Hacker stack smashing clears the Nintendo Game & Watch with Super Mario Bros. released last week and bypass the handheld’s encryption. With that, the first steps have been taken on the way to adapted ROMs for the Game & Watch.
Stacksmashing bought the Nintendo Game & Watch and opened the device to see if he already found ways to hack the device. He found that the handheld has a Cortex-M7-soc, 128kB flash memory and 1024kB ram.
He also found the SWD, the debugging interface for the Cortex-M. It turned out to be secure, so it could not easily dump the firmware. He did discover that the frame buffer was readable from memory via the SWD and he saw that a Super Mario Bros. NES ROM was loaded into the ram. He also managed to flip a few bits in the flash image and still boot the handheld, as a sign that no flash validation is taking place. In a video he then demonstrates starting a modified rom by ‘Hacked Mario Bros.’ to start.
He does emphasize that there is still a lot of work to be done before actually running modified ROMs with games on the Game & Watch. Stacksmashing will now focus on being able to dump the soc’s firmware to make this happen.
–