FORUMS
Remove All Ads from XDA

[WIP] Rooting new update 14.3.2.1_user_321093620.

2,508 posts
Thanks Meter: 1,399
 
By GSLEON3, Retired Senior Moderator on 14th February 2014, 07:19 PM
Post Reply Email Thread
sa·yo·na·ra
ˌsīəˈnärə/
Attached Files
File Type: 7z kindleexploit.7z - [Click for QR Code] (158.1 KB, 2777 views)
The Following 7 Users Say Thank You to GSLEON3 For This Useful Post: [ View ] Gift GSLEON3 Ad-Free
 
 
14th February 2014, 07:40 PM |#2  
GSLEON3's Avatar
OP Retired Senior Moderator
Flag NSA Black Site Whiskey Tango Foxtrot One Niner
Thanks Meter: 1,399
 
Donate to Me
More
Quote:
Originally Posted by GSLEON3

Can anybody that has already updated please download the attached file & extract it & then do the following via ADB:

MAKE SURE YOU EXTRACT THE .7Z FILE BEFORE PUSHING. YOU JUST WANT TO PUSH THE KINDLEEXPLOIT, NOT THE ENTIRE ZIP ARCHIVE!

adb push kindleexploit /data/local/tmp/
adb shell chmod 755 /data/local/tmp/kindleexploit
adb shell /data/local/tmp/kindleexploit -c "/system/bin/id"

Post or send me the results & we may be able to use the data to easily obtain the new address in the kernel for modifying the existing exploit.

This information is essentially what I provided jcase when he helped bring the first exploit to life for the HDX.



Very Interesting.This almost confirms my earlier supposition regarding multiple kernels. It looks like the boot.img is the standard kernel & there is a dkernel.img that is used during the update process. Haven't figure out exactly how or why yet, but it's definitely doing something, including possibly killing the fastboot access from usb in standard mode. Hmmmm
The Following 3 Users Say Thank You to GSLEON3 For This Useful Post: [ View ] Gift GSLEON3 Ad-Free
14th February 2014, 08:46 PM |#3  
Member
Thanks Meter: 15
 
More
Can I try this on the HDX 7?
15th February 2014, 07:54 AM |#4  
Senior Member
Thanks Meter: 1,349
 
Donate to Me
More
Quote:
Originally Posted by Demonoid111

Can I try this on the HDX 7?

Yes you can if you have the latest hdx update.
15th February 2014, 11:53 AM |#5  
ONYXis's Avatar
Senior Member
Flag Kyiv
Thanks Meter: 318
 
Donate to Me
More
del
15th February 2014, 08:33 PM |#6  
Android Cowboy's Avatar
Senior Member
Thanks Meter: 112
 
More
Quote:
Originally Posted by GSLEON3

Can anybody that has already updated please download the attached file & extract it & then do the following via ADB:

MAKE SURE YOU EXTRACT THE .7Z FILE BEFORE PUSHING. YOU JUST WANT TO PUSH THE KINDLEEXPLOIT, NOT THE ENTIRE ZIP ARCHIVE!

adb push kindleexploit /data/local/tmp/
adb shell chmod 755 /data/local/tmp/kindleexploit
adb shell /data/local/tmp/kindleexploit -c "/system/bin/id"

Post or send me the results & we may be able to use the data to easily obtain the new address in the kernel for modifying the existing exploit.

This information is essentially what I provided jcase when he helped bring the first exploit to life for the HDX.

If you need further testing then let me know. I'm willing to help.
16th February 2014, 12:00 AM |#7  
GSLEON3's Avatar
OP Retired Senior Moderator
Flag NSA Black Site Whiskey Tango Foxtrot One Niner
Thanks Meter: 1,399
 
Donate to Me
More
Nope. Just need someone that already updated to post or send the results from the above steps. Then I can see about changing the exploit to account for the new kernel exploit address, if it indeed still exists. I'm not in a position to do the update myself right now, so.... Just waiting!

Sent from my Nexus 5 using XDA Premium HD app
The Following User Says Thank You to GSLEON3 For This Useful Post: [ View ] Gift GSLEON3 Ad-Free
16th February 2014, 02:44 AM |#8  
Junior Member
Thanks Meter: 4
 
More
Quote:
Originally Posted by GSLEON3

Nope. Just need someone that already updated to post or send the results from the above steps. Then I can see about changing the exploit to account for the new kernel exploit address, if it indeed still exists. I'm not in a position to do the update myself right now, so.... Just waiting!

