Register Guidelines E-Books Search Today's Posts Mark Forums Read

Go Back   MobileRead Forums > E-Book Readers > Amazon Kindle > Kindle Developer's Corner

Notices

Reply
 
Thread Tools Search this Thread
Old 02-21-2012, 02:20 PM   #16
Emrexcem
Turkish :)
Emrexcem began at the beginning.
 
Posts: 40
Karma: 26
Join Date: Feb 2012
Location: Türkiye
Device: Kindle Touch (5.03)
Quote:
Originally Posted by geekmaster View Post
I finally got SSH working in diags mode on the touch. The key was that after copying all the dropbear files from /mnt/mmc/* to /* (mmcblk0p1 to mmcblk0p2), I had to reboot the kindle before I could get it to work. For some reason, starting dropbear manually from inside a reverse shell caused "dropbear permission denied (publickey)" errors during SSH logins, but after rebooting, the "Enable USBnet" menu now starts SSH after you select Exit. You cannot login for about 20 seconds while dropbear starts up. Then it logs in fine. Surprisingly, the diags login is fionaXXX on my Touch (I was expecting mario, like K4NT diags uses).

I plan to add this to the diags part of my kindle recovery package, so a menu item will let you install SSH (from yifanlu's jailbreak package). I will also add menu items to install update and developer keys. I want to make it support plugins (similar to yifanlu's launch menu), so custom packages can be added to during repair and/or installation.

Things may start out a bit complicated, but they get streamlined and simplified as progress is being made. I will post a package here when I get it together.

I plan to use the diags tar bug, with a payload in /var/local/wan/info, and the "AR 11g factory test" used to trigger it. I requested that this be kept secret by those I shared it with, but it is now public (because we need a way to run our code in diags), so go ahead and use it. I will post my code using that method, which you can use as an example.
Emrexcem is offline   Reply With Quote
Old 02-21-2012, 06:43 PM   #17
geekmaster
Всё гениальное просто.
geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.
 
geekmaster's Avatar
 
Posts: 5,070
Karma: 6789001
Join Date: Nov 2011
Location: Щедрость не имеет пределов.
Device: *.*
Well... my /var/local/wan/info payload for the diags data.tar.gz exploit can only be triggered on touch, and on k4nt 4.0, but NOT on k4nt 4.0.1 (at least not from the ART 11g factory test menu)...

So... Time to use my "other" jailbreak that works on all 4.x and 5.x versions. But even more important, it will still work even with /var/local full (from indexing too many books), which will break other known jailbreak methods.

The one I will use is reliable, safe, and easy. After this, other than variations of it (which might get "fixed" at the same time as this new one), we can always use fastboot to reflash mmcblkp1 to an old firmware version, jailbreak the old version, and then update to the new version. Jailbreaks still work after firmware updates (so far).

Last edited by geekmaster; 02-21-2012 at 06:49 PM.
geekmaster is offline   Reply With Quote
Old 02-21-2012, 07:36 PM   #18
JustAMan
Groupie
JustAMan doesn't litterJustAMan doesn't litter
 
JustAMan's Avatar
 
Posts: 153
Karma: 113
Join Date: Jan 2012
Location: Russia
Device: Kindle Touch
Well, we can still use fastboot to directly place developer key (the thing JB does) even if firmware updates would purge JB I think...
JustAMan is offline   Reply With Quote
Old 02-22-2012, 10:47 PM   #19
Poetcop
Connoisseur
Poetcop began at the beginning.
 
Posts: 54
Karma: 46
Join Date: Feb 2012
Device: Kindle
Quote:
Originally Posted by geekmaster View Post
You can recover a damaged kindle from Diagnostics mode by mounting the root partition and replacing missing or damaged files on it. You can also replace the root partition with a copy of a backup image file.

