Some new findings, still too early stage. The Sync process at first does a https request like this:
Code:
https://api.kobobooks.com/1.0/UpgradeCheck/Device/<long devicecode with many zeros in .kobo/version file>/Kobo/<version number>/<Kobo serial number, found in .kobo/version file>/
The answer is - if there is an update available for the device - (pasted only the formatted xml):
Code:
<UpgradeCheckResult>
<Data i:nil="true"/>
<ReleaseNoteURL>http://api.kobobooks.com/1.0/ReleaseNotes/52</ReleaseNoteURL>
<UpgradeType>UpgradeRequired</UpgradeType>
<UpgradeURL>http://download.kobobooks.com/firmwares/kobo5/january2016/kobo-update-3.19.5761.zip</UpgradeURL>
</UpgradeCheckResult>
I was - almost - able to hijack this, well, I need to patch some urls in the libnickel file to make it work, and do some hosts file hacking also. Now the biggest problem was that it wants to request https urls, but to hijack that, i would need a real signed https server, which is a bit difficult. I think I found a way to bypass this, but I have to play with it a little more.
More to come later, if anyone else - other than me - is interested.