Register Guidelines E-Books Search Today's Posts Mark Forums Read

Go Back   MobileRead Forums > E-Book Readers > Amazon Kindle > Kindle Developer's Corner

Notices

Reply
 
Thread Tools Search this Thread
Old 01-15-2012, 08:23 PM   #76
yifanlu
Kindle Dissector
yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.
 
Posts: 662
Karma: 170717
Join Date: Jul 2010
Device: Amazon Kindle 3
Quote:
Originally Posted by Novas View Post
Hi yifanlu,
I try to use your tool to create new update package to kindle touch.
I use it this way ./kindletool create ota2 -dk5w /media/USB_DISK/kindle/install/
but I get this error message:
Cannot read input.
Segmentation fault
What is wrong? Directory /media/USB_DISK/kindle/install/ exist and included install files.
Are you sure you want to output to stdout? Try outputting to a file.
yifanlu is offline   Reply With Quote
Old 01-16-2012, 06:14 PM   #77
yifanlu
Kindle Dissector
yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.
 
Posts: 662
Karma: 170717
Join Date: Jul 2010
Device: Amazon Kindle 3
The 5.0.3 update patches this jailbreak method. However, if you already jailbreaked before updating, the key that it installed is still intact and allows you to install custom packages, so jailbreak before updating if you can. Regardless, ixtab's method still works.
yifanlu is offline   Reply With Quote
Old 01-16-2012, 10:26 PM   #78
geekmaster
Всё гениальное просто.
geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.
 
geekmaster's Avatar
 
Posts: 5,070
Karma: 6789001
Join Date: Nov 2011
Location: Щедрость не имеет пределов.
Device: *.*
Quote:
Originally Posted by yifanlu View Post
Ah, I saw the data.tgz early on and I though "it would be great if we have a way to use absolute path. I could read the man file. Ah, whatever". If amazon doesn't patch this. This means I can make use of some of the stack overflow bugs I've found. Nice job! (you could have waited until amazon patched my jailbreak and go screw you amazon, we're back in)
It looks like you got your wish with the 5.0.3 update. The data.tar.gz bug did not (yet) achieve the notoriety of the infamous "MP3 Jailbreak", and managed to slide through Amazon's latest update...

Last edited by geekmaster; 01-16-2012 at 10:29 PM.
geekmaster is offline   Reply With Quote
Old 01-16-2012, 10:29 PM   #79
ixtab
(offline)
ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.
 
ixtab's Avatar
 
Posts: 2,903
Karma: 6677557
Join Date: Dec 2011
Device: K3, K4, K5, KPW, KPW2
@yifanlu: thanks for the PM.

I'm currently thinking about what the best way to package a "one-click jailbreak" for 5.0.3 is. Will let you know about the outcome here.
ixtab is offline   Reply With Quote
Old 01-16-2012, 10:36 PM   #80
yifanlu
Kindle Dissector
yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.
 
Posts: 662
Karma: 170717
Join Date: Jul 2010
Device: Amazon Kindle 3
It doesn't have to be pretty. Just tell the user to copy the data.tar.gz file and reboot. And in my opinion, the pc side should not contain any executables/scripts since users may not want to run some random exe even if it's to properly copy the tar.gz

Oh, and in case you haven't figured it out already, the payload still works. Aka, installing the custom key without replacing any files.

Last edited by yifanlu; 01-16-2012 at 10:39 PM.
yifanlu is offline   Reply With Quote
Old 01-16-2012, 11:59 PM   #81
demonseye316
Member
demonseye316 began at the beginning.
 
Posts: 15
Karma: 26
Join Date: Dec 2011
Device: kindle touch
vaniaspeedy thanks for the link. took about ten seconds to hack the kindle v.5.0

have you tried pathartl's method with Kindle Touch Software Update V5.0.3? or maybe i'll just wait for ixtab's one-click jailbreak for 5.0.3.

@ixtab are you going to do something similar to this? (http://pathartl.me/5387/remove-ads-on-kindle-touch) thanks.