To recover from a full /var/local (collections database too large), you can delete files in /var/local, or you can copy /dev/zero onto /dev/mmcblk0p3 to destroy /var/local, and the next reboot will create a fresh empty /var/local.
Hi geekmaster, is there a Diags mode option to mount the root partition? (which I understand to mean mmcblkp1) I saw a menu item somewhere called Mount nfs but it didn't do anything. Otherwise I've only seen "USB device mode", which mounts /mnt/us. As you mention later on in the thread, and I can verify, approaches using data.tar.gz + RUNME.sh don't work if you have a full /var/local - the data.tar.gz file disappears, but the script is definitely not executed (even after I pared it down to one "touch" statement) So if I can't get into the root partition, is your new jailbreak the only way forward? Or would it be worth trying a fastboot approach?
Poetcop is offline   Reply With Quote
Old 02-22-2012, 11:42 PM   #20
geekmaster
Всё гениальное просто.
geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.
 
geekmaster's Avatar
 
Posts: 5,070
Karma: 6789001
Join Date: Nov 2011
Location: Щедрость не имеет пределов.
Device: *.*
The only reliable method that installs automatically without navigating menus and that works on all the kindles (DX, DXG, K3, K4, and K5 (touch) is being tested now. It uses a variation of the "ixtab" jailbreak that can lose all your data on the USB drive if you use a data.tar.gz for the wrong kindle model (which I think caused bricked kindles when people used a data.tar.gz for touch on a k4nt, or a data.tar.gz for a k4nt on a touch).

Because of the danger of using the wrong data.tar.gz, I am using it in a safe way that will work with all kindles, by replacing this payload file that must match the kindle model, with a "universal" payload that does different things depending on what model kindle it finds itself on when launched. When the code first begins running, any damage has already been done by replacing an important system file with the wrong version if the wrong data.tar.gz is used. By using a "universal" version, it can replace that system file for any model of kindle, which eliminates the danger from using the wrong version (as happens with current data.tar.gz installations).

I am testing my safe universal data.tar.gz payload VERY carefully. When ready to release, it will be very solid and reliable, and it will run a custom user-supplied RUNME.sh if it finds one on the USB drive.

This will install SSH into the diagnostic partition so that the diagnostics "Enable USBnet" works like it is supposed to (missing files will be replaced). It will also let you install an update key certificate (i.e. jailbreak), and developer keys (for kindlet apps). Even without installing SSH, it can push a reverse shell so you can get root access over USB to manually fix problems (similar to telnet, but with no command prompt displayed).

Because I decided to make a universal version instead of different versions for different kindle models, this has been a lot more difficult to test and to get exactly correct. I am cleaning up the code and simplifying it, and I am nearly ready to publish a preliminary version, which I hope to post to the original post in this thread later this evening.

Last edited by geekmaster; 02-22-2012 at 11:51 PM.
geekmaster is offline   Reply With Quote
Old 02-23-2012, 12:12 AM   #21
ernalve
Member
ernalve began at the beginning.
 
Posts: 12
Karma: 10
Join Date: Jan 2012
Device: kindle 5
I'd like to thank you GeekMaster and everyone else that might have helped... because I recovered the kindle touch! it was quite simple in fact: I ran mfgtool into diags mode, after that I set the usb device mode and deleted a 1gb folder with music, after hesitating for a while I rebooted and... !!! the touch was back.

thanks again,


ernesto
ernalve is offline   Reply With Quote
Old 02-23-2012, 01:04 AM   #22
geekmaster
Всё гениальное просто.
geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.
 
geekmaster's Avatar
 
Posts: 5,070
Karma: 6789001
Join Date: Nov 2011
Location: Щедрость не имеет пределов.
Device: *.*
Question I need more information

I could really use some help here. If you can, please supply me with the USB Drive size defined as:
MNTUS_PART_SIZE=xxxxxxx

in file:
/var/local/system/mntus.params

for each model of kindle that I do not have, and verify the drive sizes that I do have:
Code:
Serial   Size   Model
------ -------  -----------------------
 B001    ???    Kindle 1 US ??? 
 B002    ???    Kindle 2 US ??? 
 B003    ???    Kindle 2 Int ??? 
 B004  3567224  Kindle DX US
 B005  3567224  Kindle DX Int ???
 B006  3205336  Kindle 3G US (Keyboard)
 B007  -------  (not used)
 B008  3205336  Kindle 3 Wifi (Keyboard)
 B009  3510232  Kindle DX Graphite
 B00A  3205336  Kindle 3G UK (Keyboard) ???
 B00B  -------  (not used)
 B00C  -------  (not used)
 B00D  -------  (not used)
 B00E  1423352  Kindle 4 Wifi (Mini)
 B00F  3377144  Kindle 5 3G (Touch)
 B010  -------  (not used)
 B011  3377144  Kindle 5 Wifi (Touch)
(In the forums, the Kindle 4 Mini is commonly called a K4NT.)

