Dumping A Zelda SNES ROM, And Learning A Few Things Along The Way

For many of us, being given a big old DIP ROM from nearly thirty years ago and being told to retrieve its contents would be a straightforward enough task. We’d simply do what we would have done in the 1980s, and hook up its address lines to a set of ports, pull its chip select line high, and harvest what came out of the data lines for each address.

But imagine for a minute that an old-fashioned parallel ROM is a component you aren’t familiar with, as [Brad Dettmer] did with the ROM from a SNES Zelda cartridge. We’ve seen plenty of reverse engineering stories with ancient computing gear as their subject, but perhaps it’s time to accept that some of the formerly ubiquitous devices are edging towards that sort of status.

So [Brad] takes us through the process of using the Saleae logic analyser to interrogate the chip while an Arduino stepped through its address lines, and the lesson is probably that while it seems like a sledgehammer to crack a nut it is important to factor in that unfamilarity. If you’d never worked with a 1980s ROM, it would make sense to use the tool you are familiar with, wouldn’t it?

Anyway, all’s well that ends well. While we’re on the subject of Nintendo ROMs, have a read about extracting the boot ROM from a cloned Game Boy.

12 thoughts on “Dumping A Zelda SNES ROM, And Learning A Few Things Along The Way

      1. You can, with really high voltage. It’s permanent and would no longer work at all afterward. But the smell of roasted electronics gets to me like fresh brewed coffee gets to some people.

  1. I would liken it more to trying to traverse a mountain biking path on a unicycle. At first it seemed like a 5V microcontroller was an appropriate tool, until you learn it only has 20 useful pins… OK, just address the cartridge with the microcontroller, and collect the data with a logic analyzer. Except the logic analyzer doesn’t have enough pins either… OK, just dump the memory twice, being sure to cover all data pins between the two dumps, and stitch the outputs together… I have to appreciate the resiliency and resourcefulness.

  2. Their “lack of pins” problem could have been solved with another Arduino at least instead of using a logic analyser :/ someone should tell them they could’ve just used some shift registers or counters to drive the address bus.

  3. Though we don’t have Centronics printer ports on the back of our computers anymore, we have Arduinos and Raspis with enough ports to handle both data and addressing without any address latching with a TTL rats nest soldered on. I actually think this had gotten easier also because you also are no longer forced to go down to your local Radio shack to beg for a Xerox copy of the relevant page from an IC catalogue to get pinouts and timing, but you simply can get the PDF on-line.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.