Ok, I've rolled the above into a K2(international) package. The update will purposely fail, as stated above. Initially, the exec.sh should probably be something simple like:
Code:
ls -l /etc/rc5.d > /mnt/us/lslog.txt
rm /mnt/us/exec.sh
Just to verify it worked and generates and "lslog.txt".
Then the following exec.sh could be used:
Code:
ROOTDEV=$(df | awk '/ \/$/{print $1}')
dd if=${ROOTDEV} | gzip -c -- - > /mnt/us/root.img.gz
# remove script so it doesn't do this every time it restarts.
rm /mnt/us/exec.sh
After restarting the kindle, this will cause the boot process to take anywhere between 10-30 minutes as it makes an image of the root filesystem. Once you have the image you can gunzip it on a linux box and mount it as a loop device and take a look at what's changed in the update scripts, and see if the signature can be faked...