I need this information to prevent the USB Drive from getting accidentally erased when somebody puts a data.tar.gz on their USB Drive that uses a mntus.params payload destination that was designed for a different kindle model. My "universal" payload needs this information.

You can get this information from telnet or SSH into your kindle, or an onscreen terminal program on your kindle.

Thanks.

Last edited by geekmaster; 02-23-2012 at 02:09 AM.
geekmaster is offline   Reply With Quote
Old 02-23-2012, 01:33 AM   #23
idoit
Plus
idoit ought to be getting tired of karma fortunes by now.idoit ought to be getting tired of karma fortunes by now.idoit ought to be getting tired of karma fortunes by now.idoit ought to be getting tired of karma fortunes by now.idoit ought to be getting tired of karma fortunes by now.idoit ought to be getting tired of karma fortunes by now.idoit ought to be getting tired of karma fortunes by now.idoit ought to be getting tired of karma fortunes by now.idoit ought to be getting tired of karma fortunes by now.idoit ought to be getting tired of karma fortunes by now.idoit ought to be getting tired of karma fortunes by now.
 
idoit's Avatar
 
Posts: 367
Karma: 262144
Join Date: Jan 2012
Location: Tehran, Iran - Halifax, Canada
Device: N/A
Quote:
Originally Posted by geekmaster View Post
B00F 3377144 Kindle 5 3G (Touch)
Verified.

Also, there is no Kindle 4 3G (Mini).
idoit is offline   Reply With Quote
Old 02-23-2012, 04:28 AM   #24
geekmaster
Всё гениальное просто.
geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.
 
geekmaster's Avatar
 
Posts: 5,070
Karma: 6789001
Join Date: Nov 2011
Location: Щедрость не имеет пределов.
Device: *.*
Quote:
Originally Posted by cscat View Post
Verified.

Also, there is no Kindle 4 3G (Mini).
Thanks. I will keep the original post updated with current information. A "universal" mntus.params needs to use the actual size reported by "fdisk -l" when it is valid. Unfortunately, at some stages of main boot, fdisk reports a 0-byte drive, in which case we must use known sizes for kindle serial numbers in "/proc/cpuinfo". That is a simplified version of the method used in the startup scripts. I rely on most of the "computed values" being the same on all the kindles (but I have not checked a kindle 1 or kindle 2 yet). Returning the wrong values is NOT an option, because in many cases this will make the startup scripts ERASE the USB Drive contents, which is WHY my script either returns correct values OR uninstall itselfs and reboots (so the kindle can rebuild mntus.params with the default values for that kindle).

I plan to use mntus.params as my "master control" for a diags boot menu, and rooting/jailbreak, and recovery. For now, my mntus.params is deposited in place by data.tar.gz, but for kindles without the "tar bug" I will rely on existing known jailbreak methods where possible, to deposit my script where it is needed.

It seems to be working well on my K4NT, but I want to test it on all my kindles before I release it, to save support headaches in the future. I will also package all the SSH file in my data.tar.gz, so that the Touch diags "Enable USBnet" menu will work like it does on the K4NT. Diags with USB Drive export and SSH are all you really need to repair many problems that prevent booting to the main partition, along with the KindleSelectBoot tool to get you to diags from a bricked condition.

Last edited by geekmaster; 02-23-2012 at 04:34 AM.
geekmaster is offline   Reply With Quote
Old 02-23-2012, 06:11 AM   #25
murz_07
Connoisseur
murz_07 began at the beginning.
 
Posts: 67
Karma: 10
Join Date: Feb 2012
Device: Kindle Touch SO
It's so great what you are doing right now.
I know, that it is really annoying, but I have to ask.

How far are you from from enabling usbnetwork in diags mode (Kindle Touch)?
How long do we need to wait the release of tools you wrote about?

Anyway
murz_07 is offline   Reply With Quote
Old 02-23-2012, 12:09 PM   #26
Handsome Bart
Junior Member
Handsome Bart began at the beginning.
 
