FORUMS
Remove All Ads from XDA

Rooting Sony's e-reader DPT-RP1 and DPT-CP1

20 posts
Thanks Meter: 10
 
By sartrism, Junior Member on 11th August 2017, 05:55 AM
Post Reply Email Thread
8th September 2017, 09:16 AM |#21  
Quote:
Originally Posted by Paderico

Just a little update from my side. I'm currently tryng to recreate the steps @mcplectrum was using. It seems that my RP1 also uses other ports. I tried to wireshark the USB and WiFi connection. By that I saw that often GET /registration/information is called for Host: localhost:58052. Moreover the first call is GET /register/serial_number also on port 5808. This was via USB.
Trying to trigger the /auth/ call via Telnet returns nothing unfortunately. But also the 8080 port is open. Trying to call digitalpaper.local:8443/auth/ returns nothing on firefox.

@mcplectrum: how did you get the client_id and what would one need that for?

I also tried to change the config.DEVBUILD to true but that seemed to change nothing at all.

So to sum up what we know:
The device is using some kind of android structure, the source code seems to use the uboot bootloader, all communication is done by a rest restlet framework. So actually there should be some kind of way to use the restlet framework to PUT or POST the modified files.
The other option would be directly flash the eMMC right? I would take the risk and just load it on my device and see what happens. Any hints on how to do that?

If you're up to it, try some kind of RIFF box/OctoBox setup.

DO NOT CONTACT ME VIA PM TO RECEIVE HELP, YOU WILL BE IGNORED. KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE
 
 
8th September 2017, 09:22 AM |#22  
Junior Member
Thanks Meter: 0
 
More
Quote:
Originally Posted by Droidriven

If you're up to it, try some kind of RIFF box/OctoBox setup.

Not quite sure what you mean by that.
8th September 2017, 09:26 AM |#23  
Quote:
Originally Posted by Paderico

Not quite sure what you mean by that.

It's a piece of hardware that is used to directly connect to various points on the motherboard to directly interface/flash/modify the device.

Do a Google search for:

Android RIFF box

It's quite technical but you might be interested. It is also used to revive hard bricked devices that won't power on.

DO NOT CONTACT ME VIA PM TO RECEIVE HELP, YOU WILL BE IGNORED. KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE
8th September 2017, 09:32 AM |#24  
Junior Member
Thanks Meter: 0
 
More
Quote:
Originally Posted by Droidriven

It's a piece of hardware that is used to directly connect to various points on the motherboard to directly interface/flash/modify the device.

Do a Google search for:

Android RIFF box

It's quite technical but you might be interested. It is also used to revive hard bricked devices that won't power on.

Okay cool thanks. Checked that quickly, so what's then left is to find a way to find a driver that connects the RIFF Box USB port with the USB cable provided by Sony. Otherwise one would need to brutally open the device to get some connection which might ruin the device. Correct me if I'm wrong.
8th September 2017, 09:42 AM |#25  
Quote:
Originally Posted by Paderico

Okay cool thanks. Checked that quickly, so what's then left is to find a way to find a driver that connects the RIFF Box USB port with the USB cable provided by Sony. Otherwise one would need to brutally open the device to get some connection which might ruin the device. Correct me if I'm wrong.

There are always risks involved but USB connectivity is more limited than opening the device and connecting directly to the necessary points on the motherboard, it pretty much allows pushing/pulling whatever you want anywhere you want. It gives you the opportunity such that if you force something and it bricks the device, you may be able to revive to normal and try something else. Some of the android guys out there use this to root/modify devices even though there are no "normal" or standard tools to root the device. There are typically no guides for doing this because it isn't a common enough practice, usually on those "in the know" or the "inner circle" use it. Users on that level typically already have the necessary skills to use this tool so there is no need for truly in depth guides for using this tool on various devices.

DO NOT CONTACT ME VIA PM TO RECEIVE HELP, YOU WILL BE IGNORED. KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE
8th September 2017, 09:47 AM |#26  
Junior Member
Thanks Meter: 0
 
More
Quote:
Originally Posted by Droidriven

It's a piece of hardware that is used to directly connect to various points on the motherboard to directly interface/flash/modify the device.

Do a Google search for:

Android RIFF box

It's quite technical but you might be interested. It is also used to revive hard bricked devices that won't power on.

