commit
66653d65fe
|
@ -0,0 +1,41 @@
|
|||
id: sphinxsearch-config
|
||||
|
||||
info:
|
||||
name: Sphinx Search Config - Exposure
|
||||
author: gtrrnr
|
||||
severity: high
|
||||
description: sphinx.conf file contains SQL credentials and is publicly accessible.
|
||||
impact: |
|
||||
An attacker can use leaked credentials to gain access to database.
|
||||
reference:
|
||||
- https://github.com/manticorp/SphinxSearch/blob/master/sphinx.conf.example
|
||||
metadata:
|
||||
max-request: 7
|
||||
verified: true
|
||||
tags: sphinx,sphinxsearch,exposure,config
|
||||
|
||||
http:
|
||||
- method: GET
|
||||
path:
|
||||
- "{{BaseURL}}/config/development.sphinx.conf"
|
||||
- "{{BaseURL}}/config/production.sphinx.conf"
|
||||
- "{{BaseURL}}/configs/sphinx.conf"
|
||||
- "{{BaseURL}}/search/configs/sphinx.conf"
|
||||
- "{{BaseURL}}/sphinx.conf"
|
||||
- "{{BaseURL}}/sphinx/sphinx.conf"
|
||||
- "{{BaseURL}}/sphinxsearch/sphinx.conf"
|
||||
|
||||
stop-at-first-match: true
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
part: body
|
||||
words:
|
||||
- "sql_user"
|
||||
- "sql_pass"
|
||||
- "indexer"
|
||||
condition: and
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
Loading…
Reference in New Issue