Kindle4NTHacking

Hacking on the Amazon Kindle 4 Non-Touch model.

[edit] K4 index

Index of the K4 category threads, posts and off-site resources.
K4 index

[edit] Jailbreak

The jailbreak itself does not yet allow you to do much. In fact, it only installs an additional "developer" key on the device, allowing for the installation of additional packages via the Kindle's own update mechanism.

This method works on Kindle 4 version 4.0.0 through 4.1.0.

Carefully read all of the instructions below, and follow them only after you have read everything and are sure what to do.

Kindle in Diagnostics Mode.

• Download and unzip the jailbreak.

1. Plug in the Kindle and copy data.tar.gz and ENABLE_DIAGS to the Kindle's USB drive's root
2. Safely remove the USB cable and restart the Kindle (Menu -> Settings -> Menu -> Restart)
3. Once the device restarts into diagnostics mode, select "D) Exit, Reboot or Disable Diags" (using the 5-way keypad)
4. Select "R) Reboot System" and "Q) To continue"
5. Wait about 20 seconds: you should see the Jailbreak screen for a while, and the device should then restart normally
6. After the Kindle restarts, you should see a new book titled "You are Jailbroken", if you see this, the jailbreak has been successful.

[edit] SSH?

What's next? Well, check the Index for misc stuff (custom screen savers? fonts?), but for more fun stuff, you'll want to gain SSH access to this thing. You have two possibilities, one of them depending on the age of your device:

If you have a silver Kindle (the one that came out in fall 2011), there's a good chance the SSH server installed on the diags partition is still working:

1. Jot down your Kindle S/N (from the Settings menu).
2. Plug in the Kindle and create a blank file named ENABLE_DIAGS in the Kindle's USB drive's root
3. Safely remove the USB cable and restart the Kindle (Menu -> Settings -> Menu -> Restart). It should reboot in diagnostics mode.
4. Plug in the USB cable and go to usb networking: Misc individual diagnostics -> Utilities -> Enable USBnet -> Exit. This will enable network access to your Kindle via USB.
   • For Windows users: You'll probably need to install a specific driver, if Windows fail to autodetect everything. This .inf file should do the job (except on Windows XP, see the next paragraph).
   • For Windows XP only: In your PC a new device will appear: "RNDIS\Ethernet card", with VID_0525 & PID_A4A2. The driver for this device can be found here, with its accompanying .inf file.
   • For Mac OS: Navigate to your network settings (System Preferences -> Network). Select "RNDIS/Ethernet Gadget" from the left side panel. Choose ‘manual’ from the IPv4 drop-down menu.
5. Setup your new network interface: IP 192.168.15.201 Subnet 255.255.255.0 (ifconfig usb0 192.168.15.201 on Linux).
6. Connect to root@192.168.15.244 using your favorite SSH client (Mac OS users can use Terminal, type ssh root@192.168.15.244). If you unbricked your Kindle with an image from one of our debricking threads, chances are the password will be mario.
7. If it isn't, you have a few choices: with your S/N in hand,
   • use the online password calculator to find out your password,
   • use the info command from KindleTool to get the password, or
   • login as framework (this time the password *will* be mario), and export the /etc/shadow file to run it through a cracking tool like John the ripper.
8. And you're in :)
9. When you done, press Right a few times and go to 'Exit, Reboot or Disable Diags' -> 'Disable Diagnostics'

If you don't (SSH on diags is disabled on newer devices, like all Black Kindles from fall 2012), or if you prefer to have an SSH access from the main system (along with a few other nifty features, like SSH over WiFi), install the USBNet hack.

[edit] Debricking / Un-demoing / Flashing firmware

The recommended tool for debricking and un-demoing Kindle 4 is a Linux LiveCD/LiveUSB called Kubrick.

For other possibilities and information take a look into the "Simple debricking..." thread.