8085 Dissasembly?

allison allisonportable at gmail.com
Mon Apr 16 18:07:20 CDT 2018


On 04/16/2018 03:01 PM, W2HX via cctech wrote:
> Hi friends. I have a 1990's vintage commercial radio system that uses an 80C85A CPU. I am looking to hopefully modify the firmware to make some small changes in its behavior.  The firmware is contained in two EPROMS.
>
>
> Can anyone recommend a decent disassembler to use with this? Preferably something that ran in windows 10 or windows 7? A dos box would be fine too.
I've used DASMx freeware. 
My primary for that work is resource/Zsource but that runs on my CP/M
box where my EPROM reader/writer is.

Google 8085 disassembler.  Try several to see what works for you. 
Generally those that interact with the
user are best as you can sorta guide them around text sections and allow
you to assign descriptive labels to
sections (subroutines).

You may even need a 8085 simulator to test sections of code.

> Also, I looked through the dumped contents of the EPROM. In the past I have seen EPROM ascii dumps where most is unintelligible to the naked eye but typically text messages give to the users during interaction with the program are human readable. In this case, the ASCII dump shows only other HEX data.  I believe I read that there is a HEX format and that I might need to convert from HEX to BIN before disassembling. Of course, an ideal tool would do both if anyone knows such a thing.
>
You may depending on what the tool expects.  Usually hex dumps obscure
the text.  Its not common for
8085 programmers to compress text.   That assumes the text is not a
bitmap for a LCD or LED then all
bets are off as to what you may see.

> I am not familiar with 8085 stuff but any insight would be appreciated.
>
I am.   You will need to understand the 8085, its environment (the stuff
it controls) and
what the memory layout(both rom and ram)  and IO layout.  Learn the 8085
instruction set.
FYI the 8080/8085 user manual is on line so find it and get it will be a
big help.

As they say, you will be working very close to the raw metal.

One worry is that the code could have been written in C or PL/M (or PLI)
and that may obscure the code further.

> Lastly, I wonder if there might be some kind of checksum check to prevent tampering. Is there a common way this is handled in 8085 world? Or is it entirely programmer dependent?

The 8085 does not have hardware checksum.  Its a programmer thing as in
who wrote the code and if there were
requirements by management or client to have checks (may include other
self tests and manufacturing
diagnostics as well).  However, its possible to do that in the code as
part of the startup self check (or BITE if mil). 
That only means you have to either negate that code (after finding it)
or you can find where the checksum is
and write a new one.   In cases where I've seen it it was early in the
startup and was there to verify
the Eproms were not broken than a worry about tampering.

Doing this is not trivial and you are in full forensic sleuth mode.


Hope that helps.

Allison/KB1GMX



More information about the cctech mailing list