To clarify a few things, the server wasn't exploited in any way to find the location of it, once DPR had been identified they were looking for how he connected to SilkRoad. DPR had setup a VPN which connected to the SilkRoad server to form an exclusive connection, so that the server could not be accessed by any third party unless they went through the VPN. Once LE found DPR had connected to the VPN, they realised it had exclusive access rights and if you knew how to connect to the VPN it asked for no further passwords and just let you connect to the server. From what information I know, instead of just access it right away, they requested the foreign country to find the IP address and pretty much just do a memory dump which means they will then capture the encryption keys used on the disk and therefore make the entire server encryption useless. From then, it isn't exactly hard to clone the drives SilkRoad runs on and used the dumped memory to decrypt it. As the encryption never changed, to get a new image of SilkRoad was a trivial task and could be done in a few minutes with 1 cable.The flaw in DPR is using the same pseudonym in the SSH key pairs he used to connect to SR and the VPN as his pseudonym he used in the past, that is how they connected the dots, tor itself was never exploited.