Copy/Paste from http://hackersblog.org article:
Yahoo redirects are and have been continuously used for spam, phishing and black SEO. Even though Yahoo is struggling to solve this problem, they are easy to find. When I say ease i mean seconds not minutes or hours.
The whole trick is to know how a patched link looks like. Its not hard at all.
All you need is:
Firefox
Link Gopher add-on
A search engine.
How does a link that can be used as for a redirect looks like?
http://us.ard.yahoo.com/SIG=15temu9ra/M=289534.6253107.7244481.6080815/D=classreal/S=750052198:FOOT/Y=YAHOO/EXP=1232849833/L=BmyXB86.ODX4VzI3SXtvrR9kVmjCm0l7r4kACp1e/B=NoaQBNj8a.0-/J=1232842633729605/K=pIWiCLQq81S96lmhwDqmiw--/A=2650127/R=2/SIG=11lp7krrc/*http://docs.yahoo.com/info/copyright/copyright.html
How does a link that can NOT be used as for a redirect to a site outside *.yahoo.com look like?
http://rds.yahoo.com/_ylt=AkWscG8XXla3AoABf80g_WeHHwx.;_ylv=0/SIG=11idii63e/EXP=1232929280/**http%3A//hk.knowledge.yahoo.com/
How can we tell which link can be used?
Notice this part of the link (from the first example):
SIG=11lp7krrc/*
http://docs.yahoo.com/info/copyright/copyright.html
After /* there follows the unaltered link to a diffrent domain.
The second link is a bit diffrent.
1232929280/**http%3A//hk.knowledge.yahoo.com/
Don't mind the number of "stars". This is what tells us that this redirect is useless: http%3A//.
All links from redirect that start with http%3A// cannot be used for sites outside yahoo.com.
I can bet that there wont be more then a week from now (the moment of posting the article) and this bug will be fixed cause we noticed a sudden love from Yahoo who is kind enough to pay us visits almost every day :)
// End of article //
Video demonstration: http://www.trilulilu.ro/hackersblog/b07ad9934d9738
