Tools Serial Jailbreaking your fw >= 5.6.x Kindle for Dummies

[grant2]

This is how you jailbreak a Paperwhite or Voyage using windows software. Good luck, fellow kindlers!

These instructions were created on a Paperwhite 2. Physical differences aside, they will work on any kindle that:

• Has a firmware version in the 5.x.y series
• Is a touchscreen Kindle model

A link to a Linux version of this can be found here.

Like most things in life, this guide is probably full of mistakes. If you find any, please let me know so I can fix them.

Part 1: Get what you need!

1. Your kindle! And its serial #.

Write that down. (apparently you should hide your serial #. So i've hidden part of mine. Come @ me, haxors!)



2. USB -> Serial converter board.

This is what most people use: Jim's Board because it's cheap & does the job.

You want to specifically order option #3. This is necessary because your kindle uses 1.8v signals and if you use 3.3v or 5.0v, you can blow up your chips.



3. Two USB cables to connect to your Windows computer

We are lazy, so it will be most convenient to be able to hook up the kindle + the serial converter board at the same time.

If you are not using windows, then you are probably some ultra-smart linux pro who doesn't need a dummies guide anyways.

4. usb converter drivers

Download and install the correct drivers from the ftdichip website. These are what will allow your computer to talk to the serial converter board.

5. Soldering iron, conductive glue, wires, clips, pins, magnifier, etc.

Whatever you need to connect wires to tiny metal spots on the computer board. It's a delicate operation.

6. Small screwdrivers, thin knives, and some tupperware

Whatever you need to break apart your kindle & get at the tasty goodness inside.

The containers are essential to hold your parts so they don't get lost!

7. Python software

Get python here. Install on your machine. I used version 3.5.0, but other versions should work fine.

Don't worry, we're not going to write complex code!

8. PuTTy software

Download PuTTy here..

This is the program that lets your computer talk to the kindle over the serial port. You don't need to install it; it just runs.

9. Mobileread Softwares

Download and unzip all these awesome packages provided by Mobileread smartguys. Keep them handy, we'll come to them later.

• "K5 Jailbreak (5.0.x - 5.4.4.2)" Software. This is what unlocks the power! (The jailbreak software was recently updated to behave better for our serial jailbreaks, so we are going to download the latest version from NiJuLe's daily snapshot thread instead of getting the older version from the Jailbreak thread.) (thanks NiJuLe!)
  Hint: Use "7-Zip" or "WinRar" to unpack the jailbreak software.
• Kual AND Kual Helper This runs the goodies you want to install. (thanks twobob!)
• MRPI You need this to install those goodies. (thanks NiLuJe!)
• Screensaver hack we'll install this to confirm the jailbreak worked. (thanks NiLuJe!)

[grant2]

Part 2: The Physical Setup

Voyage users: stupidhaiku has supplemental pictures & instructions to help you! Read his first post and his second post

1. Crack open the Kindle

Peel off the front cover. It's held down with glue or tape.

I prefer to heat it up with a hairdryer to soften the glue, and then I stick an exacto knife into the seam near the corner to start prying it up.

In case you want more help, here is a blog from MaCXyLo with more detailed teardown instructions



2. Remove the screws

There are 11 screws. The one in the middle is hidden underneath adhesive tape- don't miss it!

Tiny screws are like children! They love to play hide & seek! So make sure you put them immediately into your previously-obtained plastic container so have no chance to escape your merciless screwdriver.



3. Remove the battery

a. Pry the silver frame (which holds the screen) out of the black back cover.

b. Flip it over and put it onto a tupperware lid so you don't get crumbs on the adhesive on the front.

c. Remove the 3 screws holding the battery and pull out the battery. Put them all in your container'o'screw-storage for safekeeping.

Play safe! It's dangerous to wield a soldering iron near lithium & live current



4. Unhook cables

1st cable:

You don't want your delicate fragile cables getting in the way of mean mr. soldering iron

• Peel back the tape (Yellow)
• Lift the tiny lever that holds the cable in place (Red)
• Pull out the cable
• Wrap the tape & cable behind the screen

2nd cable

• Lift the cable out from its socket (Pink)
• Wrap the cable behind the screen

5. Connect the USB converter board!

Use your soldering tools to do this work. You need to make these 4 connections:

Code:

Converter	Kindle Board	On Diagram
V 	  	TP1706 		Blue Arrow
GND 	  	(Any Ground) 	Purple Arrows
RX 	  	Left Serial 	Red Arrow
TX 	  	Center Serial 	Green Arrow

Hint: You can connect to any of the possible ground points. The metal plates are very convenient



Here is a close-up of my own soldering adventure:



6. Reconnect screen and battery

Your kindle needs powah...! Reconnect:

• Screen cables
• Battery
• Plug USB Serial converter into your computer
• Plug Kindle into your computer

I have taped my USB board to the frame because my soldering skills are weak and I didn't want to risk pulling things loose as I moved it around.



