Thread: Using the Experminental Browser for local files
View Single Post
Old 05-16-2017, 08:08 PM   #11
knc1
Going Viral
knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.
 
knc1's Avatar
 
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
That is interesting.
If I understand you correctly (the variables do de-reference) we can execute 'date' with the browser.
That is a step in the right direction.

Now if we can execute idme (with arguments) the Kindle can be forced to reboot to 'diags' - which we should be able to jailbreak.

= = = =

Yes, if a program on a *nix (POSIX compliant - which the Kindle OS is) opens that with:
Code:
#include <stdlib.h>
int system(const char *command)
With that funky looking filename, the system shell will execute the filename as an in-line script.

Been there since K&R days.

Amazon no longer uses the 'system' call to open a file before they sanitize the filename.*
(Which is how they 'fixed' our prior universal jailbreak.)

* Somebody @Lab126 finally RTFM (man system).

(and these are the people (Amazon) that run Linux on the world's 18th largest super computer - IIRC the last time I checked)
Last edited by knc1; 05-16-2017 at 08:25 PM.
knc1 is offline   Reply With Quote