch and about $4 of equipment!