Register Guidelines E-Books Search Today's Posts Mark Forums Read

Go Back   MobileRead Forums > E-Book Readers > Amazon Kindle > Kindle Developer's Corner

Notices

Reply
 
Thread Tools Search this Thread
Old 08-29-2023, 09:17 AM   #1
AllanDaemon
Junior Member
AllanDaemon began at the beginning.
 
Posts: 1
Karma: 10
Join Date: Jul 2023
Device: KPW5SE
How to create a jailbreak?

I got my first e-reader, a KPW5SE, 11th gen. It came with FW 5.15.1

I found out that Kindle, without jailbreak, sucks. And I'm out of the refund time...

I see that there is no jailbreak for those new versions.

I would like to, instead of I keep waiting for someone to do something, if I can help with anything.

So, how does one create a jailbreak for this version? Or is there anything I can do to help?

Background: I have a CS degree and some experience in reverse engineering binaries from when I was in high school.
AllanDaemon is offline   Reply With Quote
Old 08-29-2023, 09:30 AM   #2
Quoth
Still reading
Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.
 
Quoth's Avatar
 
Posts: 14,905
Karma: 110507267
Join Date: Jun 2017
Location: Ireland
Device: All 4 Kinds: epub eink, Kindle, android eink, NxtPaper
If you have to ask, this is the wrong place.
Quoth is offline   Reply With Quote
Old 08-29-2023, 01:38 PM   #3
CitizenStile
Junior Member
CitizenStile began at the beginning.
 
CitizenStile's Avatar
 
Posts: 6
Karma: 10
Join Date: May 2023
Device: PW5SE, PW3(7th Gen)
Unlike Quoth, I think you are absolutely in the right place AND you have the right attitude. Unfortunately I do not have much experience myself in uncovering jailbreaks. There are a few projects that you could also help with like Mosquito which is a web app that runs in place of the amazon store and you could develop applications within that space.
CitizenStile is offline   Reply With Quote
Old 08-29-2023, 02:12 PM   #4
bulltricks
Enthusiast
bulltricks rocks like Gibraltar!bulltricks rocks like Gibraltar!bulltricks rocks like Gibraltar!bulltricks rocks like Gibraltar!bulltricks rocks like Gibraltar!bulltricks rocks like Gibraltar!bulltricks rocks like Gibraltar!bulltricks rocks like Gibraltar!bulltricks rocks like Gibraltar!bulltricks rocks like Gibraltar!bulltricks rocks like Gibraltar!
 
Posts: 30
Karma: 100000
Join Date: May 2023
Device: Kindle family
Jailbreaking, or even attempting to jailbreak embedded devices is a fun challenge, and you can learn quite a bit even if you are not successful.

From my standpoint, you end up needing three pieces:
1. The exploit - this is what gets you in the door to execute arbitrary code on the device
2. The persistence - so that after reboot, your code runs ... this takes caution because if you mess this up, the device can be toast without hardware intervention (which either isn't implemented, or isn't documented) on modern Kindles. KUAL will do this piece for you, which is why you can find people with jailbroken newer versions
3. The ecosystem - Fortunately, this is largely done for you, by using the existing KUAL - but there are necessary changes as some things change (for example, the location of the signing keys)


In general, and somewhat paradoxically, the best way to jailbreak a Kindle is to start with a jailbroken kindle. Amazon's position as market leader has led to a software ecosystem that has barely budged, so you are likely to be able to get an older device at say, a thirft store, that has the old version of the firmware; or be amenable to a hardware jailbreak -- then, with proper persistence can result in having a shell on a Kindle with the newest firmware, and 'gdb'

You can also use KindleTool to rip apart the firmware files, and extract the root file system - this is a Linux system. If you look around, you can even find instructions to run this with qemu or similar

Then, it's a matter of exploit hunting, which is both fun and frustrating. A good 'start' is looking at previous jaibreak write-ups to see where people have looked, and what they found.

From a rough high level breakdown ..
1. There are the bash scripts on startup - these have been picked over fairly well, but you can still find some unexpected behavior . The days of 'simple' jailbreak here seem to be gone

2. Linux binaries - here is where you look for 'system' or 'popen' in the many many binaries - this is where Ghidra comes in, to see whether something (eg, contents of a file in the user file system) can lead to a parameter to system

3. As a special case of Linux binaries, Webkit has had many vulnerabilities, and the Kindle version tends to be out-of-date. You may be able to use an old vulnerability -- but then you need to get out of the sandbox.. LIPC (Amazon specific IPC) can be a good way to escape the sandbox (see Kindledrip)

4. Then, there are Java binaries - Java can still shell out, and many of the Java applications use files in the user accessible storage I haven't dug into this much though

5. At an even higher level, there's Javascript -- if you can get execution control (eg, Mesquito), you have access to LIPC .. There's multiple javascript wrappers on the Kindle - the wap framework (mesquite) which restricts access to the LIPC API, and then there's the Pillow framework, which can do any LIPC accesses). Then you can look through the list of LIPC calls (which you can get if you already have a shell, but people have documented many of these) to see how to get execution..
bulltricks is offline   Reply With Quote
Old 08-29-2023, 02:44 PM   #5
Quoth
Still reading
Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.
 
Quoth's Avatar
 
Posts: 14,905
Karma: 110507267
Join Date: Jun 2017
Location: Ireland
Device: All 4 Kinds: epub eink, Kindle, android eink, NxtPaper
And the people saying I'm wrong have how many years programming, finding vulnerabilities and then installing computer viruses, trojans and root kits?

