Sunday, January 23, 2011

Getting Kobo update URLs

This article is part of an extended series on Kobo development and investigation

Whenever the Kobo eReader connects to wifi, it sends a HTTP/XML request to the Kobo severs with some details about the device, including the current firmware version. The server sends a HTTP/XML response containing various URLs for the Kobo store, etc.

If the firmware version sent by the Kobo isn't the same as the current Kobo firmware, the server also includes the URL for a software update in the HTTP/XML post.

This is apparently only an incremental patch on the main firmware, not a full firmware download, so I still need a full firmware image and will have to extract the MicroSD card from the hardware to get it.

The 1.7.4 update

The URL for the 1.7.4 update is: http://download.kobobooks.com/firmwa...rade-1.7.4.zip

Examination of it tells us some useful things that help open the hardware up some more. See the next post.

How to get the current firmware URL from the server

You can find out the update URL by capturing the wifi traffic of a Kobo with an older firmware when it connects to the network. Use wireshark with the capturing machine's wifi card in monitor mode, or capture the traffic at the router. If you capture off wifi, you'll need to enable 802.11 decryption in Wireshark's protocols->802.11 preferences and enter the key of your network.

In your network capture, look for a request like:

POST /MobileRequest.ashx HTTP/1.1

and in the HTTP/XML response to it you'll find something like:

<UpdateURL>http://download.kobobooks.com/firmwares/kobo2/kobo2-upgrade-1.7.4.zip</UpdateURL>

If you don't have a Kobo with an old firmware, you can achieve the same effect by recording the POST request from an up-to-date Kobo, saving it, modifying it so that <ApplicationVersion>1.7.4</ApplicationVersion> instead reads (eg) <ApplicationVersion>1.6.0</ApplicationVersion>. Because changing the length of the request will corrupt it, you're best off using `sed' to do it. Eg:

sed -e '/^Accept-Encoding/d' -e 's/1.7.4/1.6.0/g' request.txt > request-mod.txt
nc mobile.kobobooks.com < request-mod2.txt > response-mod2.txt

The command deletes the request header that asks the server to gzip the response (for easier reading) and changes the version the "Kobo" announces its self to be running when it connects to the server.

(post series)

2 comments:

  1. I'm trying to download the Kobo WiFi firmware version 1.9 - could you provide the URL? My Kobo just doesn't seem to want to automatically update and is stuck on 1.7.4 Thanks

    ReplyDelete
  2. Kobo 1.9 hasn't been released to the public servers yet. If it had - so that this method would work - then your Kobo would automatically download it anyway.

    The 1.9 firmware is only in beta at the moment. I haven't been given the OK by the Kobo guys to distribute the download URL, so you'll have to ask them for it or wait for the final release.

    ReplyDelete

Captchas suck. Bots suck more. Sorry.