Update and rename camunda-default-credential.yaml to camunda-default-login.yaml

http/default-logins/camunda/camunda-default-login.yaml

@@ -1,10 +1,11 @@
-id: camunda-default-credential
+id: camunda-default-login
 
 info:
-  name: Camunda Login Panel - Default Login
+  name: Camunda - Default Login
   author: bhutch
   severity: high
-  description: Camunda login panel contains a default login vulnerability.
+  description: |
+    Camunda login panel contains a default login vulnerability.
   reference:
     - https://github.com/camunda/camunda-docs-manual/blob/master/content/webapps/admin/user-management.md
   classification:
@@ -13,7 +14,6 @@ info:
     cwe-id: CWE-522
   metadata:
     verified: true
-    max-request: 4
     shodan-query: http.html:"Camunda Welcome"
   tags: default-login,camunda
 
@@ -22,6 +22,7 @@ http:
       - |
         GET /camunda/app/welcome/default/ HTTP/1.1
         Host: {{Hostname}}
+
       - |
         POST /camunda/api/admin/auth/user/default/login/welcome HTTP/1.1
         Host: {{Hostname}}
@@ -29,9 +30,14 @@ http:
         Accept: application/json, text/plain, */*
         X-Xsrf-Token: {{xsrf_token}}
 
-        username=demo&password=demo
+        username={{username}}&password={{password}}
 
-    cookie-reuse: true
+    attack: pitchfork
+    payloads:
+      username:
+        - demo
+      password:
+        - demo
 
     matchers-condition: and
     matchers:
@@ -40,6 +46,7 @@ http:
         words:
           - '"userId"'
           - '"authorizedApps"'
+        condition: and
 
       - type: status
         status: