PlayBook Jailbreak Tool Released

The researchers who last week said they had succeeded in jailbreaking the RIM PlayBook tablet have now posted a detailed walkthrough of how users can accomplish the same task on their own. The technique requires the use of a custom tool, but otherwise is fairly straightforward.

One of the researchers, known as Neuralic, posted the walkthrough to Pastie.org Tuesday morning. In order to begin the process, a PlayBook user need to first install the beta 2.0 version of the PlayBook software and then install the Dingleberry tool, which exploits a weakness in the PlayBook architecture which stems from the fact that the backups that the device takes aren’t signed, according to a message posted to Twitter by one of the researchers, Chris Wade.

“The Dingleberry exploit works by exploiting the fact that the backups taken by the desktop manager aren’t signed. It modifys [sic] the smb.conf,” Wade said in the message. “Which enables us to have it run a script as root whenever an smb connection is made.”

After the Dingleberry tool does its work, the next step is to download a Google Apps package and then install and launch an Android app, which will set up the Android environment on the device. From there, the steps go as follows, from the walkthrough:

5. Log into your playbook as root with an scp client (eg: WinSCP for windows). Copy the system folder in the google apps download to the root of your playbook and merge it with the system folder there.

6. Open up a root ssh shell and remove “/system/app/SetupWizard.apk” (this can by done by typing in “mv /system/app/SetupWizard.apk /system/app/SetupWizard.apk.bak”.

7. Kill the running android player “cd /apps/sys.android.XXXX.ns/native/scripts” (XXXX will be different for each device) and run “./android-player-cmd.sh kill-android-core.sh” 8. Launch a launcher app of some kind. Start up Android Market (or any other google app), enter your account details and it will start working.

In a statement on Dec. 1 when news of the impending PlayBook jailbreak release broke, officials at Research In Motion said that they were aware of the situation and were in contact with one of the researchers regarding the technique.

“RIM is currently investigating this claim and has been in contact with one of the security researchers to discuss it. If it is determined that the claim is accurate, RIM will follow its standard response process to develop and release a software update that is designed to minimize adverse impact to our customers or carrier partners. RIM is aware that the security researchers have stated they intend to release a tool to jailbreak the BlackBerry PlayBook tablet. If such a tool is released, RIM will investigate it.”

Such a tool has been released, and now the company said it is looking into whether a fix is needed on their end.

“RIM is aware of reports that a security researcher has released a tool designed to allow BlackBerry PlayBook users to jailbreak their tablet. RIM is following its standard security response process to investigate the functionality and impact of this tool and if needed, RIM will develop, test, and release a software update that is designed to minimize the potential adverse impact to our customers,” the company said in a statement.