Open foolo opened 9 months ago
Yush G, [2024-03-18 19:38] That public key for Netflix auth is in DNS at auth0.netflix.com/pem
Yush G, [2024-03-18 19:38] Or at https://netflix.auth0.com/.well-known/jwks.json
Yush G, [2024-03-18 19:41] Similarly, it rotates and needs backups
Olof, 2024-03-26
maybe this one: in the 1M list, there is zebra.com. Then my script found https://zebra.auth0.com/.well-known/jwks.json , but we don't know for sure whether this url actually corresponds to zebra.com (at least as far as i can see). Maybe it really belongs to another company, like zebra.de, or maybe a company with "zebra" as a part of their name, but their preferred tenant name was already taken, so they chose "zebra" instead, many possibilites :)
Yush G, 2024-03-26
What if we could search all the DNS domains here: https://hackertarget.com/find-dns-host-records/
To match the cname format from here: https://auth0.com/docs/customize/custom-domains/auth0-managed-certificates
Yush G, 2024-03-26
What if we could search all the DNS domains here: https://hackertarget.com/find-dns-host-records/ To match the cname format from here: https://auth0.com/docs/customize/custom-domains/auth0-managed-certificates
@Divide-By-0 I looked bit a this. Some potential obstacles:
This one might be possible to solve. It seems like the hackertarget site lists A
records, but we are interested in the CNAME
records. (An A
record is just an IP address, so there is nothing we can match against the auth0 format).
I tried to find a similar service for CNAME records, but no success yet.
Not fully confident about this one, but as I understand it, the process described here:
https://auth0.com/docs/customize/custom-domains/auth0-managed-certificates#verify-ownership
is an alternative for organizations that does not want to use the default location (https://TENANT_NAME.auth0.com/.well-known/jwks.json
). But, using the default location is the most common, so with this method we will only find a small subset of domains, namely those who chose to use custom domain.
From #1