Readers not aware of what Ghidra is might imagine some kind of aftermarket water cooler firmware or mainboard – a usual hacker practice with reflow ovens. What [Robbe Derks] did is no less impressive and inspiring: A water cooler firmware mod that adds hands-free water dispensing, without requiring any hardware mods or writing an alternative firmware from scratch.
Having disassembled the cooler, [Robbe] found a PIC18F6527 on the mainboard, and surprisingly, it didn’t have firmware readback protection. Even lack of a PICkit didn’t stop him – he just used an Arduino to dump the firmware, with the dumper code shared for us to reuse, and the resulting dumps available in the same repository.
From there, he involved Ghidra to disassemble the code, while documenting the process in a way we can all learn from, and showing off the nifty tricks Ghidra has up its sleeves. Careful planning had to be done to decide which functions to hook and when, where to locate all the extra logic so that there’s no undesirable interference between it and the main firmware, and an extra step taken to decompile the freshly-patched binary to verify that it looks workable before actually flashing the cooler with it.
The end result is a water cooler that works exactly as it ought to have worked, perhaps, if the people defining its user interaction principles were allowed to make it complex enough. We could argue whether this should have been a stock function at all, but either way, it is nice to know that we the hackers still have some of the power to make our appliances friendly — even when they don’t come with an OS. Certainly, every single one of us can think of an appliance long overdue for a usability boost like this. What are your examples?
We’ve covered quite a few Ghidra-involving hacks, but it never feels like we’ve had enough. What about patching an air quality meter to use Fahrenheit? Or another highly educational write-up on cracking GBA games? Perhaps, liberating a Linux-powered 4G router to reconfigure it beyond vendor-defined boundaries? If you have your own goal in mind and are looking to start your firmware reverse-engineering journey, we can say with certainty that you can’t go wrong with our HackadayU course on Ghidra.