01-17-2012, 07:56 PM | #106 |
Carpe diem, c'est la vie.
Posts: 6,433
Karma: 10773668
Join Date: Nov 2011
Location: Multiverse 6627A
Device: K1 to PW3
|
Last edited by geekmaster; 01-20-2012 at 10:59 AM. |
01-17-2012, 07:57 PM | #107 |
Carpe diem, c'est la vie.
Posts: 6,433
Karma: 10773668
Join Date: Nov 2011
Location: Multiverse 6627A
Device: K1 to PW3
|
Last edited by geekmaster; 01-18-2012 at 02:04 PM. Reason: TMI |
Advert | |
|
01-17-2012, 08:29 PM | #108 | |
Kindle Dissector
Posts: 662
Karma: 475607
Join Date: Jul 2010
Device: Amazon Kindle 3
|
Quote:
Now in terms of Kindle news. It seems that the lipc command to change orientation does not work anymore, but the code to change orientation still works. Can someone check this in SSH to double check and then look for a new way to activate rotation? Someone emailed me a while ago saying they managed to rotate the home screen also, but I never got an update from them. |
|
01-17-2012, 08:44 PM | #109 |
Carpe diem, c'est la vie.
Posts: 6,433
Karma: 10773668
Join Date: Nov 2011
Location: Multiverse 6627A
Device: K1 to PW3
|
I found a proc buried deep in /sys/ that controlled orientation when you echoed the right value into it. I forgot exactly where. I should have documented my research while poking around the /sys/ tree.
Great... I just did a recursive grep in my /sys/ folder for "orient". After it reported a bunch of "Permission denied" messages it locked up. Even the power button does not work. I had to do the long reset. It is restarting now... BTW, I discovered when doing timing tests with time cp file.xxx /dev/null that it DELETES the /dev/null device and creates a /dev/nul FILE, resulting in a "device full error". I was comparing large file copy times against large file decompression times, while porting my old memory compression code I use in my windows apps for much faster speed. It is MUCH faster to copy compressed data from the dictionary window in cache than to copy new data from RAM. Anyway, I was wondering if renaming devices could be useful for MITM code (after a jailbreak) to intercept OTA updates, for example... @yifanlu: Did you see this? It is what I was referring to as the "other" exploit: [... secret URL ...] I was thinking along the lines of an iPod style tethered jailbreak to encapsulate, automate, and hide all the client-server communications cruft behind a pretty GUI interface. Cross-platform for Windows, Mac and Linux (using an SDL framework I already have working), of course. Last edited by geekmaster; 01-20-2012 at 11:00 AM. |
01-18-2012, 03:45 AM | #110 | |
Connoisseur
Posts: 65
Karma: 4662
Join Date: Feb 2011
Location: CZ
Device: Kindle Touch 3G, Kindle Keyboard
|
Quote:
Code:
https://www.mobileread.com/forums/showpost.php?p=1923855&postcount=41 |
|
Advert | |
|
01-19-2012, 06:08 PM | #111 | ||
(offline)
Posts: 2,907
Karma: 6736092
Join Date: Dec 2011
Device: K3, K4, K5, KPW, KPW2
|
Quote:
Quote:
I have been fiddling around in create.c, inserting a few debug prints around line 720. Now it looks like this: Code:
if(info.version != OTAUpdateV2 && (info.source_revision > UINT32_MAX || info.target_revision > UINT32_MAX)) { fprintf(stderr, "Source/target revision for this update type cannot exceed %u\n", UINT32_MAX); goto do_error; } argc -= (optind-1); argv += optind; // next argument fprintf(stderr, "Skipped %d arguments, argc now %d \n", optind, argc); fprintf(stderr, "argv[0] is %s\n", argv[0]); fprintf(stderr, "argv[1] is %s\n", argv[1]); fprintf(stderr, "argv[2] is %s\n", argv[2]); argv++; // input if(argc < 1) { fprintf(stderr, "No input found.\n"); goto do_error; } Code:
Skipped 3 arguments, argc now 4 argv[0] is ota2 argv[1] is /tmp/kindle argv[2] is /tmp/update_test_install.bin PS: Invocation was via command "./kindletool create ota2 -d k5w -d k5g /tmp/kindle /tmp/update_test_install.bin". I would assume that getopt keeps argv[0] (because it thinks its the executable name), while throwing away the options it parsed? Last edited by ixtab; 01-19-2012 at 06:14 PM. |
||
01-20-2012, 10:54 AM | #112 |
Carpe diem, c'est la vie.