Basically you have to be more expert and experienced than the Kindle programmers and they also have to have made mistakes. Even if you rate your time in cents per hour it's cheaper to go buy a Kobo or Android eink. Neither needs rooted / jailbroken and mostly they already do what people are using Kindle Jailbreaks for.

It's going to get harder to jailbreak a Kindle.
Quoth is offline   Reply With Quote
Old 08-29-2023, 06:29 PM   #6
JSWolf
Resident Curmudgeon
JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.
 
JSWolf's Avatar
 
Posts: 80,665
Karma: 150249619
Join Date: Nov 2006
Location: Roslindale, Massachusetts
Device: Kobo Libra 2, Kobo Aura H2O, PRS-650, PRS-T1, nook STR, PW3
It's entirely possible that there could never again be a jailbreak for a Kindle with the current firmware.

Don't buy a Kindle in the hopes of jailbreaking it especially when they now come with too late a firmware version. And don't buy a Kindle if you don't like it the way it comes. It won't get any better.
JSWolf is offline   Reply With Quote
Old 08-29-2023, 07:13 PM   #7
bulltricks
Enthusiast
bulltricks rocks like Gibraltar!bulltricks rocks like Gibraltar!bulltricks rocks like Gibraltar!bulltricks rocks like Gibraltar!bulltricks rocks like Gibraltar!bulltricks rocks like Gibraltar!bulltricks rocks like Gibraltar!bulltricks rocks like Gibraltar!bulltricks rocks like Gibraltar!bulltricks rocks like Gibraltar!bulltricks rocks like Gibraltar!
 
Posts: 30
Karma: 100000
Join Date: May 2023
Device: Kindle family
Quote:
Originally Posted by Quoth View Post
Basically you have to be more expert and experienced than the Kindle programmers and they also have to have made mistakes.
Completely disagree with you here - this is the great asymmetry of security in general. The Lab129/Kindle Programmers have to be perfect all the time, every time... and not just in their code, but with every upstream library they bring in.

Meanwhile, someone looking for an exploit just has to find one (or, for some of these, two).


Quote:
Originally Posted by JSWolf View Post
It's entirely possible that there could never again be a jailbreak for a Kindle with the current firmware.
There are at least two jailbreak vulnerabilities in the current firmware, one of them so significant that Amazon is releasing new firmware for a 9 year old device.

With that said, the only thing that prevents new code being used for jailbreaks is feature stagnation...


Quote:
Originally Posted by JSWolf View Post
Don't buy a Kindle in the hopes of jailbreaking it especially when they now come with too late a firmware version. And don't buy a Kindle if you don't like it the way it comes. It won't get any better.
Sadly, I have to agree with this.
Buy a kindle if you want to mess with it - you can buy them used or refurb for cheap, there's a wealth of information about the ecosystem.

Unfortunately, the choices by Amazon to make newer Kindle's disposable are incompatible with significant home brew development in the future.
bulltricks is offline   Reply With Quote
Old 08-30-2023, 04:34 AM   #8
JSWolf
Resident Curmudgeon
JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.
 
JSWolf's Avatar
 
Posts: 80,665
Karma: 150249619
Join Date: Nov 2006
Location: Roslindale, Massachusetts
Device: Kobo Libra 2, Kobo Aura H2O, PRS-650, PRS-T1, nook STR, PW3
But until someone finds a vulnerability and releases a hack for it, it may as well remain closed.
JSWolf is offline   Reply With Quote
Old 08-30-2023, 07:33 AM   #9
Quoth
Still reading
Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.
 
Quoth's Avatar
 
Posts: 14,905
Karma: 110507267
Join Date: Jun 2017
Location: Ireland
Device: All 4 Kinds: epub eink, Kindle, android eink, NxtPaper
Quote:
Originally Posted by JSWolf View Post
It's entirely possible that there could never again be a jailbreak for a Kindle with the current firmware.

Don't buy a Kindle in the hopes of jailbreaking it especially when they now come with too late a firmware version. And don't buy a Kindle if you don't like it the way it comes. It won't get any better.
Yes.
Also I'm not against "jailbreaking" or open systems. Just trying to put some realistic points.
Quoth is offline   Reply With Quote
Old 08-30-2023, 07:35 AM   #10
Quoth
Still reading
Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.
 
Quoth's Avatar
 
Posts: 14,905
Karma: 110507267
Join Date: Jun 2017
Location: Ireland
Device: All 4 Kinds: epub eink, Kindle, android eink, NxtPaper
Quote:
Originally Posted by bulltricks View Post
Completely disagree with you here - this is the great asymmetry of security in general. The Lab129/Kindle Programmers have to be perfect all the time, every time... and not just in their code, but with every upstream library they bring in.
You didn't really read what I wrote. I wrote they have to make a mistake or mistakes.

And the Linux, libraries etc get bugs fixed.
Quoth is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Hacks Kindle (3) Keyboard : Upgrade and Jailbreak or Jailbreak and Upgrade?? prado Amazon Kindle 3 06-11-2021 10:13 PM
Troubleshooting after jailbreak, my pw2 auto updated, can I re-jailbreak? duqiaochai Amazon Kindle 12 04-05-2015 07:43 AM
KPW - to jailbreak or not to jailbreak BeccaPrice Kindle Developer's Corner 19 01-19-2013 07:43 PM
PRS-T2 Difference jailbreak.zip/rupor-jailbreak.7z & minimal-root-zeam.zip/rupor-minimal.7z? hyperstruct Sony Reader Dev Corner 9 01-06-2013 02:05 PM
ERROR: Failed to create library: Failed to create calibre library at: u'F:\\Calibre B feenix1363 Calibre 1 05-10-2012 05:45 PM


All times are GMT -4. The time now is 04:56 AM.


MobileRead.com is a privately owned, operated and funded community.