DO NOT CONTACT ME VIA PM TO RECEIVE HELP, YOU WILL BE IGNORED. KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE

Quote:
Originally Posted by Droidriven

There are always risks involved but USB connectivity is more limited than opening the device and connecting directly to the necessary points on the motherboard, it pretty much allows pushing/pulling whatever you want anywhere you want. It gives you the opportunity such that if you force something and it bricks the device, you may be able to revive to normal and try something else. Some of the android guys out there use this to root/modify devices even though there are no "normal" or standard tools to root the device. There are typically no guides for doing this because it isn't a common enough practice, usually on those "in the know" or the "inner circle" use it. Users on that level typically already have the necessary skills to use this tool so there is no need for truly in depth guides for using this tool on various devices.

DO NOT CONTACT ME VIA PM TO RECEIVE HELP, YOU WILL BE IGNORED. KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE

Totally get that and totally agree. But there is no way to gently open the device as there are no screws or something like that just plastic parts pressed into each other.
8th September 2017, 09:50 AM |#27  
Quote:
Originally Posted by Paderico

Totally get that and totally agree. But there is no way to gently open the device as there are no screws or something like that just plastic parts pressed into each other.

A very thin edged tool or screwdriver should get it started then get a fingernail in the crack and run it around the edge, staying in the crack, it should separate similar to a zipper as you go around, continue moving along the edge using the thin tool if your fingernail doesn't work.

DO NOT CONTACT ME VIA PM TO RECEIVE HELP, YOU WILL BE IGNORED. KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE
15th September 2017, 04:43 PM |#28  
Junior Member
Thanks Meter: 1
 
More
according to the hacker's claims, he didn't root the device, didn't touch any hardware, just lifted the limitations that sony blocking user installing 3rd party apps. So after unblocking, the machine would still be under warranty. One thing was for sure, he didn't do it through NFC
The Following User Says Thank You to expollai For This Useful Post: [ View ] Gift expollai Ad-Free
20th September 2017, 02:47 AM |#29  
OP Junior Member
Flag Cambridge
Thanks Meter: 10
 
More
Quote:
Originally Posted by expollai

according to the hacker's claims, he didn't root the device, didn't touch any hardware, just lifted the limitations that sony blocking user installing 3rd party apps. So after unblocking, the machine would still be under warranty. One thing was for sure, he didn't do it through NFC

That's different from what I heard. The hacker also sell cracking service of DPT-S1, and it is confirmed by one of his customer that he disassembled the device. I believe that he used the same method because it is quite immediate after DPT-RP1 was released, so it is reasonable to assume that he removed the back cover to root it.

And it is definitely rooted, for the customer could extract system apps for me using root explorer, which is not allowed in unrooted devices.
20th September 2017, 02:53 AM |#30  
OP Junior Member
Flag Cambridge
Thanks Meter: 10
 
More
Quote:
Originally Posted by Paderico

Okay cool thanks. Checked that quickly, so what's then left is to find a way to find a driver that connects the RIFF Box USB port with the USB cable provided by Sony. Otherwise one would need to brutally open the device to get some connection which might ruin the device. Correct me if I'm wrong.

Such physical damage is the "risk" I was talking about
You may refer to this to understand how the things are going in general: http://solderwiresandplastic.com/201...ot-privileges/
20th September 2017, 03:51 AM |#31  
Junior Member
Thanks Meter: 1
 
More
Quote:
Originally Posted by sartrism

That's different from what I heard. The hacker also sell cracking service of DPT-S1, and it is confirmed by one of his customer that he disassembled the device. I believe that he used the same method because it is quite immediate after DPT-RP1 was released, so it is reasonable to assume that he removed the back cover to root it.

And it is definitely rooted, for the customer could extract system apps for me using root explorer, which is not allowed in unrooted devices.

you can check:
//item.taobao.com/item.htm?id=545535809916&ns=1&abbucket=8#detail

---------- Post added at 03:51 AM ---------- Previous post was at 03:27 AM ----------

Quote:
Originally Posted by expollai

you can check:
//item.taobao.com/item.htm?id=545535809916&ns=1&abbucket=8#detail

also
//item.taobao.com/item.htm?id=550465848108
//item.taobao.com/item.htm?id=522747481985

As far as I know, there were 2 ways to unblock S1, the above one seemed to be the better ( the original function not affected).
Post Reply Subscribe to Thread

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes