Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Security Software IT Hardware

Semi-Automatic Hacking of Masked ROM Code From Microscopic Images 42

An anonymous reader writes "Decapping chips and recovering code or data is nothing new, but the old problem of recovering Masked ROM through visual inspection (binary '0' and '1' can be distinguished within the images) is normally done by crowd sourcing a manual typing effort. Now a tool that semi-automates this process and then recovers the data automatically has been released."
This discussion has been archived. No new comments can be posted.

Semi-Automatic Hacking of Masked ROM Code From Microscopic Images

Comments Filter:
  • Nice 8085 example (Score:5, Interesting)

    by ranulf ( 182665 ) on Wednesday February 06, 2013 @05:34AM (#42806433)
    For a nice example of this being done by humans, see Ken Shirriff's decoding of the 8085 instruction decode logic [].
  • This is awesome... (Score:5, Interesting)

    by jonwil ( 467024 ) on Wednesday February 06, 2013 @06:54AM (#42806751)

    Could be useful for future MAME work if someone is able to decap (and photograph) various otherwise un-dumpable mask-ROM-based MCUs and other chips.

    • by Rik Sweeney ( 471717 ) on Wednesday February 06, 2013 @07:40AM (#42806927) Homepage

      Interestingly, this was done for Bubble Bobble to ensure that the emulation was perfect: []

      • by Anonymous Coward on Wednesday February 06, 2013 @08:15AM (#42807059)

        This is done for the SNES, and all known coprocessors have been perfectly emulated. Write-up here [], with pictures and explanations.

        • by Applekid ( 993327 ) on Wednesday February 06, 2013 @12:20PM (#42809339)

          I'd like to take a moment and thank all these people for working tirelessly in uncovering these secret bits of gaming history. I'm both envious of how smart these people are and grateful that they've spent their energy on something I just so happen to love.

        • by Khyber ( 864651 )

          Sadly that perfect emulation also means perfect errors popping up on poorly-coded ROMs.

          This is why I use ZSNES for Super Nintendo. Those errors in ROM, ZSNES can work around them without any in-game problems. Byuu does exactly as it's supposed to, and fails upon the error.

          Sometimes, perfect emulation isn't warranted.

    • by chrylis ( 262281 )

      *crosses fingers* Please, Raiden II, please, Raiden II...

      • by jonwil ( 467024 ) on Wednesday February 06, 2013 @08:32AM (#42807131)

        The devs have said many times that decapping will NOT help emulate Raiden II

        • Uh oh... I have a twitchy itchy finger for... Raiden X []!!! Free online in a web browser. Damn good too! Best Flash technology demo even if it wasn't intended to be one.

        • by chrylis ( 262281 )

          My understanding was that the issue wasn't that they didn't have a dump but that there was a one-off coprocessor that nobody had specs for. Would this not be of any assistance reverse-engineering such a chip?

          • by Khyber ( 864651 )

            In fact, it's this very chip you mention that prevents Raiden II from being emulated at all. It's a specialized coprocessor harking back from the 386/486 era, though this chip isn't Intel-made.

            The purpose of this chip was to handle the flight paths of all the bullets flying around, thus relieving the main CPU from having to raster/render all these sprites and the direction they'd go.

            Also, this same chip controls the homing plasma cannon beam.

            And even then, (depending upon the arcade manager) at higher diffi

          • by harrkev ( 623093 )

            No. The technique described here works perfectly well for ROM images. This is because the data is actually encoded in the metal layers. I would presume that the underlying silicon is just a regular grid on transistors, so you can effectively ignore it.

            Now, an actual processor, on the other hand, is a completely different can of worms. In order to reverse-engineer it, you would need not only the information from the metal layers (and not just the top metal layer), but also reverse-engineer the actual cel

            • by chrylis ( 262281 )

              So the gist is that the basic principles ought to work but that the advances in ASIC manufacturing between the 8085 and Raiden II mean that it's not feasible now to reverse-engineer the coprocessor?

              • by harrkev ( 623093 )

                Not at all. I am pretty sure that there is somebody out there who could reverse-engineet it. This is rather old tech at this point. However, who is going to pay them? I would susupect that this would be too much of an effort for a hobbyist.

        • by Khyber ( 864651 )

          The devs don't have a working Raiden II board. I do (arcade cabinet got leaked upon from the top, ruined the CRT and controls, board left intact and undamaged.) Decapping will DEFINITELY help as Raiden II had a coprocessor to help handle the incessant bulletstorm.

  • by rimcrazy ( 146022 ) on Wednesday February 06, 2013 @08:12AM (#42807047)

    I use to work for a large semiconductor company that manufactures microcontrollers. (I won't say who but they really make very small micro chips) I got into hot water once as I was the geek they called into a meeting to explain to a customer just how secure their technology was and because the rom code was stored in EEPROM that all was safe and secure. Well, first, no one told me the issue that was bothering the customer and second, they just called me in cold and I was asked "Can someone reverse engineer the code that is stored in the device." Being Dilbert to a T I looked at the crowd and said, "Sure if you have enough money. Just decap the device, put it into a voltage contrast SEM and fire it up. You'll have nice pictures of bright and dark spots on the memory array and in no time you'll have the code". Customer went batshit. My boss gave me the look of death and I'm standing there saying "What?" "You asked me if it can be done" "I just told you how to do it. It's not cheap but it's possible".

    These days this is probably a lot more difficult as many, not all, but many IC's are mounted in a package face down as they use bump technology to do both die attach and signal connections.

    • And really.. if your code is THAT important, you should use a security-based chip to begin with.
      There are tamper-resistant packages and a variety of defenses against this, but they all cost money.

      • by Anonymous Coward

        And even those measures (metal grid layers, e-fuses etc) can be defeated [] although as with any security it's about making it uneconomically difficult for most attackers to do so. Also the security shouldn't depend on any secrets like a hardcoded universal key or the fact that you fake the encryption - several "secure" flash drives have been found to do this, the unencrypted data can be read right off the flash when you bypass the controller.

        • by CODiNE ( 27417 )

          Those fake encrypted flash drives remind me of the old Zip disks. If you put in a disk with a known password and unlocked it you could force it out and put in an encrypted disk you didn't know the password to. They didn't even bother to XOR the data with your password so any disk could be read that way.

    • Re: (Score:3, Interesting)

      by Anonymous Coward
      I also work at a large semiconductor company. There is some interesting research in both mitigating and defeating chip security. One attack technique for breaking into chips is to hold the debug line high and scan a laser over the surface of the chip to randomly flip bits, hoping to flip the one that is locking the debug line low. If the hardware designers were not thinking about redundantly, physically separating things on the chip, you might enable debug mode which bypasses all the lockdowns and encryptio
    • by slew ( 2918 )

      FWIW, in some modern ICs (that I've worked on) the most critical parts of a rom (e.g., a boot loader that validates a pre-boot image), are generally not implemented as a masked rom, but basically compiled gates. The logic compiler (more often than not the program called Design Compiler from Synopsys) is given the contents of the rom described as a big case statement: given an address, assign data output. The compiler produces a semi-optimal set of logic gates to implement the 'ROM' function.

      During the lay

    • by flonker ( 526111 )

      As I've learned, the correct answer is, "Sure, but it'll cost them $n megabucks, and it will take x amount of time." (I'm sure rimcrazy also figured this out since then.)

  • Hacking your XBox 360 is clearly a crime worthy of being charged for, but taking the cover off a microchip and reading code that wasn't meant to be read is not a DMCA violation at all.
    • taking the cover off a microchip and reading code that wasn't meant to be read is not a DMCA violation at all.

      You're not bypassing DRM, as there is no DRM. So no violation, beyond standard copyright infringement, and even that's a grey area.

    • Hacking your XBox 360 is clearly a crime worthy of being charged for, but taking the cover off a microchip and reading code that wasn't meant to be read is not a DMCA violation at all.

      That's only because the right folks haven't been getting their campaign contributions to make that illegal, too.

  • That is seriously interesting and very very impressive.
    I can't help but wonder, though, if he hadn't popped the chip into a vat of boiling acid, he could have taken a note of the manufacturers code and dropped them a polite email... :)
  • by ctrl-alt-canc ( 977108 ) on Wednesday February 06, 2013 @09:00AM (#42807271)
    Just split the ROM mask image into subimages, and ask engineers to decode a piece of the embedded code to access pr0n sites, and you will get the job done in a few minutes.
  • Isn't this banned? Or is it only the ones that have military features?
    • Isn't this banned? Or is it only the ones that have military features?

      I really don't see the need for the average citizen to use a semi automatic hacking tool. We should ban them and force hackers to reboot after every hack.

Karl's version of Parkinson's Law: Work expands to exceed the time alloted it.