Servers sometimes list all files in a folder by default.
Can block accidental exposure.
The attacker right-clicks, saves passwd.txt , and runs: index of passwd txt updated
: This targets a common filename for plain-text credential lists or Linux /etc/passwd file backups. Servers sometimes list all files in a folder by default
An administrator wants to back up configuration files. They run: cp /etc/passwd /var/www/html/backup/ They forget to delete the file, and the backup directory has no index.html file. The web server now serves the passwd file to anyone who knows where to look. index of passwd txt updated