remember, remember the fifth of november,
the gunpowder treason and plot,
i know of no reason
why the gunpowder treason
should ever be forgot.
i dub this exploit the guy fawkes hack (or GF)
it's time to free the next round of archos devices. and archos has made it easy on me, a bit. once i explain it, you'll wonder why you didn't find it yourself. the first trick to jailbreaking any device is finding a local exploit that will allow you to run your own code. if the priviledge of the exploited app is not root, the next step is then to achieve root somehow. after that is reached, a jailbreak can now be worked. the jailbreak has a similar name, is more of the same, mouldy cheeze. see my previous posts for how moldy/mouldy cheese/cheeze works.
first, the local exploit. avos has quite a few vulnerabilities that i found as i was poking around. whether they are exploitable i don't know yet. but as i was thus poking around i found out a neat trick. if you trick avos into thinking you have dti games, it will run them, no matter what you put in the executable file. nice. so step one is complete. unfortunately the dti games run as user nobody. so now we need a root exploit.
the first root exploit was simply removing the harddrive from my archos and creating a setuid root file on the 'hidden' ext3 partition. this allows the program to up priviledges to root from nobody. but a bit hard to do. so i started working on my current root exploit when archos came out with 1.7.02 and it was kindly pointed out that i could accomplish the same thing with an ext3 formatted thumb drive. how nice! so until i finish the root exploit, this will be the way to get root. simply copy the mouldy_cheeze executable to a ext3 thumb drive and type "sudo chown root.99 mouldy_cheeze; sudo chmod ug+s mouldy_cheeze". then plug it into your mini dock, battery dock, or dvr station. the device will recognize a new drive. exit out and go to games, dti, and select the game. this will run the jailbreak. after you are done, reboot and you are now running your very own jailbroken archos. obviously, this is not a general release for everybody.
now, don't go out and buy a dock if you don't have one. i expect to have a much more simple jailbreak coming as soon as possible. i will then start to work on 1.7.02 and also a5it.
right now i have only tested on 1.6.54, though i coded in 1.6.53 but just never got the chance to test. so unless you want to be the first to try 1.6.53, i recommend only using 1.6.54 firmware.
installation:http://archos-liberation-front.googleco ... _alpha.zip
unzip the archive. copy mouldy_cheeze as decribed above. copy rootfs.cramfs.secure and the Games folder to the 'root' of your archos device.
you thought the last release was rough? this one is even rougher. but i should have a 'general release' soon.
*edit: small update. the chown needs to come before the chmod