Last edited by demonseye316; 01-17-2012 at 12:10 AM.
demonseye316 is offline   Reply With Quote
Old 01-17-2012, 12:20 AM   #82
yifanlu
Kindle Dissector
yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.
 
Posts: 662
Karma: 170717
Join Date: Jul 2010
Device: Amazon Kindle 3
I hope not.
yifanlu is offline   Reply With Quote
Old 01-17-2012, 12:31 AM   #83
geekmaster
Всё гениальное просто.
geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.
 
geekmaster's Avatar
 
Posts: 5,070
Karma: 6789001
Join Date: Nov 2011
Location: Щедрость не имеет пределов.
Device: *.*

People can do whatever they want as long as they do no harm to others. Helping others by publishing "How To" links and such begins to cross the line between "user" and "pusher". IMHO.


TOS

Last edited by geekmaster; 01-17-2012 at 12:35 AM.
geekmaster is offline   Reply With Quote
Old 01-17-2012, 01:13 AM   #84
ixtab
(offline)
ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.
 
ixtab's Avatar
 
Posts: 2,903
Karma: 6677557
Join Date: Dec 2011
Device: K3, K4, K5, KPW, KPW2
Jailbreak for Kindle Touch (including 5.0.3)

Here it is.

This jailbreak should work with all versions of the Kindle Touch currently available. (5.0.0 - 5.0.3).

Instructions are contained in the archive. Please report back any issues here.
Attached Files
File Type: zip kt-jailbreak-503.zip (10.3 KB, 22192 views)
ixtab is offline   Reply With Quote
Old 01-17-2012, 01:21 AM   #85
ixtab
(offline)
ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.
 
ixtab's Avatar
 
Posts: 2,903
Karma: 6677557
Join Date: Dec 2011
Device: K3, K4, K5, KPW, KPW2
@demonseye316: no.

@yifanlu: Took longer than I expected because I was intermittently bitten by a misunderstanding and tried to find solutions for a nonexistent problem. Just to clarify on this: merely putting an update*.bin, then restarting was also not working with the MP3 jailbreak, or was it?

- via Settings->Update, the update works, because pubdevkey01.pem is considered.
- just putting it there and restarting does not work, because pubdevkey01.pem does not seem to be considered. Constantly getting Update error 3 here.

At least this is the current state of affairs on my device. I may also have screwed up something somewhere... (I thought that update*.bin had previously worked here as well with just restarting).

Can anyone clarify on this (i.e. how their device behaves for these two cases, with the mp3 jailbreak first, and then with the tar one)?
ixtab is offline   Reply With Quote
Old 01-17-2012, 01:26 AM   #86
yifanlu
Kindle Dissector
yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.
 
Posts: 662
Karma: 170717
Join Date: Jul 2010
Device: Amazon Kindle 3
Quote:
Originally Posted by ixtab View Post
@demonseye316: no.

@yifanlu: Took longer than I expected because I was intermittently bitten by a misunderstanding and tried to find solutions for a nonexistent problem. Just to clarify on this: merely putting an update*.bin, then restarting was also not working with the MP3 jailbreak, or was it?

- via Settings->Update, the update works, because pubdevkey01.pem is considered.
- just putting it there and restarting does not work, because pubdevkey01.pem does not seem to be considered. Constantly getting Update error 3 here.

At least this is the current state of affairs on my device. I may also have screwed up something somewhere... (I thought that update*.bin had previously worked here as well with just restarting).

Can anyone clarify on this (i.e. how their device behaves for these two cases, with the mp3 jailbreak first, and then with the tar one)?
Unfortunately, the updates that run on restart are of another type (see option "kindletool create recovery"). The key for that is embedded inside the kernel (initramfs to be specific). In short, nope. Your bug also works on kindle 4s, so it would be nice if we get it working on there too. You can't use the dev key method, but you can use my key binding method from the 3.2.1 jailbreak. If you don't have the time, I can do it for you.
yifanlu is offline   Reply With Quote
Old 01-17-2012, 01:32 AM   #87
ixtab
(offline)
ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.
 
ixtab's Avatar
 
Posts: 2,903
Karma: 6677557
Join Date: Dec 2011
Device: K3, K4, K5, KPW, KPW2
@yifanlu: Thanks for the reply.

