id: dvwa-headless-automatic-login

info:
  name: DVWA Headless Automatic Login
  author: pdteam
  severity: high
  tags: headless,dvwa

headless:
  - steps:
      - args:
          url: "{{BaseURL}}/login.php"
        action: navigate

      - action: waitload

      - args:
          by: x
          xpath: /html/body/div/div[2]/form/fieldset/input
        action: click

      - action: waitload

      - args:
          by: x
          value: admin
          xpath: /html/body/div/div[2]/form/fieldset/input
        action: text

      - args:
          by: x
          xpath: /html/body/div/div[2]/form/fieldset/input[2]
        action: click

      - action: waitload

      - args:
          by: x
          value: password
          xpath: /html/body/div/div[2]/form/fieldset/input[2]
        action: text

      - args:
          by: x
          xpath: /html/body/div/div[2]/form/fieldset/p/input
        action: click

      - action: waitload

    matchers-condition: or
    matchers:
      - part: resp
        type: word
        words:
          - "You have logged in as"

      - part: resp
        type: word
        words:
          - "First time using DVWA"
# digest: 4a0a0047304502202df744e611b878bb983647874d41c8e4ad4871a8129bd7257a920809328f5172022100ec6be46e75582d1bb87e9b892e2624c3d21bfdc055194913c342dbe2c9f75856:922c64590222798bb761d5b6d8e72950