Jump to content



Photo
- - - - -

CASIO fx-82AU PLUS II Hacking

hacking fx-82AU PLUS II hack

  • Please log in to reply
8 replies to this topic

#1 EnderFire09

EnderFire09

    Newbie

  • Members
  • Pip
  • 22 posts
  • Gender:Not Telling

  • Calculators:
    Casio fx-991ES PLUS Version F
    Casio fx-82AU PLUS II Version A

Posted 06 August 2020 - 12:02 PM

This thread is to share information.about hacking the CASIO fx-82AU PLUS II and possibly even achieving arbitrary code execution and dumping the rom. I am willing to try any hacks.

 

This is the basics of hacking the CASIO fx-82AU PLUS II.
 

First, I recommend taking a look at http://casiocalc.wikidot.com/ and https://community.ca...s-plus-hacking/

 

Secondly, note that all of the hacks only work on the LY711X VerA with the checksum of 0A69. You can check in diagnostics mode. To enter diagnostic mode, just look it up, there are plenty of tutorials on how to use diagnostic mode, out there.

If the calculator freezes/crashes, press [ON].

 

 

Now for the hacks!

Firstly, all of the hacks use REG hackstrings, hackstrings that involve the small 'A', the small 'B' and 'r' and there are two types of REG hackstrings, ones that involve STAT Submode 0 and ones that involve the MathIO overflow (divide bracket) bug.


Firstly to get into STAT submode 0 you press [MODE], 2, then you press AC/on then [ON] around 0.5 seconds after pressing AC/on. Note that this may be hard for the first few times you try, but you will get better the more you do it.
If you are successful, you should see that the STAT indicator is on and REG is available in the STAT menu Shift, 1. If you are not the go back into COMP mode and try again.


In the REG Menu Shift, 1, 5, you will see 5 characters. We are interested in 2 of them, 'r' and the small 'A'


To get 'r', press Shift, 1, 5, 3.

To get the small 'A', press Shift, 1, 5, 1


sqrt - square root symbol


STAT submode 0 REG hackstrings


1. small 'A' by it self - Enters Mode 68

2. 1(1(1(1r - Enters Mode 68 with MathIO

3. A(BCr - Puts the input into table input mode and corrupts the ram, causing the hackstrings to have different results until you press [ON].

4. 1sqrt(1sqrt(1sqrt(1sqrt(1sqrt(1sqrt(1r - teleport cursor far to the right, past the start of the cache, causing basic overflow.



Now for the MathIO hacks


To get 'r' in MathIO you must type Pol(0,1) then press [=], then press ÷, 9, and then press [LEFT BRACKET] until you cant type any more left brackets. Then press [=], then AC/on, , AC/on, [BACK].

Now your should have 'r' and a bunch of other characters next to it. Delete everything except for 'r'


Now for the COMP, MathIO hacks:


1. (7979(7979(7979(7979r - Enters Vector mode, which is not supported by the fx-82AU PLUS II

2. A(BCr->M v/[] (Square root) - Enters Mode 68 with LineIO without crashing the calculator, Press AC/on, then [BACK], delete every thing except for the box. Now move the cursor to the left of the box, then press [RIGHT] once. Initially, you cant see what you are typing until you have typed about a dozen characters. You have now achieved basic overflow.



Terms


1. Mode 68 - see http://casiocalc.wikidot.com/mode-68

2. Basic overflow - see http://casiocalc.wik.../basic-overflow



For more information please visit http://casiocalc.wikidot.com/ and https://community.ca...s-plus-hacking/


If you have some hacks that you know feel free to reply. I am willing to try any hacks.
 


Edited by EnderFire09, 07 August 2020 - 11:59 AM.


#2 anon34

anon34

    Casio Freak

  • Members
  • PipPipPipPip
  • 268 posts

Posted 07 August 2020 - 05:46 AM

I'm not interested in getting another ROM at the moment. It takes some effort.

 

Because I don't have the necessary hardware, I can only do it manually (writing hacks so the ROM is displayed on the screen, and interpret that), and that involves some known information.

 

It's not very hard to get the rom from an emulator (can be bought, and... there are cracked versions... I should not post the link).

 

Resources: (you may want to figure out how to get the ROM yourself)

 

wikidot

the other topic on this site

https://tieba.baidu.com/p/6836768682

https://tieba.baidu.com/p/6243040741



#3 EnderFire09

EnderFire09

    Newbie

  • Members
  • Pip
  • 22 posts
  • Gender:Not Telling

  • Calculators:
    Casio fx-991ES PLUS Version F
    Casio fx-82AU PLUS II Version A

Posted 07 August 2020 - 09:39 AM

Here is an image of the result of the small 'A' by itself

 

dEJjqV5.png



#4 EnderFire09

EnderFire09

    Newbie

  • Members
  • Pip
  • 22 posts
  • Gender:Not Telling

  • Calculators:
    Casio fx-991ES PLUS Version F
    Casio fx-82AU PLUS II Version A

Posted 09 August 2020 - 07:01 AM

Here are some more hacks for the fx-82AU PLUS II.

