So PJ8312000-OneX.zip is just firmware.zip from 3.17.707.1 OTA.
Boot into RUU mode, where flashing firmware.zip is allowed anyways.
You push a firmware.zip only once where it would require 3 times to be actually fully flashed.
Boot into system and push a crafted binary.
So the facepalm exploit is totally just HTC end up leaving eMMC security off while the device is preparing for a firmware.zip flash?!
Wow HTC.. Facepalm indeed.
Some report the phone can be in either of the states below, not just SUPERCID state but perhaps the pre-update state may have bad side effects, eg what is this "pre-update":
FAILED (remote: 92 supercid! please flush image again immediately)
FAILED (remote: 90 hboot pre-update! please flush image again immediately)
Well done HTC; Flush immediately otherwise eMMC security will be off
Well done to beaups for working this out!