So what did Sony do about it?

This is a follow up post to my original story here.

So what did Sony do about it?

Not a lot. Just enough to stop the scripts.

The page now loads a new main js file at http://ps20.software.eu.playstation.com/index.dart.js?v=2

But the original remained live to throw people off the scent.

The original URL source was kept active and the data inside the HTML file remained.

The original URL source was also tweaked to respond to any code. Presumably this was to trick people into thinking they still had a working exploit.

The only way to get it to return the real url was to change the query string parameter name from “sp” to “k” and add the correct Referer header:

Referer http://ps20.software.eu.playstation.com/

What about people sharing links?

The game website doesn’t appear to submit anything differently whether you arrive legitimately via  http://ps20.software.eu.playstation.com/ or directly.

So basically, people who used the link without participating properly will probably still be counted.

I may have missed something here so perhaps Sony or Game can reassure us that they have actually added something to prevent these entries? I’m not holding my breath for any kind of official acknowledgement or an explanation however…

Advertisements

3 thoughts on “So what did Sony do about it?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s