BONUS: These other kindlers show off some great ideas on how to connect your serial port:

• Dennish connecting without any soldering (Great idea!)
• Raz572 permanently attaching his serial board (Handy!)
• knc1 permanently attaches his board also (Very neat!)
• Valkaoth connecting ground to the EM cover plate (Save some frustration!)
• Darron instead added a bluetooth serial connector to his kindle DX (Future convenience!)

[grant2]

Part 3: Windows Computer Setup

1. Get your Kindle's password

Python can magically turn your serial number into your kindle's password. We will need the password to do tricky things with it.

Open a command prompt



Run "Python" and execute these commands:

import hashlib
print("fiona%s"%hashlib.md5("<your kindle serial number with no spaces and all capital letters>\n".encode('utf-8')).hexdigest()[13:16])



What pops out is your root password! "fionaxxx"

Hint: If you cannot run python it means you did not install it properly


2. Set up your COM port

Now we need configure your computer to talk to the USB converter board.

Plug board into your computer.
Open "Device Manager" and find the "USB Serial Port (COM3)" item which is now available

Hint: If this device isn't showing in windows, it means you didn't install the drivers correctly!

Right-click the item and edit its properties



Click "Port Settings" and set everything like below:



3. Set up PuTTy

Putty is the program that will talk to your kindle. Open the program, create, and save a new connection with these settings:

- Connection Type = "Serial"
- Serial line = "COM3" or whatever COM # this shows up as in device manager
- Speed = "115200"



Navigate to "Connection" -> "Serial" and set up the options to match what you set up in device manager



Save the session again (sometimes putty forgets stuff...) and then open the session:



A new blank, black window will appear. This is the window which lets us talk to the kindle.

[grant2]

Part 4: Hackery stuff

This is the most confusing part of the whole jailbreak process. Don't fret! There's lots of pictures so even someone as slow as me can get through things.

1. Get into the diagnostics boot

Turn on your kindle, and watch the blank putty window you have open.
As soon as text starts appearing in the window, begin tapping keys on your keyboard.
Text will keep scrolling until the boot is interrupted

Hint: If you you miss the chance to interrupt, and your kindle starts normally, you can "restart" your kindle from its menus and try again

Once the booting is interrupted, the screen will say "uboot >", type this command: bootm 0xE41000



This makes the kindle boot to "diagnostics", which is a place where we can unlock access to the main kindle stuff.

When the diags menu displays, type "d"



On the next menu type "l" ("L")



finally, type "q"



Enter these login credentials:

kindle login: root
password: <the password you got from running python, e.g. fionaxxx>

Hint: the password won't show on the screen while you are typing it

Hint: If the password isn't working, you probably copied down your serial # incorrectly. You can cut & paste the serial number from your putty window into the python command and run it again to get the correct password.



you are now logged in!

2. Edit the password file

vi is a funny little program that edits text files. Linux users prefer to use confusing programs so they can keep dummies like us out of their way... but in this case I'll show you how to sneak through

Run these 3 commands to edit the password file:

Code:

mkdir /tmp/main
mount /dev/mmcblk0p1 /tmp/main
vi /tmp/main/etc/passwd

The Vi program will load and put the password file on the screen

Use the arrow keys to move the cursor over the "x" (it might be a "!" instead) which is right after "root:".
Press "x" to delete the x

Hint: The "delete" key doesn't actually delete characters in this program. Just roll with it.



The file now looks like this



Removing the "x" is telling the system that the main root account doesn't need a password.

Type ":w" to save the file & exit the editor

The text editor will close, but the file will still appear on the screen. Don't be afraid of that, it's ok.

Type "reboot" to restart the kindle



3. Run the jailbreak

Now we get to the meat of the matter! Let's make it rain!

Wait for your kindle to finish booting. It will appear as a storage device on your computer.
Copy all of the files from the jailbreak .ZIP to the base directory on the kindle



"Eject" the kindle from your computer and unplug it.

Warning: Leave the USB serial converter plugged in!

In your putty window, press "Enter" This will display the login prompt
Type root to log in



Type these 2 commands:

Code:

cd /mnt/us
sh jb.sh

The jailbreak will do its business



Hint: If you are watching the screen, you will see the word "**** JAILBREAK ****" appear at the bottom



When the PuTTy screen has stopped scrolling, reboot your kindle again:



Wait for the kindle to finish rebooting

Plug your kindle into the computer and look at the Kindle storage in windows

You will see new directories have been made by the jailbreaking



4. Protect your jailbreak

Amazon is sneaky, even sneakier than those tiny little screws which will try to escape your tupperware! If we are not careful, they will secretly upload new software to your kindle and ruin everything!

Hint: Keep your kindle in "airplane mode" all the time. This keeps your precious device safe from Amazon poking at it.

