Tutorial WatchThis - Software Jailbreak for any Kindle <= 5.14.2

[riothamus]

So I had successfully performed the jailbreak on my KV and PW3. I also just successfully downgraded my PW3.

My KV was having trouble freezing whenever I did anything like remove a book so I wanted to factory reset it. Now I can't seem to get the jailbreak back. From everything I've read, the jailbreak should still be there. I'm trying to do the post-jailbreak instructions but the "Update Your Kindle" option is grayed out when I try to install the hotfix. Do I need to just perform the jailbreak again? Doable, but the secret gesture was a pain so I'd rather not if I don't have to.

[j.p.s]

Quote:

Originally Posted by riothamus

So I had successfully performed the jailbreak on my KV and PW3. I also just successfully downgraded my PW3.

My KV was having trouble freezing whenever I did anything like remove a book so I wanted to factory reset it. Now I can't seem to get the jailbreak back. From everything I've read, the jailbreak should still be there. I'm trying to do the post-jailbreak instructions but the "Update Your Kindle" option is grayed out when I try to install the hotfix. Do I need to just perform the jailbreak again? Doable, but the secret gesture was a pain so I'd rather not if I don't have to.

Someone else had a similar problem and was trying to install the wrong hotfix. Maybe this thread will help:
https://www.mobileread.com/forums/sh...d.php?t=347445

[Chadhamed99]

Did anyone succeed with a basic Kindle (not paperwhite) 10th generation with serial number: G091 0L03 9084 07VP and firmware version 5.14.2 ?

I think step 5,6,7,8 doesn't concern me but when I do step 9 and 10 of setup and connect the kindle to the PC, it's not detected.

I would appreciate some help, thanks !

[vansontv]

Quote:

Originally Posted by katadelos

AKA CVE-2022-23224, CVE-2022-23225, CVE-2022-23226 - full writeup with technical details to be released after 5.14.3 has been widely rolled out.

Thank you to NiLuJe, yparitcher and darkassassinua for adding KOReader support for PW5, repackaging all of the hacks and testing this jailbreak

This vulnerability is released in good faith and in the hope that other security researchers will utilise the access that it provides to assist Amazon/Lab126 in improving their security posture.

If you're concerned about the security of your device and do not wish to jailbreak, install firmware version 5.14.3 from this link - I've been working with Amazon to create a fix and can confirm that this version has been hardened against this vulnerability.

Additional thanks to everyone at Amazon/Lab126 who contributed towards this .

Finally, I encourage Amazon/Lab126 to provide a method of unlocking their devices that doesn't involve the need of a 0-day, both for security researchers and for technical users who are interested in modifying their devices. We know that your employees lurk here, use tools that we've created internally and that our ideas have been implemented by you more than once, so help us help you - I promise that we don't bite

Device Compatibility

Spoiler:

This jailbreak is compatible with Kindle devices running the following firmware versions:

KT3, KT4, KOA1, KOA2, KOA3, PW3, PW4, PW5:
5.14.2
5.14.1 (5.14.1.1 on PW5)
5.13.7
5.13.6
5.13.5
5.13.4

KV:
5.13.6
5.13.5
5.13.4

KT2, PW2:
5.12.2.2

You must use the exploit payload that matches your device/firmware combination exactly.

Download Link
watchthis-jailbreak-r03.zip

Installation

Setup

1. Factory reset the device Make sure to use the "en_GB" or "English (United Kingdom)" locale when setting the language.
2. Type ;enter_demo in the Kindle search bar after performing a factory reset
3. Reboot the device
4. Once in demo mode, skip setting up wifi and enter dummy values for store registration when prompted.
5. Skip searching for a demo payload
6. Select the "standard" demo type
7. Press "Done" at the prompt to sideload content. Do not sideload the jailbreak at this stage.
8. Once the demo is setup, skip the misconfiguration lockout using the "secret gesture" (double finger tap on bottom right of screen then swipe left)
9. Enter the demo configuration menu by typing ;demo into the search bar
10. Select the "Sideload Content" option

Jailbreak

1. Connect the device to a PC and:
2. Create the directory .demo at the root of the Kindle storage
3. Copy ${YOUR_DEVICE}-${YOUR_FW_VERSION}.zip to .demo/
4. Copy demo.json to .demo/
5. Create an empty folder at .demo/goodreads. Do not put any files in this folder.
6. Press "Done" at the prompt to install the jailbreak script
7. Exit the demo menu and either enter ;dsts or swipe down and select the settings icon to enter the device settings menu
8. If an application error occurs, hard reboot the device by holding the power button, enter the demo menu again and select Sideload Content -> Done once more without connecting to USB
9. Select "Help & User Guides" then "Get started"
10. If jailbreaking KT2 or PW2, select the store button instead
11. The device will reboot
12. The jailbreak script will run during the next boot

Post Jailbreak

1. After the device has rebooted, type ;uzb into the search bar
2. Connect the device to a PC and copy Update_hotfix_watchthis_custom.bin to the root of the Kindle storage
3. Eject the device and either enter ;dsts or swipe down and select the settings icon to enter the device settings menu
4. Select Update Your Kindle to install the custom hotfix
5. This will take your device out of demo mode, rebuild the application registry and clean up unneeded jailbreak files.

Troubleshooting

• Alternative Demo Mode entry method:
  • Create an empty file named DONT_CHECK_BATTERY at the root of the Kindle USB storage
  • Activate demo mode by typing ;demo into the search bar
  • Once in demo mode, skip setting up wifi and enter dummy values for store registration when prompted
• If you need to reset your device whilst in Demo Mode, enter ;uzb in the search bar to enable USB storage mode then create an empty file named "DO_FACTORY_RESTORE" at the root of the Kindle storage. Once this has been created, reboot the device.

