From e6fd6500e2b03058778b308d1bd3076b5b4e0943 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Tue, 27 Aug 2024 10:07:21 +0530
Subject: [PATCH 1/2] Create rundeck-default-login.yaml

---
 .../rundeck/rundeck-default-login.yaml        | 42 +++++++++++++++++++
 1 file changed, 42 insertions(+)
 create mode 100644 http/default-logins/rundeck/rundeck-default-login.yaml

diff --git a/http/default-logins/rundeck/rundeck-default-login.yaml b/http/default-logins/rundeck/rundeck-default-login.yaml
new file mode 100644
index 0000000000..f52630a4ef
--- /dev/null
+++ b/http/default-logins/rundeck/rundeck-default-login.yaml
@@ -0,0 +1,42 @@
+id: rundeck-default-login
+
+info:
+  name: Rundeck - Default Login
+  author: karkis3c
+  severity: high
+  description: |
+    Rundeck default login was discovered.
+  reference:
+    - https://raw.githubusercontent.com/karkis3c/bugbounty/main/nuclei-templates/default-login/rundeck-default-login.yaml
+    - https://docs.rundeck.com/docs/learning/
+  metadata:
+    verified: true
+    max-request: 1
+    fofa-query: app="Rundeck-Login"
+  tags: default-login,rundeck
+
+variables:
+  username: admin
+  password: admin
+
+http:
+  - raw:
+      - |
+        POST /j_security_check HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+
+        j_username={{username}}&j_password={{password}}
+
+      - |
+        GET /menu/home HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body_2
+        words:
+          - "/user/logout"
+          - "Hi admin"
+        condition: and

From 404d292e68ee6d185d1a77f02a7035be35bf35a6 Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Tue, 27 Aug 2024 08:42:35 +0400
Subject: [PATCH 2/2] Update rundeck-default-login.yaml

---
 http/default-logins/rundeck/rundeck-default-login.yaml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/http/default-logins/rundeck/rundeck-default-login.yaml b/http/default-logins/rundeck/rundeck-default-login.yaml
index f52630a4ef..3e6bf2d45b 100644
--- a/http/default-logins/rundeck/rundeck-default-login.yaml
+++ b/http/default-logins/rundeck/rundeck-default-login.yaml
@@ -11,7 +11,7 @@ info:
     - https://docs.rundeck.com/docs/learning/
   metadata:
     verified: true
-    max-request: 1
+    max-request: 2
     fofa-query: app="Rundeck-Login"
   tags: default-login,rundeck
 
@@ -40,3 +40,7 @@ http:
           - "/user/logout"
           - "Hi admin"
         condition: and
+
+      - type: status
+        status:
+          - 200