How-to obtain root access of New Basic Kindle (2014) FW5.6.0.1

[hondamarlboro]

Successfully obtained with following steps:

1. Open the back panel and get serial connections where printed "SERIAL DEBUG" Tx, Rx, GND (from L to R). I used "FTDI Basic Breakout - 3.3V" at hand with power supply from USB port
2. Get your password with Python script:

Code:

% python -c 'import hashlib,sys;print "fiona%s" % hashlib.md5("%s\n" % sys.argv[1]).hexdigest()[13:16]' YOUR_SERIAL_NUMBER

3. Reboot Kindle and stop autoboot, then enter into uboot mode
4. Run 'bootm 0xE41000' command
5. Tap 'Exit' and 'Reboot or Disable Diags', then 'Exit to login prompt' on the screen of Kindle
6. Login as 'root' with your password generated by Python script
7. Mount filesystem and edit password

Code:

# mount /dev/mmcblk0p1 /mnt/mmc

8. Reboot and enjoy!

bootlog --> http://pastie.org/9622128

[knc1]

Thanks for the info and pictures.

What are the first 4 characters of your Kindle's serial number?
Please, just the first 4.

PS: If you have a choice, use a 1.8v serial interface device.
The Kindle **might** tolerate 3.3v but it is 1.8v interface.

[hondamarlboro]

Quote:

Originally Posted by knc1

What are the first 4 characters of your Kindle's serial number?
Please, just the first 4.

My Kindle S/N is 90C6 **** **** ****

[NiLuJe]

@hondamarlboro: Kudos!

I guess this is the moment we start begging for a rootfs dump? .

[knc1]

Quote:

Originally Posted by hondamarlboro

My Kindle S/N is 90C6 **** **** ****

** Thanks **

A model (and a motherboard) we have not seen here before.

Is this model being sold in Japan?
Does it have a front lighted screen? (one of the PW* series)
Does it have 4G of flash?

Why?
So we can add it to our model table:
https://wiki.mobileread.com/wiki/Kindle_Serial_Numbers

[NiLuJe]

Dry-coded handling of it in KindleTool, I'll take a better look at it when I have more time .

Thanks again !

[hondamarlboro]

Quote:

Originally Posted by knc1

Is this model being sold in Japan?
Does it have a front lighted screen? (one of the PW* series)
Does it have 4G of flash?

This is
- Sold in Japan
- No front light
- 4GB Storage

Japanese edition but I guess same specs/model of US Kindle 2014

[knc1]

Quote:

Originally Posted by hondamarlboro

This is
- Sold in Japan
- No front light
- 4GB Storage

Japanese edition but I guess same specs/model of US Kindle 2014

Ah, So

A touch screen replacement for the K4 in the model line-up.
It almost had to happen, they have been making the K4 for the "least cost" end of the product line for a long time now.

Link also claims "twice the book storage" - so the USA one must be 4GB also.

Also claimed: 20% faster processor - must also be an i.MX6 machine (like the PW2).

I can see they are building on a newer kernel (3.0.35 - released 17-Jun-2012).

Could you do a capture of the output of:
cat /proc/cpuinfo
for us?

Thanks for the USA link -
It is also showing me a "Kindle Voyage" link (new, top of line).

- - - - - -

Any USA dweller out there with more money than common sense want to throw $300 towards Amazon, buy a Kindle Voyage (3G+WiFi, no S/O) and tear it apart for us?
(Don't forget the not-included charger.)

[knc1]

Quote:

Originally Posted by NiLuJe

Dry-coded handling of it in KindleTool, I'll take a better look at it when I have more time .

Thanks again !

I made suggestions for prefixs on the two 2014 models, see:
https://www.mobileread.com/forums/sho...78&postcount=1

[NiLuJe]

And before anyone asks with a crazy idea of downgrading to a JB-friendly PW2 Firmware: big nope.

Code:

UPDATE_ERROR_DOWNGRADE_ATTACK=0xC

'ATTACK'. Why so serious, lab126? .

[knc1]

Quote:

Originally Posted by NiLuJe

And before anyone asks with a crazy idea of downgrading to a JB-friendly PW2 Firmware: big nope.

Code:

UPDATE_ERROR_DOWNGRADE_ATTACK=0xC

'ATTACK'. Why so serious, lab126? .

If those folks know the English language, that certainly does not sound like they are giving up this war over owner-access.

How can a person "ATTACK" something that they own?

[AcidWeb]

Models send to Europe also have 90C6 serial.

[NiLuJe]

If you're feeling adventurous, the latest snapshots should be KT2-ready, provided your jailbreak delivery method is a serial shell .

[knc1]

Quote:

Originally Posted by NiLuJe

And before anyone asks with a crazy idea of downgrading to a JB-friendly PW2 Firmware: big nope.

Code:

UPDATE_ERROR_DOWNGRADE_ATTACK=0xC

'ATTACK'. Why so serious, lab126? .

I am puppy sitting for a neighbor this month and have nicknamed him: "Lab126"
(No - he isn't a Lab - he is an American Bull Terrier - busy digesting the last person that tried to break into neighbor's house.) (A.K.A: Pit Bull & Texas Welcome Mat)

[zxczxc]

once you connect with the serial cable, and get the password, and have root access, is 'rooting'/jailbreaking the device easy/simple - the same everytime?
since, from what i understand, this is not an exploit, so, once you actually give yourself root permissions how can you keep it that way?