The purpose of this presentation is to demonstrate the following..
1) It is possible for an intruder to gain unauthorized access to a Yahoo! Production
server ( already well known )
2) That access can then be used to reverse engineer the authentication system.
3) The same access can also be used to access the user database.
4) With the correct components it is possible to login in to any Yahoo! Account
and in many cases take control of it.
PoC:
![](mailto:tantos.silviu@gmail.com" title="Google Mail" target="_blank"><img src="http://blog.razius.org/wp-content/icons/gmail.png){kind=link}