Hacker News new | ask | show | jobs
by jandrese 1008 days ago
BLASTPASS is an ok exploit name, but it is kinda specific. People might think it was only about bypassing BlastDoor on iPhones. A better name might have been something like "WebPwn", which would have made it much more clear that it was a vulnerability in the image format.
3 comments
olliej 1008 days ago
WebPwn is a great name and I almost want a direct RCE in WebP just so it can get that name
link
halJordan 1008 days ago
Blastpass is the exploit that broke open Blastdoor. The webp exploit is just a neat privilege escalation after you blastdoor'd the target.
link
AdmiralAsshat 1008 days ago
"BLASTPASS" made me initially think it was the exploit used to breach LastPass.
link