K4 sync reverse engineering
#1  xifer 10-15-2020, 01:01 AM
I imagine this has been tried long ago, but has anyone been able to reverse engineer the sync protocol built into the kindle 4?

Off the top of my head a man-in-the-middle "attack" seems doable involving mitmproxy and changing /etc/hosts (or via DNS) and replacing ssl/tls keys in /etc/ssl/certs/ca-certificates.crt and /usr/lib/java/cacerts.

Doesn't seem too involved with ssh access to the kindle... Does anyone know if this been done before or are there additional protections that prevent reverse engineering this?

#2  NiLuJe 10-15-2020, 08:06 AM
I vaguely recall some experiments on that front back in the K4/K5 days... You might want to try a GitHub search.

But I honestly don't remember how far it got, and if it's still applicable.

#3  xifer 10-16-2020, 02:22 AM
Good call on the GitHub search, certainly weeded out all the search results. Still took a little while to find but Kindle Store Proxy might do what I'm looking for.


#4  NiLuJe 10-16-2020, 11:03 AM
That indeed looks like the very thing I vaguely remembered .

Today's Posts | Search this Thread | Login | Register