Create geoserver-default-login.yaml (#3979)

* Create geoserver-default-login.yaml

* more strict matchers

Co-authored-by: sandeep <sandeep@projectdiscovery.io>

default-logins/geoserver/geoserver-default-login.yaml

@@ -0,0 +1,37 @@
+id: geoserver-default-login
+
+info:
+  name: Geoserver Default Login
+  author: For3stCo1d
+  severity: high
+  metadata:
+    fofa-query: app="GeoServer"
+  tags: geoserver,default-login
+
+requests:
+  - raw:
+      - |
+        POST /geoserver/j_spring_security_check HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        username={{user}}&password={{pass}}
+
+    attack: pitchfork
+    payloads:
+      user:
+        - admin
+      pass:
+        - geoserver
+
+    matchers-condition: and
+    matchers:
+      - type: dsl
+        dsl:
+          - "contains(tolower(location), '/geoserver/web')"
+          - "!contains(tolower(location), 'error=true')"
+        condition: and
+
+      - type: status
+        status:
+          - 302