This article is part of an extended series on Kobo development and investigation
Whenever the Kobo eReader connects to wifi, it sends a HTTP/XML request to the Kobo severs with some details about the device, including the current firmware version. The server sends a HTTP/XML response containing various URLs for the Kobo store, etc.
If the firmware version sent by the Kobo isn't the same as the current Kobo firmware, the server also includes the URL for a software update in the HTTP/XML post.
This is apparently only an incremental patch on the main firmware, not a full firmware download, so I still need a full firmware image and will have to extract the MicroSD card from the hardware to get it.
The 1.7.4 updateThe URL for the 1.7.4 update is: http://download.kobobooks.com/firmwa...rade-1.7.4.zip
Examination of it tells us some useful things that help open the hardware up some more. See the next post.
How to get the current firmware URL from the server
You can find out the update URL by capturing the wifi traffic of a Kobo with an older firmware when it connects to the network. Use wireshark with the capturing machine's wifi card in monitor mode, or capture the traffic at the router. If you capture off wifi, you'll need to enable 802.11 decryption in Wireshark's protocols->802.11 preferences and enter the key of your network.
In your network capture, look for a request like:
POST /MobileRequest.ashx HTTP/1.1
and in the HTTP/XML response to it you'll find something like:
If you don't have a Kobo with an old firmware, you can achieve the same effect by recording the POST request from an up-to-date Kobo, saving it, modifying it so that <ApplicationVersion>1.7.4</ApplicationVersion> instead reads (eg) <ApplicationVersion>1.6.0</ApplicationVersion>. Because changing the length of the request will corrupt it, you're best off using `sed' to do it. Eg:
sed -e '/^Accept-Encoding/d' -e 's/1.7.4/1.6.0/g' request.txt > request-mod.txt nc mobile.kobobooks.com < request-mod2.txt > response-mod2.txt
The command deletes the request header that asks the server to gzip the response (for easier reading) and changes the version the "Kobo" announces its self to be running when it connects to the server.