
Reverse engineering a Gameboy ROM with radare2 - lainon
https://www.megabeets.net/reverse-engineering-a-gameboy-rom-with-radare2/
======
kemenaran
I'm always impressed by GameBoy ROM disassembling efforts.

The complete disassembly of Pokemon Red/Blue [1] is an outstanding piece of
work. All the source code and data of the ROM have been figured out and
commented.

For the Zelda DX disassembly I'm currently working on [2], devdri wrote a
custom GameBoy disassembler named "awake" [3]. It produces a nice pseudo-code
view with C-style statements, and also do some static codeflow analysis with
variables propagation to know which memory banks are being switched in and
out. Quite impressive IMO.

But damn, even with these tools disassembling is still a lengthy work…

[1] [https://github.com/pret/pokered](https://github.com/pret/pokered)

[2] [https://github.com/mojobojo/LADX-
Disassembly](https://github.com/mojobojo/LADX-Disassembly)

[3] [https://github.com/kemenaran/awake](https://github.com/kemenaran/awake)

------
sanqui
If you want to try with a real debugger next time, bgb[1] offers one that's
excellent. The emulator is unfortunately closed source, but it's well
supported under Wine.

[1] [http://bgb.bircd.org/](http://bgb.bircd.org/)

------
borski
There was another challenge just like this in the Square CTF at the Grace
Hopper Celebration. Unfortunately that CTF is still going on until Friday, but
it was a fun challenge; worth looking at if you get a chance. Otherwise, there
will undoubtedly be writeups coming after the CTF ends.

------
kmm
The site seems down to me, but this archive link works:
[http://archive.is/fRhT5](http://archive.is/fRhT5)

