![]() |
#46 | ||
ePub Junky
![]() Posts: 65
Karma: 34
Join Date: Sep 2009
Location: Dunstable
Device: Black Sony Touch PRS-600, iPad
|
Quote:
Quote:
|
||
![]() |
![]() |
![]() |
#47 | |
Fanatic
![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Posts: 556
Karma: 1057213
Join Date: Sep 2006
Location: North Eastern U.S.
Device: Sony Reader
|
Quote:
![]() |
|
![]() |
![]() |
Advert | |
|
![]() |
#48 | |
ePub Junky
![]() Posts: 65
Karma: 34
Join Date: Sep 2009
Location: Dunstable
Device: Black Sony Touch PRS-600, iPad
|
![]() Quote:
![]() And that the whole point of this Thread was to work out why a 600 (and 700 presumably) did not run the Javascript... ![]() ![]() Regarding Autorun.xml and Autorun.js in the "special" directory "/Sony Reader/software" Have I got it completely wrong? |
|
![]() |
![]() |
![]() |
#49 |
Wizard
![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Posts: 3,442
Karma: 300001
Join Date: Sep 2006
Location: Belgium
Device: PRS-500/505/700, Kindle, Cybook Gen3, Words Gear
|
On the devices before PRS-600 a user-supplied autorun.xml gets loaded. On PRS-600, a user-supplied autorun.xml plus some buttons triggers loading of internal autorun.xml. The content of the user-supplied autorun.xml is completely ignored.
|
![]() |
![]() |
![]() |
#50 | |
ePub Junky
![]() Posts: 65
Karma: 34
Join Date: Sep 2009
Location: Dunstable
Device: Black Sony Touch PRS-600, iPad
|
Quote:
Do we suspect there is some other secret (undocumented) way of getting Javascript to run? Or that Sony have closed all the back doors other than hacking a firmware update itself? |
|
![]() |
![]() |
Advert | |
|
![]() |
#51 |
Wizard
![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Posts: 3,442
Karma: 300001
Join Date: Sep 2006
Location: Belgium
Device: PRS-500/505/700, Kindle, Cybook Gen3, Words Gear
|
It seems they disabled external stuff quite completely.
|
![]() |
![]() |
![]() |
#52 | |
Junior Member
![]() Posts: 2
Karma: 10
Join Date: Oct 2009
Device: PRS-600
|
Quote:
It doesn't support the .LIT format. Isn't there someone here who can make the OS of the reader support .LIT. I'd be very grateful. This website gives you the open source codes that they used in the PRS-600. http://www.sony.net/Products/Linux/ Darkstorm666 |
|
![]() |
![]() |
![]() |
#53 |
Addict
![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Posts: 204
Karma: 250000
Join Date: Jan 2009
Location: Great White North
Device: PRS-505
|
|
![]() |
![]() |
![]() |
#55 |
ePub Junky
![]() Posts: 65
Karma: 34
Join Date: Sep 2009
Location: Dunstable
Device: Black Sony Touch PRS-600, iPad
|
![]()
Surely we could (with some hacking effort) create a firmware update to simply put back functionality which will allow JavaScript to be called again from a flash drive? Could we not just patch the "Test" software routines so they call Autorun.xml on the flash card rather than the "/opt/sony/application/resources/test" directory
Regarding the 600 sources ■MAKEDEV-3.21-3.src.rpm ■busybox-1.9.1.tgz ■dosfstools-2.11.src.tar.gz ■freetype-2.1.10080414.tar.gz ■initscripts-8.31.6-1.src.rpm ■linux-2.6.23_090626.tgz ■linux-kernel-headers-2.6.13-1.src.rpm ■make-3.80-10.2.src.rpm ■modules_090626.tgz ■mtd-20050419-2.src.rpm ■nandboot_090626.tgz ■openssl-0.9.8j.tar.gz ■procps-3.2.6-3.5.src.rpm ■sourceryg++-4.2-28armeabi.src.rpm ■uClibc-0.9.29.tar.gz ■udev-106-4.src.rpm ■util-linux-2.13-0.20.4.src.rpm ■zlib-1.2.3-1.2.1.src.rpm What tools can I use to look inside these sources? Which sources are the most interesting from a patching point of view? |
![]() |
![]() |
![]() |
#56 | |
Enthusiast
![]() Posts: 48
Karma: 10
Join Date: Sep 2009
Device: psr600
|
Quote:
Code:
rpm2cpio php-5.1.4-1.esp1.x86_64.rpm | cpio -idmv |
|
![]() |
![]() |
![]() |
#57 |
Junior Member
![]() Posts: 2
Karma: 10
Join Date: Oct 2009
Device: PRS-600
|
Even though I would like my reader to support .LIT format, I suppose that for now the best tool for conversion is indeed Calibre. Thank you, dclavey, for that excellent suggestion.
|
![]() |
![]() |
![]() |
#58 | |
Member
![]() Posts: 14
Karma: 10
Join Date: Sep 2009
Device: PRS-600
|
Quote:
Second - the firmware updates are encrypted and we need to break the encryption key. This can be extracted from a full system dump, but we don't have one. A possible third obstacle is that it looks to me like in addition to encrypting their updates, they also sign them. I'm not sure if there is a way to make the device accept an update that isn't signed by a key we certainly don't have and wont be able to get. After getting a full system dump, we'll have to probably scour over it and try to find some kind of exploit... i.e. a vulnerability in the pdf reader or music player, or picture viewer, or something that will let you take a carefully crafted file and as a result execute code by exploiting it. I'm not as much an expert with these devices as others, but from what I gather what we really need is a full system dump. - Not just a dump of the files, but an actual block-for-block copy of the flash memory (i.e. use dd to copy it at a low level to an .img file) and from there we can start to poke at it and go to town. |
|
![]() |
![]() |
![]() |
#59 |
Junior Member
![]() Posts: 4
Karma: 10
Join Date: Sep 2009
Device: sony!
|
Full dump NAND04GW3B is here: http://rapidshare.com/files/290174389/PRS_600_dump.zip
password - radugaif I found this here: http://www.the-ebook.org/forum/viewtopic.php?t=12007 |
![]() |
![]() |
![]() |
#60 |
Enthusiast
![]() ![]() ![]() ![]() ![]() ![]() Posts: 41
Karma: 602
Join Date: Oct 2009
Device: E600
|
Interesting, I did not realize how easy the 505 and other models were to hack, and I guess Sony is covering their tracks better.. I wish these companies did not worry so much about people hacking their devices. There needs to be more open source devices by design. Most of the hacks people make are simple and beneficial (like adding a clock, duh) So update, how's this looking for all you hacker people? I will likely order my 600 soon, and am curious what will be possible in the near future.
|
![]() |
![]() |
![]() |
|
![]() |
||||
Thread | Thread Starter | Forum | Replies | Last Post |
Hacking PRS-505... | SeNS | Sony Reader Dev Corner | 25 | 12-20-2011 11:12 PM |
PRS-600 Any news about hacking the new sony readers (600/300)?? | pikoman | Sony Reader | 5 | 10-07-2009 09:18 AM |
PRS-505 Hacking Guides | SurgE | Sony Reader Dev Corner | 2 | 08-13-2008 08:54 PM |