BUT: If you must connect to the internet (e.g., to register your device) We will also set up a little protection to make sure no updates are snuck in under your nose

On your kindle create a new directory called: "update.bin.tmp.partial"



This directory will confuse silly Amazon and stop them from uploading any software

Congratulations! You are now Jailbroken!
At this point you can remove the USB Serial Connector & put your Kindle back together
Or you can leave it until you have installed some tools to confirm everything is working right

[grant2]

Part 5: Install some goodies

We will put some basics onto your kindle now that it's been uncaged

1. Install KUAL

KUAL provides a GUI to manage other programs on your kindle

Copy the "azw2" file from the KUAL zip to the "Documents" directory of your kindle



Eject the kindle from your computer
"Restart" your kindle from the screen menu

When your kindle is restarted, you will see the "Kindle Launcher" is now available



2. Install KUAL Helper

This helps KUAL be better than ever. (I think it lets your goodies appear in the KUAL menus)

Connect your kindle to your computer
Copy the "Helper" directory from the KUAL Helper zip into the "Extensions" directory on your kindle



Eject the kindle from your computer
"Restart" your kindle from the screen menu

Hint: I am not certain that ejecting & restarting the kindle is necessary, but I do it anyways

3. Install KUAL MRInstaller

This is an add-on for KUAL that allows add-on packages to be installed very easily. I think it needs KUAL helper which is why we are doing it 3rd

Copy the 2 directories from the MRInstaller zip to the root of your kindle.

This means a new directory called "MRInstaller" will be created inside extensions, and another directory called "mrpackages" will be created in the root"



4. Install Screensaver hack

This will let you change which screensavers appear when your kindle is sleeping. Perfect to show your spouse, children, pets, or cars that they super special to you!

Copy the .bin file from the Screensaver Hack .ZIP to the "mrpackages" directory on your kindle



Eject the kindle & unplug it

Open the "Kindle Launcher" (KUAL) book on your kindle
Select "Helper+" menu option



Select "Install MR Packages" menu option



The MR Installer program will do some stuff and will tell you when it's done

Reconnect the Kindle to your computer
Upload the pictures you want to be your screensavers into the "\linkss\screensavers" directory on your kindle



Hint: On the Paperwhite 2, the pictures should be '.png' format, 758x1024 size, in greyscale

Hint: You can use a website like resize.it to convert your pictures to the best kindle format.

Hint: You can upload any filenames you want, but the hack will automatically rename your pictures when you reboot.

Eject and restart your kindle
When your kindle restarts, press the power button to activate your screensaver

Congratulations! You used a hack only available to jailbroken kindles!

[grant2]

Part 6: Credits

These threads helped me a lot:

noismaster - https://www.mobileread.com/forums/sho....php?p=3137590
raz572 - https://www.mobileread.com/forums/sho...d.php?t=257646
volkaoth - https://www.mobileread.com/forums/showpost.php?p=3029470
dennish - https://www.mobileread.com/forums/sho...d.php?t=267474
hondamarlboro - https://www.mobileread.com/forums/sho...d.php?t=247480

Special thanks to these users for giving so much advice & support in these forums:

KNC1, NiLuJe, twobob, and all the other developers who write awesome tools for us to use.

[rogerinnyc]

What a great and clear tutorial! Thank you so much -- it tempts me to get a Kindle Voyage and give it a go. One piece of clarification -- in the "edit password" section, I presume those are 3 separate commands to run in sequence? And are there some spaces in the entries? -- it's a bit hard to tell.

But amazing job (I'm assuming it works!)

[grant2]

roger, i've updated that section to use "code" tags so they're clear. Thanks for the questions!

[NiLuJe]

As I mentioned in DennisH's thread, you can use KindleTool for the password, and the latest JB from the snapshots should behave properly from diags.

[knc1]

That is a lot of work there.
(And I thought I wrote long posts.)

It should probably get an entry in the "Master Index".

Also, perhaps one of our moderators will sticky this one in place of the one that is already there.

[eschwartz]

knc1 -- we have several serial jailbreak guides now, so it's difficult to choose which one should be stickied. Haven't really been keeping up...

...This one looks pretty good, I think I'll swap them out.


@grant2 -- your serial number (first post, first image) doesn't look hidden to me...
Also, nice job!

[kdalloway]

Thank you for sharing，but it is too difficult for me

[XXCoder]

Awesome guide!

[knc1]

Quote:

Originally Posted by eschwartz

knc1 -- we have several serial jailbreak guides now, so it's difficult to choose which one should be stickied. Haven't really been keeping up...

...This one looks pretty good, I think I'll swap them out.
- - - -

So many that we probably need a sub-section of the serial port information indexed in the Master Index.

I am not sure when I'll be able to find the time myself - -
So if anyone wants to beat me to it ...
(its a wiki, anyone can edit it)

[jscris]

This is wonderful! Can we assume it will work the same for a Voyage with 5.6.5?