|
@mwk4 | |||||
|
Here's a little something that I made for (now-finished) Dragon CTF 2019 Teaser by @DragonSectorCTF : github.com/koriakin/cpuad… (blackbox CPU reverse engineering) — have fun!
|
||||||
|
||||||
|
A girl has no name 🏳️⚧️
@mwk4
|
25. ruj |
|
... and if anyone is wondering, here's how to deal with such things (ie. got code for a strange undocumented CPU): robertxiao.ca/hacking/dsctf-… — congrats to the solver team! :)
|
||
|
|
||
|
A girl has no name 🏳️⚧️
@mwk4
|
25. ruj |
|
Too many people consider this sort of things to be impossible. In fact, some statistical analysis + guesswork + staring at the code a lot and trying out many hypotheses can go a long way, and instruction sets can be recovered from much smaller samples than this.
|
||
|
|
||
|
A girl has no name 🏳️⚧️
@mwk4
|
25. ruj |
|
This task was born because I did just that (reversing a binary for a custom arcane CPU from a single code sample without any documentation) multiple times, and wanted to demonstrate that it can be done, and it's not as hard as it seems.
|
||
|
|
||
|
A girl has no name 🏳️⚧️
@mwk4
|
25. ruj |
|
Unfortunately, I cannot really publish what I've done. So — big thanks to PPP for their writeup! It's really a nice instruction that I've always missed :)
|
||
|
|
||
|
A girl has no name 🏳️⚧️
@mwk4
|
25. ruj |
|
Oh, and if you're wondering about some weirdness in my little CPU, please note that I didn't really invent any of it — it's an amalgamation of real production CPUs that I've come across, and every single feature is stolen, most of them from the last CPU I've blackbox-reversed.
|
||
|
|
||
|
A girl has no name 🏳️⚧️
@mwk4
|
25. ruj |
|
|
||