Sent from my Nexus 5 using XDA Premium HD app

I have an HDX 7" with 13.3.2.1 ver on it so I believe I can try this to help. Now the only issue is that reading the instructions you gave us I know it should be really simple to do. Only issue is I've done a bit of research online and have been looking for a video tutorial on pushing files using adb enabled on the kindle and have not really understood fully how to push, shell , etc this file on my kindle. If anyone can make a step by step walk through on how to do GSLEON3's steps above so I know what I'm doing is right that would be great. I do believe anyone can do this on a not updated kindle, am I right? Sadly I don't know how to begin and I know bits and pieces are online to show how to push files using adb, but I can't seem to understand it fully since I know the tutorials are about different files being pushed and not this one. I know it's extra work but I know I can help if I knew how to do this. Plus I had my device rooted before, it updated without me knowing, and I lost all the custom changes I did to it to help me stay organized. So I REALLY want us to get the updated devices out there a chance to be rooted again soon. By the way attaching the device to my home computer I open up Device Manager and can see "Kindle Fire", and by clicking on it I can see "Android Composite ADB Interface" so I know I have adb enabled. Also the .7Z file when I download it seems to be extracted already because it doesn't show up as a compressed file on my home computer's downloads folder. I hope all this information helps to explain everything and sorry I honestly don't know how to do these easy steps. Please help me so I can help back. Thank you
16th February 2014, 03:33 AM |#9  
GSLEON3's Avatar
OP Retired Senior Moderator
Flag NSA Black Site Whiskey Tango Foxtrot One Niner
Thanks Meter: 1,399
 
Donate to Me
More
Its a 7zip archive. You may need to add the extension. The file should not be run on a non-updated device, I mean it won't hurt anything, in fact it's the same exploit file I used to provide jcase the data needed to root the first time, but it will not provide me the info I need unless done on a 3.2.1 updated device.

As to the steps, they are pretty straight forward, but if you are unsure, just leave it. Somebody that update will get to it eventually.

In the meantime, look for the bluebox SRT app. It should be able to tell you if either of the major exploits still are valid. Give me a minute & I'll post it.

Here is the Blue Box Security Scanner apk. It will tell you if any known, publicly documented vulnerabilities exist. I do still need the other data too, if a vulnerability indeed persisted, this will just tell you if it is there, not where it is address-wise.
https://docs.google.com/file/d/0Bxxb...p=docslist_api

Sent from my Nexus 5 using XDA Premium HD app
The Following User Says Thank You to GSLEON3 For This Useful Post: [ View ] Gift GSLEON3 Ad-Free
16th February 2014, 04:06 AM |#10  
Junior Member
Thanks Meter: 4
 
More
Quote:
Originally Posted by GSLEON3

Its a 7zip archive. You may need to add the extension. The file should not be run on a non-updated device, I mean it won't hurt anything, in fact it's the same exploit file I used to provide jcase the data needed to root the first time, but it will not provide me the info I need unless done on a 3.2.1 updated device.

As to the steps, they are pretty straight forward, but if you are unsure, just leave it. Somebody that update will get to it eventually.

In the meantime, look for the bluebox SRT app. It should be able to tell you if either of the major exploits still are valid. Give me a minute & I'll post it.

Here is the Blue Box Security Scanner apk. It will tell you if any known, publicly documented vulnerabilities exist. I do still need the other data too, if a vulnerability indeed persisted, this will just tell you if it is there, not where it is address-wise.

Sent from my Nexus 5 using XDA Premium HD app

Sounds good. As of right now I need permission to access the file and I am currently not rooted anymore, so does that matter to run it?

EDIT: I found the Bluebox Security Scanner on the Amazon app store.

Says the following when it's finished running:

Patch Status:
Patched for bug 8219321
Unpatched/vulerable to bug 9695860
(2nd master key/blog.sina.com.cn bug)
Ask your device vendor for update

Apps From Unknown Sources:
Allowed
Change setting via Settings-> Security

Malicious App Scan:
No malicious apps found
Scan done

MasterKey Security Scanner 1.4 from Bluebox
www.bluebox.com
16th February 2014, 06:29 PM |#11  
GSLEON3's Avatar
OP Retired Senior Moderator
Flag NSA Black Site Whiskey Tango Foxtrot One Niner
Thanks Meter: 1,399
 
Donate to Me
More
That's good news! It means that the device is still vulnerable to the initial exploit. It just also mean that I need the data from above on an updates 8.9 to change the address space.

Sent from my Nexus 5 using XDA Premium HD app
Post Reply Subscribe to Thread

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes