Post: This is how PSN got hacked!
Options
04-26-2011, 10:26 PM
#1
ciunas
Insert User Title Here
Above is a screenshot of their PSN servers access logs. This log is created on the main server of the PlayStation Network. Likely many of you have no idea what exactly a log would be. Sony itself has this log file are also publicly retrievable through the URL. Mistake number two, perhaps? Here also some interesting logs:
Originally posted by another user
214.1.211.251 - - [15/Apr/2011: 9:40:11 -0700] "GET / OfficeScan / cgi / cgiChkMasterPwd.exe HTTP/1.1" 404 336 "-" "-"
178.202.110.92 - - [22/Apr/2011: 7:05:00 p.m. -0700] "GET / admin / cdr / counter.txt HTTP/1.1" 404 343 "-" "Mozilla/5.0 (compatible; Windows NT 6.1, de; rv: 1.9.2.16) Gecko/20110319 Firefox/3.6.16 "
214.1.211.251 - - [15/Apr/2011: 9:40:09 -0700] "GET / _vti_bin / fpcount.exe? Page = default.htm | Image = 3 | Digits = 15 HTTP/1.0" 404 325 "- "" - "
214.1.211.251 - - [15/Apr/2011: 9:39:51 -0700] "GET / scripts / foxweb.exe / HTTP/1.0" 404 324 "-" "-"
214.1.211.251 - - [15/Apr/2011: 9:39:48 -0700] "GET / phpwebfilemgr / index.php? F =../../../ etc / services HTTP/1.0" 404 328 " - "" - "
178.202.110.92 - - [22/Apr/2011: 7:05:00 p.m. -0700] "GET / admin / cdr / counter.txt HTTP/1.1" 404 343 "-" "Mozilla/5.0 (compatible; Windows NT 6.1, de; rv: 1.9.2.16) Gecko/20110319 Firefox/3.6.16 "
214.1.211.251 - - [15/Apr/2011: 9:40:09 -0700] "GET / _vti_bin / fpcount.exe? Page = default.htm | Image = 3 | Digits = 15 HTTP/1.0" 404 325 "- "" - "
214.1.211.251 - - [15/Apr/2011: 9:39:51 -0700] "GET / scripts / foxweb.exe / HTTP/1.0" 404 324 "-" "-"
214.1.211.251 - - [15/Apr/2011: 9:39:48 -0700] "GET / phpwebfilemgr / index.php? F =../../../ etc / services HTTP/1.0" 404 328 " - "" - "
What we see here again include the use of an FVC, local file inclusion, in the last row. With this is that the ip 214.1.211.251, this is possibly the IP of the attacker. Nor has a number of Javascript injections occurred:
Originally posted by another user
214.1.211.251 - - [15/Apr/2011: 9:39:49 -0700] "GET / board.php? <script> FID = alert (document.cookie) </ script> HTTP/1.0" 404 314 "- "" - "
214.1.211.251 - - [15/Apr/2011: 9:39:38 -0700] "GET / servlet / webacc? User.id ="> <script> alert ('eeye2004'
</ script> HTTP/1.0 " 404 319 "-" "-"
214.1.211.251 - - [15/Apr/2011: 9:39:30 -0700] "GET / modules.php? Name = Reviews & rop = post & title =% 253cscript comment> alert 2528document.cookie%)% 253c/script> HTTP / 1.0 "404 316" - "" - "
214.1.211.251 - - [15/Apr/2011: 9:39:38 -0700] "GET / servlet / webacc? User.id ="> <script> alert ('eeye2004'
</ script> HTTP/1.0 " 404 319 "-" "-"214.1.211.251 - - [15/Apr/2011: 9:39:30 -0700] "GET / modules.php? Name = Reviews & rop = post & title =% 253cscript comment> alert 2528document.cookie%)% 253c/script> HTTP / 1.0 "404 316" - "" - "
It is frightening to know that Sony is so easy to hack, because come on Sony, FVC and Javascript injections? Really? This looks like the work of a 14 year old boy. Thanks to SKFU Blog for the announcement of the log.
You must login or register to view this content.
The following 7 users say thank you to ciunas for this useful post:
04-26-2011, 10:34 PM
#11
ciunas
Insert User Title Here
Originally posted by Goleggett
You must login or register to view this content.
You do realise there have been thousands of attempts by people to do this and one group of people have managed to do it. A 14 year old boy would have better things to do. Believe you me this is more complicated than it seems otherwise Sony would have the servers back up...
You do realise there have been thousands of attempts by people to do this and one group of people have managed to do it. A 14 year old boy would have better things to do. Believe you me this is more complicated than it seems otherwise Sony would have the servers back up...
Originally posted by Omshivam
This does not look like the work of a 14 year old boy.
The bit about the 14 year old is merely from the source I did not write this. The author most know something about hacking to have writen this so I presume to him this hacking is very easy.
The following 2 users say thank you to ciunas for this useful post:
04-26-2011, 10:38 PM
#12
Goleggett
Splicer
Originally posted by sh
The bit about the 14 year old is merely from the source I did not write this. The author most know something about hacking to have writen this so I presume to him this hacking is very easy.
Ah ok, still if huge hacking groups couldn't take down the security then i doubt a teenage boy would be able to. Over-exagaration from the author there.
04-26-2011, 10:55 PM
#14
Masta Of Evil
Feeling Evil?
Originally posted by 94
wow someone should track that ip and get all the info of the hacker so we can get our revenge+if is a teenager kid who hacked PSN i will LMAO
It's most likely a Proxy.
04-26-2011, 11:15 PM
#17
Porter_Justice
Cake is a lie
Why do people keep saying that something that took FOUR YEARS TO CRACK is "easy"??????
Thats like saying running the New York marathon is easy AFTER training your ass off for a year.
Hell college is "easy" YEARS after you realise how hard real world is.
Using Hindsight to act like hacking PS3 is as easy as taking candy from a baby is silly. ESPECIALLY if it took 4 years to accomplish.
Thats like saying running the New York marathon is easy AFTER training your ass off for a year.
Hell college is "easy" YEARS after you realise how hard real world is.
Using Hindsight to act like hacking PS3 is as easy as taking candy from a baby is silly. ESPECIALLY if it took 4 years to accomplish.
04-26-2011, 11:17 PM
#18
4chanPartyVan
Banned
04-26-2011, 11:24 PM
#19
MysticalX
GamerzRevolution
Originally posted by 94
wow someone should track that ip and get all the info of the hacker so we can get our revenge+if is a teenager kid who hacked PSN i will LMAO
all fake IP's
so its not possible but if this is the whole list then the credit card owners doesnt have to worry , i tracked the accesses listed in this screenshot and none of them are PSN related , could be the internet browser of the PSN cuz i see a favicon.ico wich is like the little Ngu logo in your browser where you enter the webpage ---------- Post added at 11:24 PM ---------- Previous post was at 11:19 PM ----------
Pinged and Failed the IP's Are hidden
You must login or register to view this content.
Copyright © 2026, NextGenUpdate.
All Rights Reserved.
