SQL Injection Vulnerability in Sony Playstation Network

Personal of Sony users Network could once again be at risk due to a bug that allows blind on its website, as a penetration tester claims.
20-year-old Aria Akhavan from Austria reports that he discovered one which could allow an attacker to obtain information from website data, using SQL queries.SQL Injection SQL Injection SQL Injection SQL Injection

Vulnerability is difficult to exploit, but it is not impossible.
A SQL injection blind is more difficult to pay if we compare it with a regular SQL injection because the data does not appear on the site directly. The page returns a general error message and the attacker should start asking true or false queries with SQL queries to retrieve the database information.

Although this type of attack requires more time to take place, it can be accelerated by using automated tools when the target and vulnerability are highlighted.

The security researcher, he said in an interview with Effect Hacking that she has been in contact with Sony for this issue since mid-October, but has not yet received a response. Meanwhile, vulnerability continues to exist.

Akhavan said he was studying technical penetration tests for about five years and refused to share the results of tests he conducted on the Sony site.

Recall that Sony has a history of data breach incidents. Not long ago the company was a constant target of a group known as the Lizard Squad. The group was carrying out DDoS attacks, cutting it off on the electronic network.

DDoS attacks are not designed to steal data, although they can be used to distract from a different attack that has this purpose and is done "from behind".

An earlier attack on the PlayStation Network led to personal and financial data leakage from at least 77 millions of company customers.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by Dimitris

Dimitris hates on Mondays .....

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).