AeroCTF had a category of challenges revolving around PICs. The PIC code dump is given for us to analyze and extract the flag from it. ROM dump is given in a hex file: Beginning.hex, also a schematic:

Schematic

Beginning.hex

After some research, I found we can use MPLab IDE v8.92 to analyze this memory dump. We also know the model of the PIC: PIC16F877 from the schematic diagram above.

MPLab

At first, I decided to approach it statically and started reading up on the datasheet itself: here.

Mnemonics (Page 136)

Microchip (Diagram)

Following from the disassembly we see that the majority of the instructions seems to be writing to PORTC and PORTD:

movlw + movwf = write!

Movlw (Moves argument to W register) and movwf (Move W to the argument).

PortC is RC0-RC7 (from the microchip diagram above)

PortD is RD0-RD7

Schematic

We can see that these pins are feeding inputs to the LCD. We need to get the mapping of such signals to ASCII characters. Here Vaibhav Jayant helped me simulate the circuit on “Proteus 8 professional”. The project file is here.

Circuit

After getting this it was pretty easy to simulate it all. Just press the play button

Solve :)

AERO{PIC_IS_SIMPLE_Q4A8K1L7}

Fun CTF! Thanks a lot, Konstantin for this challenge.