PoC author @retr0id published his writeup about how the bug was found, I strongly encourage you to give it a read and a follow: https://www.da.vidbuchanan.co.uk/blog/exploiting-acropalypse.html
Conversation
Notices
-
Pierre Bourdon (delroth@mastodon.delroth.net)'s status on Sunday, 19-Mar-2023 04:39:05 JST 
Pierre Bourdon
-
Pierre Bourdon (delroth@mastodon.delroth.net)'s status on Sunday, 19-Mar-2023 04:39:06 JST
Pierre Bourdon
Another one showing how a smaller crop can end up revealing even more of the original screenshot image.
Adrian Cochrane repeated this. -
Pierre Bourdon (delroth@mastodon.delroth.net)'s status on Sunday, 19-Mar-2023 04:39:07 JST
Pierre Bourdon
I tried it on a screenshot from just a week ago. This is absolutely scary.
First image is the screenshot I saved after cropping. Second is what the demo app managed to recover.
-
Pierre Bourdon (delroth@mastodon.delroth.net)'s status on Sunday, 19-Mar-2023 04:39:08 JST
Pierre Bourdon
CVE-2023-21036 / acropalypse is absolutely bonkers.
Apparently for 5+ years the cropping / editing tools for screenshots on Google Pixel phones was only overwriting the start of the screenshot PNG file, but not truncating.
All screenshots shared for the past 5+ years might have data recoverable from them. Demo available at https://acropalypse.app/
Google still hasn't communicated anything on this.
(h/t ItsSimonTime on Musk's site)
🌲Number 1 Pleroma Criminal on XBL 🇵🇱|🇺🇸 repeated this. -
🌲Number 1 Pleroma Criminal on XBL 🇵🇱|🇺🇸 (phenomx6@fedi.pawlicker.com)'s status on Friday, 24-Mar-2023 02:01:38 JST 
🌲Number 1 Pleroma Criminal on XBL 🇵🇱|🇺🇸
@delroth good thing I don't use pixels -
❄️:padoru: SantaSnekFriend :padoru:❄️ (supersnekfriend@poa.st)'s status on Friday, 24-Mar-2023 02:02:15 JST 
❄️:padoru: SantaSnekFriend :padoru:❄️
@delroth Is this a programming mistake or a "programming mistake" at the behest of Google's overlords? :jahy_smug_stare:
-
All 076萌SNS content and data are available under the