| walsufnir said: So you got the information from $somewhere and retried this on your own? Or did you read about this on "locked", let's say, forums? |
IRC channel i frequent was discussing the find, some people did some poking, found that the login server is running a slightly older version of a particular module that is vulnerable to attack, as i said in my first and second posts though, the absolute maximum said vulnerability would expose would be numerical user id (useless), psn id (public info anyway) and salted emails (less useless but not worth cracking), the login servers were splintered away from the primary servers in 2011, hence why psn was down for so damn long.
The only way you could ever crack the userdb now would be to directly access the internal accounts server, which would involve a complete takeover of the login server (something sql injection isn't going to give), especially since their login servers are just multiple VM's on blade servers.