 

First the STAT submode 0 hacks:

 

1. The small 'A' preceded with a lot of digits - shows a glitched contrast menu and changes the STAT submode to another unintended submode (possibly 9 or above). This causes the reg characters and thus the hackstrings to have different effects.

 

2. (3636(3636(3636(3636r - shows a cursed contrast menu for a brief moment then immediately shuts off and resets all.

 

Now for the COMP, MathIO hack

           _____

1.        |   r

          |   ----     ----> M       (r over empty box , inside a square root stored into M)  -- Shows a cursed Syntax Error

         |     []

     \_|

 

Hope you enjoy them!

More to come soon! :)



#5 anon34

anon34

    Casio Freak

  • Members
  • PipPipPipPip
  • 268 posts

Posted 15 August 2020 - 10:46 AM

Can you understand ROP? I guess it isn't too hard to figure out the necessary addresses to dump the ROM, assumes basic overflow in math mode works, and given that the emulator ROM is available.


Edited by user202729, 17 August 2020 - 01:45 AM.


#6 aidswidjaja

aidswidjaja

    Newbie

  • Members
  • Pip
  • 13 posts
  • Gender:Male
  • Location:Sydney, Australia
  • Interests:Calculators, computers, anime

  • Calculators:
    CASIO fx-82AU PLUS II
    CASIO fx-100AU PLUS

Posted 25 August 2020 - 11:42 AM

ROP could be interesting couldn't it... iirc basic overflow does work, and there is an emulator ROM available (so we don't have to read pixels off the screen, that sounded painful)

 

And I mean, maybe someone could write different scripts to translate machine/assembly instruction to addresses to keypresses, for different models, one program could be ported to multiple calculator models? I don't really know.. err...

 

Well anyway, I don't know how much time I have on my hands to dig into this, and I don't know how many other people would be willing to. Getting snake running on a non-programmable calculator will win you a lot of internet points, so there's that lol

 

But in all seriousness, provided we did get ROP working (so hijacking the call stack) but also to make a meaningful program, that would be cool. Though easier said than done of course, and I don't know much about ROP... We'll see I guess.

 

I recall that user and SoraXorpTaker did get ROP working (it was a basic one-line string that moved one character every ~1 second on an emulator).

 

Well anyway, it'll be interesting to see if anyone will go for this :D I'll keep watching the forums then I guess



#7 EnderFire09

EnderFire09

    Newbie

  • Members
  • Pip
  • 22 posts
  • Gender:Not Telling

  • Calculators:
    Casio fx-991ES PLUS Version F
    Casio fx-82AU PLUS II Version A

Posted 07 May 2021 - 12:07 PM

I have decided to set up a discord server for hacking CASIO calculators in hopes of reviving discussion.

The server has a dedicated CASIO fx-82AU PLUS II channel.

 

Here is the invite: https://discord.gg/QjGpH6rSQQ



#8 mtishi

mtishi

    Newbie

  • Members
  • Pip
  • 1 posts

  • Calculators:
    Casio fx-82AU PLUS II

Posted 17 May 2021 - 12:33 AM

i cant figure out how to enter diagnostics mode,

 

 

when i try to enter Mode 68 with MathIO my calculator goes blank apart from the status bar any i cant do anything but press on

 

please help 



#9 EnderFire09

EnderFire09

    Newbie

  • Members
  • Pip
  • 22 posts
  • Gender:Not Telling

  • Calculators:
    Casio fx-991ES PLUS Version F
    Casio fx-82AU PLUS II Version A

Posted 06 September 2023 - 03:51 AM

VERIF Basic Overflow tutorial

(Part 1 may vary between models, Part 2 should be the same for all calculators with VERIF mode)
This post is for the fx-82AU PLUS II (LY711XA)

Part 1: Obtain illegal variable

1. Enter COMP mode, MathIO
2. Use the Pol(0,1) exploit as if you were trying to obtain 'r'
3. Delete everything except for the "theta" (you must delete the 'r')
4. Store the theta in a variable such as A, X, Y, M, etc

 

Part 2: VERIF Basic Overflow
5. Now that you have an illegal value in a variable, set the calculator to LineIO
If you were to evaluate the variable, the answer should be blank or ERROR
6. Enter VERIF Mode
Make sure the calculator is in LineIO for step 7
7. Type the variable by itself then press [=]
8. You should now see Math Error, now press [BACK]
9. If you have done everything correctly, the cursor should now be to the right of a null character, allowing for basic overflow in LineIO







Also tagged with one or more of these keywords: hacking, fx-82AU PLUS II, hack

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users