[Frogm4n]

https://blackhat.com/eu-25/briefings...a-kindle-48836

Quote:

Don't Judge An Audiobook By Its Cover: Taking Over Your Amazon Account With A Kindle
Valentino Ricotta | Security Researcher, Thales
Date: Thursday, December 11 | 2:30pm-3:00pm ( ICC Maritime Suite, Victoria 5, Level 3 )
Format: 30-Minute Briefings
Tracks: Reverse Engineering, Exploit Development & Vulnerability Discovery

Amazon's Kindle is the most popular e-reader on the market, with an extensive ecosystem of e-books. From a security perspective, Kindle devices especially stand out because they are often linked to an Amazon account.

Their complex software stack supports numerous e-book file formats (AZW, MOBI, PDF...), as well as many underlying media formats that increase the attack surface. As such, downloading an e-book from the store may allow an attacker to gain root access to the device, take control of the Amazon account, and steal credit card information.

In this talk, we will dive into the internals of Kindle devices and discuss a $20,000 bug in the parsing of Audible audiobooks which allowed us to take full control of the e-reader. We will also share general insights on fuzzing file formats based on the MPEG-4 standard (ISOBMFF).

Slide deck:
https://i.blackhat.com/BH-EU-25/eu-2...-Audiobook.pdf