Reverse engineering programs with unknown instruction sets (2012) [pdf]

Stuff like that is definitely fun. In the 1990s I bought a Sharp PC-E500S pocket computer and hacked the CPU's instruction set. With no internet and no documentation about the processor, I invented my own assembler syntax for the instructions. Assembler, disassembler, hex monitor, (written in Basic) are all still working to this day.

Shout out to CPUAdventure challenge from DragonCTF 2019, which were basically this. If you like the slides, you should find this writeup entertaining: <a href="https:&#x2F;&#x2F;www.robertxiao.ca&#x2F;hacking&#x2F;dsctf-2019-cpu-adventure-unknown-cpu-reversing&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.robertxiao.ca&#x2F;hacking&#x2F;dsctf-2019-cpu-adventure-u...</a>

Probably the second-best fun I ever had was reverse engineering a discrete-TTL processor and the firmware written for it. These were embedded in some Xerox Diablo daisy-wheel printers dating from the latter half of the 20th Century. And the <i>best</i> fun I ever had was hacking that code to better suit the unique needs of my customer!<p>I wrote about the Diablos and their multi-axis realtime motion control here [1]. The good stuff about the hacking starts just over halfway down the page, &quot;the Diablo proprietary processor.&quot;<p>HN has honored me in past by recognizing other items on the site, such as &quot;One-Bit Computing at 60 Hertz&quot; [2] and &quot;the KK Computer - a radical 6502 redesign&quot; [3].<p>[1]<a href="https:&#x2F;&#x2F;laughtonelectronics.com&#x2F;oldsite&#x2F;comm_mfg&#x2F;commercial_diablo.html" rel="nofollow">https:&#x2F;&#x2F;laughtonelectronics.com&#x2F;oldsite&#x2F;comm_mfg&#x2F;commercial_...</a> [2]<a href="https:&#x2F;&#x2F;laughtonelectronics.com&#x2F;Arcana&#x2F;One-bit%20computer&#x2F;One-bit%20computer.html" rel="nofollow">https:&#x2F;&#x2F;laughtonelectronics.com&#x2F;Arcana&#x2F;One-bit%20computer&#x2F;On...</a> [3]<a href="https:&#x2F;&#x2F;laughtonelectronics.com&#x2F;Arcana&#x2F;KimKlone&#x2F;Kimklone_short_summary.html" rel="nofollow">https:&#x2F;&#x2F;laughtonelectronics.com&#x2F;Arcana&#x2F;KimKlone&#x2F;Kimklone_sho...</a>

Also enjoyable, reverse engineering the Transmeta Crusoe&#x27;s internal VLIW instruction set: <a href="https:&#x2F;&#x2F;www.realworldtech.com&#x2F;crusoe-intro&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.realworldtech.com&#x2F;crusoe-intro&#x2F;</a><p>I suspect the Anonymous author might have gotten a tip or two from a friendly Transmeta hardware or software engineer.

I wonder what the mystery instruction set in the slides actually is? (Assuming it is a real instruction set and not just something made up to demo the idea.)

Amazing !!! Look a lot like breaking a cypher with the added specifics of processor knowledge !

I once wrote a detector of 38 known machine languages.<p>Akin to an expansion of the UNIX file command.<p>It would listed known machine code(s) encountered at least within 4 bytes (in probability order).<p>Good times, good times.<p>(oh, sadly, not open source, but proprietary; I still do wish I could release this gem.)

Previously on HN, possibly not unrelated: <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=25115916" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=25115916</a>

Is the site decompilation.info down? Cannot access it.

But what if the CPU assumes the instruction stream is compressed?