Replies: 2 comments
-
|
This looks like standard Android Emulator? I admit, I never tried running Kindle on that. I use WSA, and my libKindleAndroidNativeBundlerJNI is x86_64, I believe, not arm. It does work up to the point where it starts decryption, though, extracting DSN/secrets. Could you add console logs into compiled agent for more data? |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
I did hope to avoid this, but here. Try instructions in this file and see if the executables work. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
The latest version for Android Kindle App crashed.
`python3 kindleFridaDecrypt.py -f "files" -o output
App Context: com.amazon.kcp.application.StandaloneApplication@345e07e
Java.Field{
holder: ApplicationInfo{4e63c6a com.amazon.kindle},
fieldType: 2,
fieldReturnType: Ljava/lang/String;,
value: /data/app/~~TzF13PGd0LeAnFhBfREwcw==/com.amazon.kindle-VolFwFfMIcpdGKariKcC5Q==/lib/arm64,
}
[on_message] message: {'msg': 'ready', 'dsn': '6131dd5090e644b4923f057e1d92c609', 'secrets': ['cdc38873d0344dcd2eb6578a15ed4ae002fd9a12']} data: None
DSN: 6131dd5090e644b4923f057e1d92c609 secrets: ['cdc38873d0344dcd2eb6578a15ed4ae002fd9a12']
Starting work on B0F48YQ4G4
Process crashed: Bad access due to invalid address
Build fingerprint: 'google/sdk_gphone64_arm64/emu64a:14/UE1A.230829.050/12077443:userdebug/dev-keys'
Revision: '0'
ABI: 'arm64'
Timestamp: 2026-04-30 11:42:14.284912226+0800
Process uptime: 360s
Cmdline: com.amazon.kindle
pid: 29245, tid: 30057, name: Thread-74 >>> com.amazon.kindle <<<
uid: 10194
tagged_addr_ctrl: 0000000000000001 (PR_TAGGED_ADDR_ENABLE)
pac_enabled_keys: 000000000000000f (PR_PAC_APIAKEY, PR_PAC_APIBKEY, PR_PAC_APDAKEY, PR_PAC_APDBKEY)
signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x0000000000000762
Cause: null pointer dereference
x0 000000000000075a x1 0000007905f4a718 x2 0000007d8d76a904 x3 0000007905f4a508
x4 0000000000000010 x5 0000007905f4a0ff x6 0000000000000032 x7 7f7f7f7f7f7f7f7f
x8 000000000000984d x9 854e76c3e7c33fde x10 0000007a1b707e28 x11 00000000ffff9824
x12 000000006a2076a4 x13 0000007905f4a818 x14 0000000000000013 x15 000000000000001e
x16 0000007d8d74f3d8 x17 0000007d8d723e10 x18 0000000000000000 x19 0000007905f4af30
x20 0000007a19853dc8 x21 0000007a1b707e48 x22 0000007a1b707e48 x23 0000007905f4a8a9
x24 0000007905f52000 x25 0000007a1b707e48 x26 0000007a1b707e48 x27 00000000bdb1720f
x28 000000001286904d x29 0000007a1b707e48
lr 0000007a1b707e48 sp 0000007905f4a750 pc 0000007a1b707e50 pst 0000000080000000
2 total frames
backtrace:
#00 pc 0000000002e77e50 /data/app/~~TzF13PGd0LeAnFhBfREwcw==/com.amazon.kindle-VolFwFfMIcpdGKariKcC5Q==/lib/arm64/libKindleAndroidNativeBundlerJNI.so (BuildId: 08e9782377136c98910520bbd7bedd23b6971353)
#1 pc d10083a0f9400413 `
I’m also researching the reverse engineering of Kindle for Android. I’ve been encountering this crash issue whenever I use Frida Hook.
Perhaps the author is using a different version of the app than I am.
I suspect that libKindleAndroidNativeBundlerJNI.so performs strict checks on HOOK behavior.
Beta Was this translation helpful? Give feedback.
All reactions