Version 1.7

Lecture: Hacking the Nintendo Game & Watch

Your princess is AES encrypted in another castle

On November 13., Nintendo launched its newest retro console, the Nintendo Game and Watch - but by then it was already hacked!

In contrast to the other Nintendo classic consoles (NES & SNES), Nintendo upped their game this time: A locked processor, AES-CTR encrypted flash & co. made it significantly harder to hack it, but in the end it was still hacked - one day before release.

This talk walks through the whole process of opening it up, exploiting the firmware up to bringing homebrew to a new console - in a fun, beginner friendly way.

The Nintendo Game & Watch was anticipated by a lot of retro-interested folks, and the clear expectation was: We wan't to get more games onto this device!

But Nintendo made the life of hackers harder: The CPU is locked, the external flash AES encrypted, and the USB-C connector does not have its data-lines connected.

But not so fast! In this talk we learn how to exploit the firmware, get code-execution via a NOP-slide, dump the ROMs & RAMs of the device and achieve what everyone has been asking for: DOOM running on the Nintendo Game & Watch.

If you are interested in the full flow from opening up a device, exploiting it, to writing custom drivers for homebrew, this is your talk! And all you need to follow along are a Game & Watch and about $4 of equipment!