We live in a modern age, but unfortunately, even in such a modern age, you can still easily dowload database exports with just a simple google search. From simple contact me form records to school databases, there is no shortage of exposed databases, available for anyone to snoop and mess around with it. And what do people do when they get access to such thing? Well, they will probably use it for malicious purposes.
Here is how to do it in a few short and simple steps
intext:"index of" ".sql"
It's concerningly easy to do such an "attack". My grandma could probably do it.
No. Here are a few of my favourites
intext:"index of" "artisan" ".env"
intext:"index of" ".png"
intext:"index of" ".mp4"
(found some really cute cat videos with this one)To companies: paying a sysadmin to deploy your site properly will pay off.
The database passwords that are just horrible
DB_PASSWORD=secret
DB_PASSWORD=123
DB_PASSWORD=123456987