Thread: [Progress] Jailbreaking Kindle 4.0 (Touch/No Keyboard)
View Single Post
Old 11-27-2011, 11:40 AM   #125
yifanlu
Kindle Dissector
yifanlu ought to be getting tired of karma fortunes by now.yifanlu ought to be getting tired of karma fortunes by now.yifanlu ought to be getting tired of karma fortunes by now.yifanlu ought to be getting tired of karma fortunes by now.yifanlu ought to be getting tired of karma fortunes by now.yifanlu ought to be getting tired of karma fortunes by now.yifanlu ought to be getting tired of karma fortunes by now.yifanlu ought to be getting tired of karma fortunes by now.yifanlu ought to be getting tired of karma fortunes by now.yifanlu ought to be getting tired of karma fortunes by now.yifanlu ought to be getting tired of karma fortunes by now.
 
Posts: 662
Karma: 475607
Join Date: Jul 2010
Device: Amazon Kindle 3
Quote:
Originally Posted by geekmaster View Post
You may need to adjust the address of the code you are jumping to with a nop sled, if you can control the destination address (such as in the framebuffer RAM), to make it utf-8 friendly. If you are jumping to a native instruction at a known fixed address, that may be a little harder. Due to previous messages, I suspect you are targetting an existing instruction.

If it helps, this issue of Phrack is dedicated to "Writing UTF-8 compatible shellcodes":
http://www.phrack.org/issues.html?is...&id=9&mode=txt

Of course, that method will need to be adapted to the ARM instruction set...

[I suppose I need to get my hands on a KT to really be useful here, though.]
Thanks, but again, I don't need help with the shell code. It's easy writing utf-8 shellcode when compared to memory address. We need to find a memory address that 1) does what we want it to do and 2) can be utf-8 encoded. Meanwhile, all that is on hold, because if I find an exploit on the Kindle touch, it would work on the Kindle 4. But not the other way around.
yifanlu is offline   Reply With Quote