A few years ago, I managed to take over subdomains on Microsoft websites and got access to the mail and files of Outlook and OneDrive users, as well as user profile data on Xbox.com. Today, I am going to share with the hacking community the details of that attack and explain how it can be performed now, in 2020.
