ROOT permissions for Pocketbook 602/603/902/903

[mr.postman]

On russian forum

Google translate:
In the other topic to which I have laid out an SDK for windows, I suggested poproveryat existing exploits for 2.6.29ogo kernel, to get ROOT - but the reality was much simpler: the Chinese, making a firmware for poketbook, have left us enough holes in their written suid applications.

In this example, I'm exploiting a elementary "hole" in /ebrmain/bin/netagent. This suid application, passing the command line passed to the system as is, with the result that we can execute any command as root. In search of the hole it took me 2 evenings, it is strange that so far no one has found.

We now have:
- Getting a local shell with Ruth on the device (but this will agree, it is inconvenient, since pocket term curve to the horror)
- Raising FTP and telnet daemon (use "full" busybox, rather than a castrato from the firmware), which is now possible to pick up the WiFi to the device remotely via FTP or Telnet, and wield it as root. That is - the main thing that I personally was not enough.

Immediately, I note for root you will not need any soldering anything or make changes to the firmware, nor do any of these "low-level bullying" over the device.
All that is necessary - unzip the archive here: http://www.multiupload.com/A49K088F4J the root of the built-in memory, thus the files form the directory /mnt/ext1/applications and /mnt/ext1/system/bin on the device .
After this, run the application get_root, it will get root, include WiFi and connect to your wireless point (of course, WiFi should be pre-configured). And then you get the opportunity to work with the device via FTP and telnet simply connect to a PC to its IP address.

If the WiFi in your home someone still has not, but wants to get on-screen shell with Rutaceae rights - you can run get_root.app of pocket term (by typing in it: /mnt/ext1/applications/get_root.app) after the script work is over, you get Rutaceae shell inside the same session poterm (close the window poterm - lose Rutaceae shell and the script will run again).
But there is a "feature" pocket term - he did not draw the $ symbol to invite a shell, so that the first team will need to enter "the blind" (for example, the command id, to make sure that you Ruth).

Trablshuting:
When the script works correctly, you first turn on bluetooth stack (a side effect), after which will connect to WiFi (with the conclusion of the windows), then after 5-10 seconds your device will be available to telnet / ftp via WiFi.
If the window does not appear, or when you run through the pocket term this script worked instantly - it means something to stop him. For example, previously included WiFi / Bluetooth. In this case I recommend to obtain a paper clip and reset the device, and then try again.

Operability is guaranteed on PocketBook 60x/90x. On older devices, probably not /ebrmain/bin/netagent, and exploit it impossible to make a hole.

Once again, the download link: http://www.multiupload.com/A49K088F4J

And now a couple of questions.
Here are experts in Linux? Of particular interest - as on Linux includes a complete stereo audio via bluetooth (a2dp profile)? This is the second thing, for lack of which poketbook beat a little. Actually lack the ability to listen to mp3 through wireless headphones. Having a root, I think, now, and this possibility is quite feasible.

Disclaimer:
This hack is completely safe for your device. He did not make any changes to the firmware or hardware device that does not start automatically when you reboot, and to remove it from the device, for example, before going into service - simply delete its files manually, or to format the internal memory by regular means.
But. This hack gives you Rutaceae law. And with them you may already own, for example, to mount the system partitions on the record and delete, or spoil them important files. Do this at your own risk - because boketpuki still do not even bother to put raw from the kernel, and we do not know, check whether the boot checksum partition / file, or whether there is any protection from modification.

[J.C.]

Sounds like an excellent development if its working.

Edit: Took a quick look, this looks legit.

[Golden67]

I'd like to try to root my device (Pocketbook ultra)but the link you have given make me downloaded another software. Can't I have it on another site : "mobileread" has too many adds.

[rkomar]

The hole in netagent was plugged a long time ago. As far as I know, there is no publicly known exploit that gives you root on newer PocketBook devices. There also doesn't seem to be a lot of effort going into trying to root the devices, since you can do a lot on them without needing root privileges.

[Golden67]

I've installed some little softwares on my Pocketbook, but I find them not very well. I'd like a text editor like excel. I'd like also to be able to access to my emails on hotmail : on hotmail, there is "onenote" online : it could be also interresting. So, I was trying to root my device, but if there are other possibilities I'm very interested! I have downloaded pi, poterm and vim apps, but I don't manage to save documents with them.
THanks for your help!!

[Golden67]

I'm here again :
I'd like to know how I would be able to run windows softwares (or android applications ) with my ereader. Have I to root ? (and does applications exist to do it). At the moment I don't have the superuser rights and I can't edit any documents even if I have access to the web.

[rkomar]

Quote:

Originally Posted by Golden67

I'm here again :
I'd like to know how I would be able to run windows softwares (or android applications ) with my ereader. Have I to root ? (and does applications exist to do it). At the moment I don't have the superuser rights and I can't edit any documents even if I have access to the web.

The device has a custom linux operating system on it. It doesn't have support for Windows software or for android apps. You can run standard linux command-line applications on it (the system is compatible with the debian lenny armel distribution). Running anything standard that requires a graphical window is problematic (Qt apps being the exception). Most of the graphics on the device goes through the Inkview library, and there is an SDK for it. There are many apps written using the SDK and published in this forum. Just look around for them.

As far as superuser rights go, none of the recent devices have been hacked to get root. The devices are customizable, though, and you can do a lot without requiring root privileges.

[rkomar]

Quote:

Originally Posted by Golden67

...I have downloaded pi, poterm and vim apps, but I don't manage to save documents with them.

If you can't save documents, then it's probably a problem with the destination directory not existing or not being writable by you. From other threads, it sounds like some of the directories have been moved around on the Ultra. You might want to explore the directories with pbterm to see where you are allowed to write files to. In general, you can write to the /mnt/ext1, /mnt/ext2 and /tmp/ directories. Anywhere else will likely not be permitted.