The problem is that I only have a KT, no other device, so I can't really be of much use for other platforms because I can't test anything. But of course, you're welcome to port the method to whichever other platform it can be used on. It's not like it's "mine" ;-)
ixtab is offline   Reply With Quote
Old 01-17-2012, 01:45 AM   #88
yifanlu
Kindle Dissector
yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.yifanlu can program the VCR without an owner's manual.
 
Posts: 662
Karma: 170717
Join Date: Jul 2010
Device: Amazon Kindle 3
I just bought a kindle 4, so I should be able to do tests in a week or so. I know you don't own the tar bug, but you did discover it. I remember finding the data.tar.gz extraction thing and saying in the IRC "wouldn't it be nice if we could extract the tar with absolute paths. Unfortunately tar has that fixed years ago".
yifanlu is offline   Reply With Quote
Old 01-17-2012, 02:03 AM   #89
ixtab
(offline)
ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.
 
ixtab's Avatar
 
Posts: 2,903
Karma: 6677557
Join Date: Dec 2011
Device: K3, K4, K5, KPW, KPW2
Just thinking aloud:

We might actually be lucky enough for this method not to be fixed by Amazon. The mp3 bug was a serious security vulnerability which could affect inadvertent users. This one is also a vulnerability, but it's much less dangerous IMO, because it's much harder to trick an unsuspecting user into it.

As I said before, it would be nice if Amazon realized the potential of allowing users to tamper with their devices (at own risk). We already have very useful stuff around like the launcher, or the (upcoming) localization.

If all else fails, there's still usbhid mode. I'm loosely following the thread, but admit I'm too shy currently to try it out for fear of bricking the device without being able to get it back into a working state. (i.e. if things are safe to be done via USB, and recoverable by that, I'm fine to give it a go. I'm not fine with opening the device and soldering etc...)

That said, if it's possible to read/write files (or even entire partitions) via usbhid mode, then that'd probably be the way to look for a jailbreak method which is almost impossible to "close" -- or am I missing something here?
ixtab is offline   Reply With Quote
Old 01-17-2012, 08:14 AM   #90
eureka
but forgot what it's like
eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.
 
Posts: 728
Karma: 2314258
Join Date: Dec 2011
Location: north (by northwest)
Device: Kindle Touch
Quote:
Originally Posted by ixtab View Post
That said, if it's possible to read/write files (or even entire partitions) via usbhid mode, then that'd probably be the way to look for a jailbreak method which is almost impossible to "close" -- or am I missing something here?
It should be possible to load u-boot into RAM in USB Downloader mode and run it. u-boot sources provided by Amazon contains metadata of "program image" for loading and running it in USB downloader mode. u-boot could be pointed to Linux kernel in RAM, loaded there after u-boot. So, with our loaded kernel (and our initramfs) we could do anything.

But it's possible that Amazon enabled High Assurance Boot feature which is requiring that program image must be signed with some RSA key. The only way to check it is to try to load any "program image".
eureka is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
K5 Kindle Touch 5.1, Jailbreak, and Screensaver Hack sparrowlight Kindle Developer's Corner 23 09-26-2012 01:15 AM
[Kindle Touch] Firmware 5.1.0 and jailbreak ixtab Kindle Developer's Corner 85 06-28-2012 05:43 AM
How to Kindle touch - jailbreak, screensaver morgun Kindle Developer's Corner 3 05-21-2012 07:39 PM
K5 Kindle Touch Jailbreak Support Team geekmaster Kindle Developer's Corner 39 01-14-2012 06:26 AM


All times are GMT -4. The time now is 06:56 AM.


MobileRead.com is a privately owned, operated and funded community.