MobileRead Forums - View Single Post - [KT2] remote code exploit in Basic Kindle 2014 / webkit?

Funeral_Chris · 10-27-2014, 05:44 PM

Hey guys, I read about the remote code exploit for the PS4 and PS Vita and as the Kindle is using WebKit too (and maybe also an old version of it) I decided to test the exploit.

I pressed "Start" and after a couple of seconds the browser crashed with the following (translated error message):

"Software error

The selected application couldn't be started. Please try it again."

Is this a good sign? Maybe for a jailbreak?
Try it yourself, demo: http://wololo.net/v/260.htm

link to the news: http://wololo.net/2014/10/19/vita-ha...ht-be-a-catch/
link to PS4 exploit: http://wololo.net/2014/10/24/webkit-...firmware-1-76/

Edit:
I did some testing. Calling the vulnerable method JSArray.sort is crashing WebKit. IMHO all Kindle versions with webkit must be affected by that exploit. But how to use it as it is crashing?

10-27-2014, 05:44 PM	#1
Funeral_Chris Junior Member Posts: 2 Karma: 10 Join Date: Oct 2014 Device: KT2	[KT2] remote code exploit in Basic Kindle 2014 / webkit? Hey guys, I read about the remote code exploit for the PS4 and PS Vita and as the Kindle is using WebKit too (and maybe also an old version of it) I decided to test the exploit. I pressed "Start" and after a couple of seconds the browser crashed with the following (translated error message): "Software error The selected application couldn't be started. Please try it again." Is this a good sign? Maybe for a jailbreak? Try it yourself, demo: http://wololo.net/v/260.htm link to the news: http://wololo.net/2014/10/19/vita-ha...ht-be-a-catch/ link to PS4 exploit: http://wololo.net/2014/10/24/webkit-...firmware-1-76/ Edit: I did some testing. Calling the vulnerable method JSArray.sort is crashing WebKit. IMHO all Kindle versions with webkit must be affected by that exploit. But how to use it as it is crashing? Last edited by Funeral_Chris; 10-28-2014 at 03:16 PM. Reason: edit