Thread: Kindle Browser Patch
View Single Post
Old 08-16-2025, 04:45 PM   #13
smbgaiden
Member
smbgaiden rocks like Gibraltar!smbgaiden rocks like Gibraltar!smbgaiden rocks like Gibraltar!smbgaiden rocks like Gibraltar!smbgaiden rocks like Gibraltar!smbgaiden rocks like Gibraltar!smbgaiden rocks like Gibraltar!smbgaiden rocks like Gibraltar!smbgaiden rocks like Gibraltar!smbgaiden rocks like Gibraltar!smbgaiden rocks like Gibraltar!
 
Posts: 11
Karma: 100000
Join Date: Jul 2025
Device: none
Quote:
Originally Posted by smbgaiden View Post
hardfloat: The signature for kindle_browser extension checking for downloads on a colorsoft version 5.18.0.1 is:

unsigned char patch1_find[] = { 0x0c, 0x36, 0x0c, 0x34, 0x00, 0x28, 0xea, 0xd0, 0x01, 0x24, 0x00, 0xe0, 0x00, 0x24 };

unsigned char patch1_replace[] = { 0x0c, 0x36, 0x0c, 0x34, 0x00, 0x28, 0xea, 0xd0, 0x01, 0x24, 0x00, 0xe0, 0x01, 0x24 };

The code in this version moves either 0 or 1 into r4, as seen in bytes above. The patch above, just moves 1 into r4 either case.

The patch I used on mine was a little further down where r4 content is moved to r0. Instead of mov r0, r4 (0x20 0x46) made a change to just store 1 in the return value register directly with movs r0, #1 (0x01 0x20).

I don't yet know about the code signature for the protocols change on this version.
The lib patch is:
unsigned char patch2_find[] = { 0x0d, 0x48, 0x78, 0x44, 0x05, 0x68, 0x28, 0x46, 0xa5, 0xf0, 0xf7, 0xf9, 0x02, 0x46, 0x20, 0x46, 0x29, 0x46, 0xff, 0xf7, 0xda, 0xff, 0x08, 0xb1}

unsigned char patch2_replace[] = { 0x0d, 0x48, 0x78, 0x44, 0x05, 0x68, 0x28, 0x46, 0xa5, 0xf0, 0xf7, 0xf9, 0x02, 0x46, 0x20, 0x46, 0x29, 0x46, 0xff, 0xf7, 0xda, 0xff, 0x00, 0xbf}
smbgaiden is offline   Reply With Quote