You should now have a freshly jailbroken Kindle

I update my Kindle PW5 Paperwhite th11 to 5.14.3 now I can't downgrade and wait for you to Jailbreak 5.14.3 can you show me how to downgrade more details?

[riothamus]

Quote:

Originally Posted by j.p.s

Someone else had a similar problem and was trying to install the wrong hotfix. Maybe this thread will help:
https://www.mobileread.com/forums/sh...d.php?t=347445

I doubt I'm using the wrong hotfix since I did the jailbreak with this version and I'm using the hotfix from the .zip file.

So I started over again with the entire jailbreak process. I'm stuck between step 12 of the jailbreak and step 1 of post jailbreak. After the reboot, the jailbreak script runs but the kindle starts in demo mode on the "misconfiguration lockout" so I have to use secret gestures again. Then when I finally get out of that, connect to the PC and put in the hotfix, Update Kindle is grayed out.

Edit: If I force a restart, it appears to run the jailbreak script again. I was able to ;exit_demo and restart and I'm not stuck in the "misconfiguration lockout" anymore but still no "Update Kindle" option and nothing is cleaned up in the root directory or .demo folder. Just doesn't appear that the jailbreak took and no clue if the hotfix ran correctly.

[riothamus]

Quote:

Originally Posted by riothamus

I doubt I'm using the wrong hotfix since I did the jailbreak with this version and I'm using the hotfix from the .zip file.

So I started over again with the entire jailbreak process. I'm stuck between step 12 of the jailbreak and step 1 of post jailbreak. After the reboot, the jailbreak script runs but the kindle starts in demo mode on the "misconfiguration lockout" so I have to use secret gestures again. Then when I finally get out of that, connect to the PC and put in the hotfix, Update Kindle is grayed out.

Edit: If I force a restart, it appears to run the jailbreak script again. I was able to ;exit_demo and restart and I'm not stuck in the "misconfiguration lockout" anymore but still no "Update Kindle" option and nothing is cleaned up in the root directory or .demo folder. Just doesn't appear that the jailbreak took and no clue if the hotfix ran correctly.

Ok, so I updated the firmware with the amazon version. Then I performed the jailbreak from the beginning. I was then able to perform everything correctly. Lesson learned, don't reset the jailbroken Voyage...

[RussTShackleford]

Many thanks to katadelos and everyone involved in making this jailbreak, I was able to JB my PW2 this afternoon. A panic filled 20 minutes or so trying to get the "secret gesture" to work, but I got there in the end.

[Klapo]

Thanks for good news

Just bought a new Kindle Paperwhite Signature Edition (32 GB) / PW5SE which is on 5.14.0.1.

Which version of upgrade should I use for a better jailbreak experience? 5.14.1.1 or 5.14.2 ?

Code:

https://s3.amazonaws.com/firmwaredownloads/update_kindle_all_new_paperwhite_11th_5.14.1.1.bin
https://s3.amazonaws.com/firmwaredownloads/update_kindle_all_new_paperwhite_11th_5.14.2.bin

EDIT #1
Went with 5.14.2, KUAL (coplate) & KOReader works just fine Got one question though. Is KUAL -> Helper -> Block OTA working for PW5SE? I would like to connect a device to WiFi sooner or later.

EDIT #2
I saw this https://www.mobileread.com/forums/sh...3&postcount=25 on forum. Hopefuly it's enough to block OTA

[airotkiv]

Hi, guys, thank you all for both the software amd the tutorials! Both were great - but I'd like to make one note. If I knew that CalibreCollections is not compatible with this package, I would not have put the sanity of my dear old Voyage on the line. AND if I knew that the downgrade does not surely work on a KOA3, I probably would have postponed jailbreaking that one, too...

Still, your work is huge and great!

[j.p.s]

Quote:

Originally Posted by airotkiv

AND if I knew that the downgrade does not surely work on a KOA3, I probably would have postponed jailbreaking that one, too...

Postponing doing a jailbreak increases the reisk of ending up being unable to jailbreak when you need to.

Also KindleBreak was much easier to do than WatchThis.

[vansontv]

can i surf the web watch youtube and listen to mp3 i have Kindle pw5 firmware update 5.14.3.0.1 cant jailbreak cant downgrade is there any way to jailbreak it?

[z1chess]

Please post a new jailbreak for PW5 version 5.14.3.0.1
Thanks!

[shamanNS]

@vansontv Watching YouTube on a Kindle eInk device?

[vansontv]

Quote:

Originally Posted by shamanNS

@vansontv Watching YouTube on a Kindle eInk device?

I only have an idea if kindle can open the web but the web program is too low to load youtube if you guys can crack it, so the code can be viewed at a high level.

[Sparrix]

Quote:

Originally Posted by Klapo

Thanks for good news

Just bought a new Kindle Paperwhite Signature Edition (32 GB) / PW5SE which is on 5.14.0.1.

Which version of upgrade should I use for a better jailbreak experience? 5.14.1.1 or 5.14.2 ?

Code:

https://s3.amazonaws.com/firmwaredownloads/update_kindle_all_new_paperwhite_11th_5.14.1.1.bin
https://s3.amazonaws.com/firmwaredownloads/update_kindle_all_new_paperwhite_11th_5.14.2.bin

EDIT

Went with 5.14.2, KUAL (coplate) & KOReader works just fine Got one question though. Is KUAL -> Helper -> Block OTA working for PW5SE? I would like to connect a device to WiFi sooner or later.

Thanks for posting the links for the update! Working on my PW5