Posts: 6,433
Karma: 10773668
Join Date: Nov 2011
Location: Multiverse 6627A
Device: K1 to PW3
|
I have a new jailbreak that does not use MP3 files, and does not use data.tar.gz, and does not require any assistance from a host PC after the exploit package is put onto the kindle USB drive. It uses something that I previously used in 2005 to inject and execute code in WRT54G routers with no firmware modification. It works on both the kindle touch and the k4nt.
Last edited by geekmaster; 01-20-2012 at 12:17 PM. |
01-20-2012, 04:02 PM | #113 |
Kindle Dissector
Posts: 662
Karma: 475607
Join Date: Jul 2010
Device: Amazon Kindle 3
|
Congratulations!
|
01-20-2012, 05:12 PM | #114 |
Carpe diem, c'est la vie.
Posts: 6,433
Karma: 10773668
Join Date: Nov 2011
Location: Multiverse 6627A
Device: K1 to PW3
|
|
01-22-2012, 09:25 AM | #115 | |
Junior Member
Posts: 3
Karma: 10
Join Date: Jan 2012
Device: Kindle Touch
|
Quote:
1. Will the jailbreak disable ads on my Kindle? Just to be sure, because I DO NOT want to disable them, since I don't want to cheat Amazon. 2. Is there a way to disable jailbreak (as for example for updating)? Does the jailbreak work in the same way of the previous versions, creating a single file which can then be deleted? Sorry about the terribly noobish questions, I'm not yet familiar with hacks and so. |
|
01-22-2012, 09:48 AM | #116 |
Kindle Dissector
Posts: 662
Karma: 475607
Join Date: Jul 2010
Device: Amazon Kindle 3
|
Read the readme file. It's like I can read your mind.
|
01-22-2012, 10:25 AM | #117 |
Junior Member
Posts: 3
Karma: 10
Join Date: Jan 2012
Device: Kindle Touch
|
Ok, thank you, it's quite clear in the 5.0.0 jailbreak, it wasn't (as far as I read it) in the 5.0.3 readme. I'm jailbroken! Or is it just free?
Last edited by pittapittae; 01-22-2012 at 10:48 AM. |
01-22-2012, 10:47 AM | #118 |
(offline)
Posts: 2,907
Karma: 6736092
Join Date: Dec 2011
Device: K3, K4, K5, KPW, KPW2
|
... I forgot to put this in the README... The uninstaller from 5.0.0 also works with the 5.0.3 jailbreak. Or you can simply "rm /etc/uks/pubdevkey01.pem".
|
01-23-2012, 09:28 PM | #119 |
(offline)
Posts: 2,907
Karma: 6736092
Join Date: Dec 2011
Device: K3, K4, K5, KPW, KPW2
|
@yifanlu: compiling kindletool on a recent Linux (Ubuntu 11.10) got things going even worse. Even after "patching" the file with my (admittedly hacky) argc "change" that worked with getopt issues on Ubuntu 10.04, Ubuntu 11.10 is simply segfaulting somewhere else (presumably in libtar). strace doesn't reveal anything sensible, except for, well, a segfault. Could you please look into that? (instructions: just try to build and run kindletool on Ubuntu 11.10 using the standard development packages, as outlined in th Wiki). I'm totally clueless
|
01-23-2012, 10:30 PM | #120 |
Kindle Dissector
Posts: 662
Karma: 475607
Join Date: Jul 2010
Device: Amazon Kindle 3
|
Are you on x86 or x64? Have you tried running the compiled binary?
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Kindle Touch 5.1, Jailbreak, and Screensaver Hack | sparrowlight | Kindle Developer's Corner | 23 | 09-26-2012 12:15 AM |
[Kindle Touch] Firmware 5.1.0 and jailbreak | ixtab | Kindle Developer's Corner | 85 | 06-28-2012 04:43 AM |
How to Kindle touch - jailbreak, screensaver | morgun | Kindle Developer's Corner | 3 | 05-21-2012 06:39 PM |
Kindle Touch Jailbreak Support Team | geekmaster | Kindle Developer's Corner | 39 | 01-14-2012 05:26 AM |