Posts: 2
Karma: 10
Join Date: Feb 2012
Location: In a Hospital
Device: Kindle Touch
Hi everyone! I'm new at posting but I´ve been following the thread about a month. First, i have to say thank you Geek Master and thanks to everyone who's working on this!
Now, I have an issue with the Mfgtool. I don't want to screw more my bricked KT so I just want to know what is the procedure after I run this tool, I mean if I need to run a script or just run the tool... I don't know, I'm not good at programming and I learned this when I bricked my KT.
Sorry if the post is too long but i hope you can give me some light in this.
Handsome Bart is offline   Reply With Quote
Old 02-23-2012, 01:32 PM   #27
idoit
Plus
idoit ought to be getting tired of karma fortunes by now.idoit ought to be getting tired of karma fortunes by now.idoit ought to be getting tired of karma fortunes by now.idoit ought to be getting tired of karma fortunes by now.idoit ought to be getting tired of karma fortunes by now.idoit ought to be getting tired of karma fortunes by now.idoit ought to be getting tired of karma fortunes by now.idoit ought to be getting tired of karma fortunes by now.idoit ought to be getting tired of karma fortunes by now.idoit ought to be getting tired of karma fortunes by now.idoit ought to be getting tired of karma fortunes by now.
 
idoit's Avatar
 
Posts: 367
Karma: 262144
Join Date: Jan 2012
Location: Tehran, Iran - Halifax, Canada
Device: N/A
Quote:
Originally Posted by Handsome Bart View Post
I don't want to screw more my bricked KT so I just want to know what is the procedure after I run this tool, I mean if I need to run a script or just run the tool...
My best advice would be to wait (I know it's a killing) for geekmaster to finish his universal Boot Selector Tool because right now it's not fully functional for Touch. So put your device in a shelf and don't be tempted to do stuff on it.

Quote:
Originally Posted by murz_07 View Post
How far are you from from enabling usbnetwork in diags mode (Kindle Touch)?
How long do we need to wait the release of tools you wrote about?
Anyway
He is apparently taking time to build this for the good of all of us, so it's better not to waste time and post these (I know you said you're sorry) as we're all waiting for his magic to save our Kindles. These kinds of post just pollutes the thread (including my post right now as a response) with not so much related and to-business posts. Also, hi and welcome to MobileRead my friend.
Thanks a bunch

Last edited by idoit; 02-23-2012 at 01:37 PM.
idoit is offline   Reply With Quote
Old 02-23-2012, 01:51 PM   #28
Handsome Bart
Junior Member
Handsome Bart began at the beginning.
 
Posts: 2
Karma: 10
Join Date: Feb 2012
Location: In a Hospital
Device: Kindle Touch
Thnx a lot Cscat! So, I'll wait.
Handsome Bart is offline   Reply With Quote
Old 02-23-2012, 02:27 PM   #29
Emrexcem
Turkish :)
Emrexcem began at the beginning.
 
Posts: 40
Karma: 26
Join Date: Feb 2012
Location: Türkiye
Device: Kindle Touch (5.03)
Hi
İ accidently Broke(software not hardware) my kindle touch. And its not woking right now im in the boot logo. İ CAN acces to diags but i dont now what should i do with i want my kt as factory default and shipping code does not work .
Greetings
Emrexcem is offline   Reply With Quote
Old 02-23-2012, 02:41 PM   #30
murz_07
Connoisseur
murz_07 began at the beginning.
 
Posts: 67
Karma: 10
Join Date: Feb 2012
Device: Kindle Touch SO
Quote:
Originally Posted by Emrexcem View Post
Hi
İ accidently Broke(software not hardware) my kindle touch. And its not woking right now im in the boot logo. İ CAN acces to diags but i dont now what should i do with i want my kt as factory default and shipping code does not work .
Greetings
As it was said several times, WAIT. Just wait, geekmaster will solve your problem. And mine too
murz_07 is offline   Reply With Quote
Reply

Tags
debricking, kindle mx50 select boot

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Bricked Kindle Touch; Won't boot into diags/fastboot kerotan Kindle Developer's Corner 3 05-19-2012 11:58 AM
Kindle Touch does not boot marmomr Kindle Developer's Corner 38 05-16-2012 02:19 PM
Kindle Touch select text, copy paste? Zimmy Amazon Kindle 3 02-18-2012 09:45 AM
Kindle Touch Won't Boot teekay Kindle Developer's Corner 3 12-10-2011 01:51 AM
Opus cannot boot, stuck on boot screen baloma Bookeen 35 11-13-2010 05:20 AM


All times are GMT -4. The time now is 07:45 AM.


MobileRead.com is a privately owned, operated and funded community.