Kindle/Root Kindle Paperwhite PW3

From Wiki

Kindle Paperwhite 3 (2015) Wifi

  • SN: G090 G1xx xxxx xxxx
  • Original Firmware: 5.9.2.0.1 (3262860017)
  • generate root pw with python (for my kindle root / fionaXXX)
import hashlib
print("fiona%s"%hashlib.md5("<your kindle serial number with no spaces and all capital letters>\n".encode('utf-8')).hexdigest()[13:16])
  • Serial port
    • connect kindle serial port to computer (1.8V, 115200 Baud)
    • reboot through gui
    • interrupt boot at uboot by pressing key
    • bootm 0xE41000
    • EXIT LOGIN
    • login using above credentials
    • disable root password:
mkdir /tmp/main
mount /dev/mmcblk0p1 /tmp/main
vi /tmp/main/etc/passwd     # remove "x" in first line to disable pw
  • reboot
  • login with "root" without password
  • set password and enable password again:
mntroot rw
passwd                  # to set root password
vi /etc/passwd          # add "x" where it was previously removed


  • SSH
    • copy usbnet via usb port
mkdir -p /usr/local/bin
ln -s /mnt/us/usbnet/sbin/sshd /usr/sbin/sshd
ln -s /mnt/us/usbnet/bin/dropbearmulti /usr/local/bin/dropbear
  • /etc/upstart/sshd.conf
# ssh server for login
# needs to stop before localfs, will do by hand

#start on started system
#stop on (stopping system or ota-update)

start on framework_ready
stop on stopping system


export LANG LC_ALL
env LIBC_FATAL_STDERR_=1
env STDERR=/tmp/sshd.err

respawn

expect fork
#exec /usr/local/sbin/dropbear -r /usr/local/etc/dropbear/dropbear_rsa_host_key 2>> $STDERR
exec /usr/sbin/sshd

post-start script
    iptables -A INPUT -p tcp --dport 22 -j ACCEPT
end script

post-stop script
    source /etc/upstart/functions
    libc_scan
end script
Retrieved from "https://wiki.marcluerssen.de/index.php?title=Kindle/Root_Kindle_Paperwhite_PW3&oldid=1555"