About  Project Blog Resources

Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

How I Reversed Amazon's Kindle Web Obfuscation Because Their App Sucked- 1758

PixelmeltPosted 4 Months Ago
  • The author of this post bought a e-book on Amazon that required the usage of the Kindle App on their Android phone. As soon as they did this, the app crashed. They tried downloading it, backing it up but none of this worked. They had bought the book but couldn't read it. So, they decided to reverse engineer the app to get the book into a usable format for themselves.
  • The Web API downloads a TAR file with several JSON blobs in it. Upon trying to read this information, they realized that the API was heavily obfuscating the requests. Their was a mapping of Glyphs to Character IDs. They were using a simple substitution cipher that changed on every API request.
  • Interestingly enough, browsers handled the data fine because of native Path2D support. Using a custom parser for an SVG didn't work. SVG libraries had spurious lines everything. They even had 4 font variants!
  • After a large amount of effort, they figured out how to render the book. It required a lot of visual mapping code that I'm sure was a pain to write. Although it wasn't perfectly precise, it was good enough to get the job done. The end of the book has a great point: "Was it worth it? To read one book? No. To prove a point? Absolutely."

Maxwell DulinEmail me!TwitterGithubAdminBlog RSS FeedResources RSS Feed