Merge pull request #9215 from gtrrnr/patch-9

Create sphinxsearch-config.yaml

http/exposures/configs/sphinxsearch-config.yaml

@@ -0,0 +1,41 @@
+id: sphinxsearch-config
+
+info:
+  name: Sphinx Search Config - Exposure
+  author: gtrrnr
+  severity: high
+  description: sphinx.conf file contains SQL credentials and is publicly accessible.
+  impact: |
+    An attacker can use leaked credentials to gain access to database.
+  reference:
+    - https://github.com/manticorp/SphinxSearch/blob/master/sphinx.conf.example
+  metadata:
+    max-request: 7
+    verified: true
+  tags: sphinx,sphinxsearch,exposure,config
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/config/development.sphinx.conf"
+      - "{{BaseURL}}/config/production.sphinx.conf"
+      - "{{BaseURL}}/configs/sphinx.conf"
+      - "{{BaseURL}}/search/configs/sphinx.conf"
+      - "{{BaseURL}}/sphinx.conf"
+      - "{{BaseURL}}/sphinx/sphinx.conf"
+      - "{{BaseURL}}/sphinxsearch/sphinx.conf"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "sql_user"
+          - "sql_pass"
+          - "indexer"
+        condition: and
+
+      - type: status
+        status:
+          - 200