No soy especialista (ni tan siquiera muy aficionado) en este tipo de ‘juegos’ pero me gusta verlos, guardarlos y recordarlos para ver como las empresas de primer nivel tienen verdaderos problemas para lanzar productos que puedan resistir los ataques que pueden aparecer. Por eso recomiendo leer: Kindle Touch (5.0) Jailbreak/Root and SSH donde se cuentan los detalles para el aparato de Amazon.
Once we have the root image, it was only a matter of painstakingly looking through all the files to see possible injection vectors.
(casi) Siempre hay más de una forma:
I found the bootloader was unlocked but it would be a pain and danger for users (and even developers) to flash custom kernels and such. I also found that the Java code (the Kindle’s entire GUI is written in Java) is NOT obfuscated (which means it would be easier to reverse and later modify) and Amazon has left in many places to place plugins.
Se descubren cosas, y cambios:
However, I didn’t have to look though much before I found a curious function: nativeBridge.dbgCmd();. It seems too good to be true. This function takes any shell command, and runs it (as root). Yup.
¿La forma de hacerlo?