Closed cv-anthony closed 3 weeks ago
@cv-anthony Thanks for your feedback! We will investigate and update as appropriate.
@cv-anthony I'm going to assign this to the document author so they can take a look at it accordingly
@TerryLanfear Can you please check and add your comments on this doc update request as applicable.
@cv-anthony, @ManoharLakkoju-MSFT - Thanks for forwarding. I'll look into this and reply back soon.
I would like to add, for extra detail, that I have written a similar script that I run daily that looks at Azure A-Records. Using this graph query:
resources | where type contains 'publicIPAddresses' and isnotempty(properties.ipAddress) | project properties.ipAddress
I then check that against all A-Records in our DNS that contain azure IP addresses. I use this endpoint to determine if the IP address is an Azure IP Address:
https://www.azurespeed.com/api/ipinfo?ipAddressOrUrl={ip-addr}
From there I am able to detect any dangling A-Records in Azure. This works quite well and I imagine it can be added to the Get-DanglingDnsRecords Powershell script.
@cv-anthony - Thanks for your dedication to our documentation. Unfortunately, at this time we have been unable to review your issue in a timely manner and we sincerely apologize for the delayed response. We are closing this issue for now, but if you feel that it's still a concern, please respond and let us know within two weeks. #please-close
UUF-Stale-Not Planned
This page and logic seems to help users discover Subdomain Takeover using CNAME records. However, it's still possible to take over a subdomain with A Records as well. One can provision a public IP address from Azure and create an A Record to it, then later decommission the public IP address. Can we update the script/documentation to check against A Records as well?
Document Details
⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.