Mobileread
Tutorial Popcorn - Hardware Jailbreak for KV, KT2, PW2 and PW3 (no serial port, no soldering)
#1  katadelos 03-12-2022, 12:50 PM
I f*&$ing HATE having to solder to the serial port or doing the needle trick when jailbreaking an older device running a firmware version that isn't compatible with KindleBreak. To reduce the risk of me having a stroke and/or suffering a needless and undignified demise, I created a jailbreak that is less frustrating to carry out.

This method will eventually work on KT3 once I work out a couple of snags on the U-Boot side of things (mainly due to the boot process being slightly different on that device).

Prerequisites:
How do I use this?
To use this jailbreak, you will need to open up your device, attach your device to your host PC using a USB cable and activate SDP mode. There's a number of ways that you can do this, with some being easier than others.

Without removing PCB (KT2, PW2, PW3 only)
After removing PCB
If you have done this correctly, you will see something similar to this when running dmesg on the host PC:
Code
[ 2470.327595] usb 1-13: new high-speed USB device number 7 using xhci_hcd
[ 2470.476311] usb 1-13: New USB device found, idVendor=15a2, idProduct=0063, bcdDevice= 0.01
[ 2470.476319] usb 1-13: New USB device strings: Mfr=1, Product=2, SerialNumber=0
[ 2470.476324] usb 1-13: Product: SE Blank MEGREZ
[ 2470.476327] usb 1-13: Manufacturer: Freescale SemiConductor Inc
[ 2470.478445] hid-generic 0003:15A2:0063.0008: hiddev1,hidraw4: USB HID v1.10 Device [Freescale SemiConductor Inc SE Blank MEGREZ] on usb-0000:00:14.0-13/input0
To run the jailbreak, extract the jailbreak archive to a convenient location on your host PC, open a terminal and run the following command:
Code
sudo imx_usb -c imx_usb_loader/wario
Once the jailbreak has finished running, your device will reboot. When the device has rebooted, you'll be able to install the hotfix as usual.
[gz] popcorn-jailbreak-v1.tar.gz (3.63 MB, 160 views)
Reply 

#2  darkassassinua 03-13-2022, 03:25 AM
intresting,but we all waiting pw5 jailbreak xd
Reply 

#3  encol 03-13-2022, 06:28 AM
Very interesting!
Thanks for your work!
Reply 

#4  irreld 03-13-2022, 06:38 AM
Cool. I assume this can also be used for rescuing?
Reply 

#5  katadelos 03-13-2022, 06:56 AM
Quote darkassassinua
intresting,but we all waiting pw5 jailbreak xd


Quote irreld
Cool. I assume this can also be used for rescuing?
You can use SDP for rescuing/reimaging devices if you build the right functionality into the initramfs, the only annoying thing is that this trick only works up until KT3 (thanks, secure boot ).
Reply 

#6  adwait8 03-14-2022, 09:31 AM
Sorry for being completely out of topic but is there any eta on your pw5 jailbreak?
Reply 

#7  ajs256 03-14-2022, 05:33 PM
The imx_usb command you posted doesn't seem to work. When I run it, it just says "imx_usb.conf not found". I'm not familiar with this tool, so I'm not sure how to fix this on my own.
Reply 

#8  katadelos 03-14-2022, 06:28 PM
Quote adwait8
Sorry for being completely out of topic but is there any eta on your pw5 jailbreak?
It's difficult to say - hopefully before Summer 2022.

Quote ajs256
The imx_usb command you posted doesn't seem to work. When I run it, it just says "imx_usb.conf not found". I'm not familiar with this tool, so I'm not sure how to fix this on my own.
Run these commands and post the entire output from both of them:
Code
ls -l
sudo imx_usb -c imx_usb_loader/wario
It sounds like it might be a path related thing?
Reply 

#9  ajs256 03-14-2022, 07:03 PM
Quote katadelos

Run these commands and post the entire output from both of them:
Code
ls -l
sudo imx_usb -c imx_usb_loader/wario
It sounds like it might be a path related thing?
Code
pi@octopi:~ $ sudo imx_usb -c imx_usb_loader/wario
imx_usb.conf not found
pi@octopi:~ $ ls -l
total 3748
drwxr-xr-x 3 pi pi 4096 Mar 12 16:42 imx_usb_loader
---SNIPPED---
-rw-r--r-- 1 pi pi 3808809 Mar 12 17:44 popcorn.tar.xz
---SNIPPED---
pi@octopi:~ $ sudo imx_usb -c imx_usb_loader/wario
[sudo] password for pi:
imx_usb.conf not found
pi@octopi:~ $
I think the flags to the command are wrong in some way...the `-c` flag specifies where to find the config file.
Reply 

#10  ajs256 03-14-2022, 07:42 PM
Do I flash `uboot.bin` or `uImage-popcorn-wario`?
Reply 

  Next »  Last »  (1/4)
Today's Posts | Search this Thread | Login | Register