It’s a fact of life that electronic devices become obsolete after a few years. Sometimes this is because technology has moved on, but it can also happen that a perfectly functional device becomes near-useless simply because the original manufacturer no longer supports it. When [Buy It Fix It] found a pair of second-hand Power-One Aurora solar inverters, he ran into an issue for which he needed access to the service menu, which happened to be password-protected. The original manufacturer had ceased to exist, and the current owner of the brand name was unable to help, so [Buy It Fix It] had to resort to reverse engineering to find the password.
Thanks to the Wayback Machine over at the Internet Archive, [Buy It Fix It] was able to download the PC software bundle that originally came with the inverters. But in order to access all features, a password was required that could only be obtained by registering the unit with the manufacturer. That wasn’t going to happen, so [Buy It Fix It] fired up dnSpy, a decompiler and debugger for .NET programs. After a bit of searching he found the section that checked the password, and by simply copying that section into a new program he was able to make his own key generator.
With the service password now available, [Buy It Fix It] was able to set the inverter to the correct voltage setting and hook it up to his solar panels. Interestingly, the program code also had references to “PONG”, “Tetris” and “tiramisu” at various places; these turned out to be Easter eggs in the code, containing simple versions of those two games as well as a photo of the Italian dessert.
Inside the software archive was also another program that enabled the programming of low-level functions within the inverter, things that few users would ever need to touch. This program was not written in .NET but in C or something similar, so it required the use of x32dbg to look at the machine code. Again, this program was password-protected, but the master password was simply stored as the unencrypted string “91951” — the last five digits of the manufacturer’s old phone number.
The inverter was not actually working when [Buy It Fix It] first got it, and his repair video (also embedded below) is also well worth watching if you’re into power electronics repair. Hacking solar inverters to enable more features is often possible, but of course it’s much easier if the entire design is open source.
Continue reading “Decompiling Software To Fix An Old Solar Inverter” →
Keeping source code to programs closed is something that is generally frowned upon here for plenty of reasons. Closed source code is less secure and less customizable, but unfortunately we won’t be able to convince everyone of the merits of open source code any time soon. On the other hand, it is possible to decompile some of those programs whose source remains behind locked doors in an attempt to better understand that code, and one of the more impressive examples of that of late is this project which has fully decompiled The Ocarina of Time.
To get started with the code for this project, one simply needs to clone the Git repository and then use a certain set of software tools (depending on the user’s operating system) to compile the ROM from the source code. From there, though, the world is your rupee-filled jar. Like we’ve seen from other decompiled games, any number of enhancements to the original game can be made including increasing the frame rate, improving the graphics, or otherwise adding flourishes that wouldn’t otherwise be there.
The creators of this project do point out that this is still a work-in-progress as only one of the 18 versions have been completed, but the fact that the source code they have been able to decompile builds a fully-working game when recompiled speaks to how far along it’s come. We’ve seen similar processes used for other games before that also help to illustrate how much improvement is possible when re-writing old games from their source code.
Thanks to [Lazarus] for the tip!
Continue reading “The Legend Of Zelda: Decompiled” →
[0xricksanchez] participated in a software reverse-engineering challenge and recently wrote up the solution, and in so doing also documented the process used to discover it. The challenge was called Devil’s Swapper, and consisted of a small binary blob that output a short message when executed. The goal of the challenge? Discover the secret key and the secret message within. [0xricksanchez]’s writeup, originally intended just as a personal record, ended up doing an excellent job of showing how a lot of reverse engineering tools and processes get applied to software in a practical way.
What’s also great about [0xricksanchez]’s writeup is that it uses standard tools and plenty of screenshots to show what is being done, while also explaining why those actions are being chosen and what is being learned. It’s easy to follow the thought process as things progress from gathering information, to chasing leads, and finally leveraging what’s been learned. It’s a fascinating look into the process of applying the reverse engineering mindset to software, and a good demonstration of the tools. Give it a read, and see how far you can follow along before learning something new. Want more? Make sure you have checked out the Hackaday 2020 Remoticon videos on reverse engineering firmware, and doing the same for PCBs.