TI-84计算器ROM逆向工程完整笔记
值得看指数 51.0 NO. 014 · 2026.06.09
发布2026/06/08Score84Comments11
为什么值得看
一位开发者用Ghidra完整逆向了TI-84 Plus计算器的1MB ROM,系统梳理了Z80架构、内存分页机制和OS 2.55MP的内部结构。对做嵌入式逆向、固件安全或复古计算复现的工程师有直接参考价值,方法论可迁移到现代IoT设备分析。
编辑判断
TI-84这种封闭了20年的教育设备ROM被完整拆解,说明Ghidra的Z80处理器模块已经足够成熟,可以替代IDA Pro处理8位嵌入式目标。这个项目最实用的部分是它的自动化重建脚本tools/build.sh,解决了Ghidra项目版本管理和协作的痛点。
做IoT安全或汽车ECU逆向的团队可以借鉴这套工作流:flash dump -> 自动加载符号 -> 分页内存模型重建。复古计算社区也在用类似方法抢救早期PDA和图形计算器的软件遗产,这类技能在芯片断供背景下有意外价值。
社区反馈
意见分歧 9 条评论
核心争论:AI辅助逆向工程的效果与边界:人机协作能否替代传统手工分析
I couldn't tell, is a person doing this? or was this an LLM dissecting it?
> Confidence is flagged: ..... > The big picture > The structural reverse-engineering is comprehensive (every subsystem mapped, both cross-page mechanisms resolved ... > Confidence summary / open items Probably an LLM wrote the docs. > (the GhidraMCP plugin reconnects for interactive work) Prob
This was made collaboratively by me directing coding agents at the binary, using Ghidra MCP extensively, disassembly and also dynamic analysis with an emulator. I don't have a writeup of the process but it was definitely not fully automatable (I wish though). I might prepare a blog post with transcr