Thanks to Yifan Lu, it's been discovered that the operating system running on the Kindle Touch is written mostly in HTML5 and JavaScript, unlike the previous models which used Java. This is exciting, because when a device is hacked or rooted, that means homebrew programs can be run on the device, maximizing its potential and getting the most for your money.
The HTML5 code is where the security hole that Yifan exploited was. Yifan modified an mp3 file with his hack buried in the ID3 tags. Inside the tags, it exploited a bit of code that didn't terminate a tag properly, thus allowing code injection. The Kindle displays the tag information while playing the mp3, so it also executes the malicious code in the tag. Boom, device rooted.
This hack is quite simple. All it does is install a key to root the device. I'm not quite sure how Yifan got the key, though.
Requirements
- Kindle Touch
- The will to void your Kindle's warranty
Step 1: Download and Drop the MP3 File
- Download the .mp3 with the exploit here.
- Connect your Kindle Touch to your computer.
- Copy the .mp3 over to the music folder on your device.
Step 2: Run the Exploit
- Start up your Kindle device.
- Enable the experimental menu, and play the mp3 with it.
- Wait for the device to be rooted.
That's it. Wait for some cool exploits to come out, and Null Byte will gladly show you how to teach your Kindle Touch some new kung-fu.
Comments
No Comments Exist
Be the first, drop a comment!