Post: Playstation Network Log of Hacker Leaked
Options
04-30-2011, 04:07 PM
#1
TheBigRod
uh-may-zuh-zing
Source: You must login or register to view this content. | By: Tristan | April 30th, 2011
Above is their 'Playstation access logs', or tl;dr (derp), when they got on their PS3. Which is created on the main server of the Playstation Network.
I honestly, I have no clue what this is, but here's a supposedly interesting log:
Originally posted by another user
214.1.211.251 - - [15/Apr/2011: 9:40:11 -0700] "GET / OfficeScan / cgi / cgiChkMasterPwd.exe HTTP/1.1" 404 336 "-" "-"
178.202.110.92 - - [22/Apr/2011: 7:05:00 p.m. -0700] "GET / admin / cdr / counter.txt HTTP/1.1" 404 343 "-" "Mozilla/5.0 (compatible; Windows NT 6.1, de; rv: 1.9.2.16) Gecko/20110319 Firefox/3.6.16 "
214.1.211.251 - - [15/Apr/2011: 9:40:09 -0700] "GET / _vti_bin / fpcount.exe? Page = default.htm | Image = 3 | Digits = 15 HTTP/1.0" 404 325 "- "" - "
214.1.211.251 - - [15/Apr/2011: 9:39:51 -0700] "GET / scripts / foxweb.exe / HTTP/1.0" 404 324 "-" "-"
214.1.211.251 - - [15/Apr/2011: 9:39:48 -0700] "GET / phpwebfilemgr / index.php? F =../../../ etc / services HTTP/1.0" 404 328 " - "" - "
178.202.110.92 - - [22/Apr/2011: 7:05:00 p.m. -0700] "GET / admin / cdr / counter.txt HTTP/1.1" 404 343 "-" "Mozilla/5.0 (compatible; Windows NT 6.1, de; rv: 1.9.2.16) Gecko/20110319 Firefox/3.6.16 "
214.1.211.251 - - [15/Apr/2011: 9:40:09 -0700] "GET / _vti_bin / fpcount.exe? Page = default.htm | Image = 3 | Digits = 15 HTTP/1.0" 404 325 "- "" - "
214.1.211.251 - - [15/Apr/2011: 9:39:51 -0700] "GET / scripts / foxweb.exe / HTTP/1.0" 404 324 "-" "-"
214.1.211.251 - - [15/Apr/2011: 9:39:48 -0700] "GET / phpwebfilemgr / index.php? F =../../../ etc / services HTTP/1.0" 404 328 " - "" - "
Here's another supposedly interesting log, which perhaps shows the I.P. of the attacker, 214.1.211.251. Also, some perhaps Javascript injections?
Originally posted by another user
214.1.211.251 - - [15/Apr/2011: 9:39:49 -0700] "GET / board.php? <script> FID = alert (document.cookie) </ script> HTTP/1.0" 404 314 "- "" - "
214.1.211.251 - - [15/Apr/2011: 9:39:38 -0700] "GET / servlet / webacc? User.id ="> <script> alert ('eeye2004'
</ script> HTTP/1.0 " 404 319 "-" "-"
214.1.211.251 - - [15/Apr/2011: 9:39:30 -0700] "GET / modules.php? Name = Reviews & rop = post & title =% 253cscript comment> alert 2528document.cookie%)% 253c/script> HTTP / 1.0 "404 316" - "" - "
214.1.211.251 - - [15/Apr/2011: 9:39:38 -0700] "GET / servlet / webacc? User.id ="> <script> alert ('eeye2004'
</ script> HTTP/1.0 " 404 319 "-" "-"214.1.211.251 - - [15/Apr/2011: 9:39:30 -0700] "GET / modules.php? Name = Reviews & rop = post & title =% 253cscript comment> alert 2528document.cookie%)% 253c/script> HTTP / 1.0 "404 316" - "" - "
Somebody fill me in how what this all is? I'm sure that one of you guys know.
:y: Good luck.
My Findings:
[/size]I went to You must login or register to view this content. & I found out that the I.P. address from the network logs is from Leemore, California. Here are some screenshots.
The following 5 users say thank you to TheBigRod for this useful post:
05-02-2011, 01:50 AM
#29
4chanPartyVan
Banned
Due to area code and looking at the domain, it's located in San Diego, same as Sony's servers. Something's fishy.. Lets see if Sony ever 'catches' the hacker(s).
Copyright © 2026, NextGenUpdate.
All Rights Reserved.
