Quote:
Originally Posted by Branch Delay
Attached.
5.6.5 only, only tested on PW2/PW3 English firmware. Probably should hard reset before doing this. Up to you.
Copy jb to /mnt/us. (root directory mounted when attaching kindle to a computer)
Serve up jb folder on port 80 on a web server.
DNS redirect "a" to the web server via man in the middle, changing the server name on your network, adding an entry to your DNS server on your router, etc. (if you specify a wireless network and click advanced, you can put in a static DNS server)
i.e. after all of this, browsing to a should open up index.html.
Open the browser on the kindle, browse to the url "a". (with no quotes)
Read instructions.
Pray.
If it succeeds, you can then run NiLuJe's bridge update pack to complete the jailbreak. This just installs the developer key.
https://www.mobileread.com/forums/sho...postcount=1597
Will potentially put up a much easier method this weekend. Also will throw up an explanation sometime in the future.
Special thanks to Cyril for the CVE/original POC, the Gateway 3DS team for a slightly enhanced heap spray, NiLuJe for way too much, and Amazon for fixing it up. |
Okay... That's a little confusing. Let me try and put it in points:
Step 1: Set up a web-server on your machine and host the JB files.
Step 2: Change the DNS settings in your network so that the address "a" points to the JB files served by your web-server.
Step 3: Point your kindle's browser to "a"
Step 4: Prey
My only confusion is if I have understood Step 1 correctly... Branch Delay, am I right?