07-02-2012, 09:26 AM | #1 |
Connoisseur
Posts: 91
Karma: 14730
Join Date: Jun 2012
Device: none
|
[KT 5.1.0] Web jailbreak
Hi all,
I have created simple web jailbreak for Kindle Touch 5.1.0. It exploits (recently) found security bug in browser and performs same steps as the current "universal" jailbreak version. It has also support installing bin update packages on-site (I only put there unjailbreak, because I don't know if package creators want to see their work there - please post your opinion). It has also very bad English, so if you have better text strings for replacement, I will replace it gladly. Here is the link: http://jailbreak-kt.tk/. You should open it in KT's web browser. Also, it won't work if you don't have 5.1.0 FW version. Please try it and comment! |
07-02-2012, 11:09 AM | #2 |
Carpe diem, c'est la vie.
Posts: 6,433
Karma: 10773668
Join Date: Nov 2011
Location: Multiverse 6627A
Device: K1 to PW3
|
They fixed it in 5.1.1 because we reported it to them as a seriously dangerous security loophole. Can you imagine how big a bill they could get from their cellphone data carriers if a bunch of 3G K5s with 5.1.0 firmware got infected from visiting a WEB PAGE, and then joined a botnet?
Luckily, to use 3G you need to register your kindle, and amazon will automatically push a firmware upgrade to it to fix this. Or... is this a NEW web page exploit that I am not aware of? Please point me to a thread that describes it (if there is one). If so, it has the same dangerous security implications. Thanks. |
Advert | |
|
07-02-2012, 11:13 AM | #3 |
Connoisseur
Posts: 91
Karma: 14730
Join Date: Jun 2012
Device: none
|
No, it's the about one month old exploit. I still don't have 5.1.1 firmware, do you?
|
07-02-2012, 11:23 AM | #4 |
Guru
Posts: 608
Karma: 1588610
Join Date: Jan 2012
Device: Kindle Scribe
|
Nice!
I sucessfully bricked my touch! In other words, it CAN brick my touch. Update: A reboot fixed it |
07-02-2012, 11:27 AM | #5 |
Connoisseur
Posts: 91
Karma: 14730
Join Date: Jun 2012
Device: none
|
|
Advert | |
|
07-02-2012, 11:29 AM | #6 | |
Carpe diem, c'est la vie.
Posts: 6,433
Karma: 10773668
Join Date: Nov 2011
Location: Multiverse 6627A
Device: K1 to PW3
|
Quote:
At least you did something USEFUL with it. One step closer to a kindle botnet. Last edited by geekmaster; 07-02-2012 at 11:31 AM. |
|
07-02-2012, 11:44 AM | #7 | |
Connoisseur
Posts: 91
Karma: 14730
Join Date: Jun 2012
Device: none
|
Quote:
|
|
07-02-2012, 11:55 AM | #8 | |
Carpe diem, c'est la vie.
Posts: 6,433
Karma: 10773668
Join Date: Nov 2011
Location: Multiverse 6627A
Device: K1 to PW3
|
Quote:
|
|
07-02-2012, 12:00 PM | #9 |
Connoisseur
Posts: 91
Karma: 14730
Join Date: Jun 2012
Device: none
|
No, not really but the device could be taken over completely - disabling updates and so, then Amazon could not destroy the botnet by issuing OTA update. Maybe they could disable 3G then for FW 5.1.0 versions, but it doesn't solve the attacks via WiFi. And I think, FW versions could be faked to allow 3G after Amazon's disable, but I'm far OT now.
|
07-02-2012, 12:51 PM | #10 |
Connoisseur
Posts: 91
Karma: 14730
Join Date: Jun 2012
Device: none
|
Anyway, I am going to add other packages to the site if nobody is against it, so the installing process will be much simpler (unlike the current "download to PC, transfer to Kindle").
|
07-02-2012, 01:01 PM | #11 |
Guru
Posts: 608
Karma: 1588610
Join Date: Jan 2012
Device: Kindle Scribe
|
Source code? I assume there is SOME server-side?
|
07-02-2012, 01:10 PM | #12 |
Connoisseur
Posts: 91
Karma: 14730
Join Date: Jun 2012
Device: none
|
Yes, there are SOME server-side php scripts for checking user agent, package database and download stats. I could send you clone of server root, but that seems to be unecessary. All magic is done on the client side, so (for example) if you wanted to create botnet infector page, you would not need it. Take a look at the scripts.js file.
Last edited by mmatej; 07-02-2012 at 01:16 PM. Reason: my stupid English |
07-02-2012, 01:49 PM | #13 |
but forgot what it's like
Posts: 741
Karma: 2345678
Join Date: Dec 2011
Location: north (by northwest)
Device: Kindle Touch
|
|
07-02-2012, 01:56 PM | #14 | |
Carpe diem, c'est la vie.
Posts: 6,433
Karma: 10773668
Join Date: Nov 2011
Location: Multiverse 6627A
Device: K1 to PW3
|
Quote:
There are all kinds of unverified reports about 5.1.1, including that it deletes dropbear files (breaking USBnet), and that it deletes developer keys, and other annoyances. There was a PM discussion between a few of us about 5.1.1 (probably) being released because of this security flaw. Until I get my hands on 5.1.1, I will not be able to verify any of the claims, and everything is just a guess. Can somebody with 5.1.1 (NiLuJe?) please test this? Last edited by geekmaster; 07-02-2012 at 02:05 PM. |
|
07-02-2012, 02:05 PM | #15 | |
Going Viral
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
|
Quote:
Now that is a really friendly thing to do for the experience level of the intended audience. Since that filename might be accessed from either windows or linux, why not use a cross-platform name (no whitespace or other special characters)? |
|
Thread Tools | Search this Thread |
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Hacks Kindle (3) Keyboard : Upgrade and Jailbreak or Jailbreak and Upgrade?? | prado | Amazon Kindle | 3 | 06-11-2021 10:13 PM |
Kindle Fire Web Browser will likely allow for web based games. | sirmaru | Kindle Fire | 10 | 11-15-2011 02:55 PM |
problem browsing web, web's with many links? | KRorschachZ | Amazon Kindle | 1 | 11-20-2010 02:05 AM |
Web Standards for E-books by Joe Clark (web article) | guyanonymous | General Discussions | 2 | 03-18-2010 10:36 PM |
Mobile Web surfing on the rise says Face of the Web | Alexander Turcic | Lounge | 2 | 04-20-2006 01:17 PM |