Coincidentally, the entire site source code

Suitable for readers: script intrusion enthusiasts and network administrators
Prerequisites: None

Coincidentally, the entire site source code

When we intrude into the website, we all want the source code of the website, and then analyze the code to see if there are any vulnerabilities. However, it is not easy to get the code. I found a way to see the code in an accidental opportunity. I would like to discuss it with you here. Experts should not throw on persimmons.
Sometimes we can encounter this situation when accessing a Website: files are exposed to us without default pages. This is a lot of cases. As shown in 1. In this way, we can easily get the source code of the website.

 
Figure 1

Some people may say: what is the use of source code that you get? That's right! This is only part of the code. If I can get all the source code of the website, I will do it! Let's find a solution, Follow me!

Take the above website as an example. How can I make the entire site become a browsed folder? Hey! We open the network neighbor and find "add a network neighbor" in the upper left corner ". I have installed the MacOS simulator, so the interface is in English. 2:

 
Figure 2

Click "Next" and a search page will pop up, which takes about one minute. 3. :

 
Figure 3

Then a page is displayed, prompting you to select a location. Click "Next". A session box is displayed, asking us to enter the target address. Here we add it as a "Network Neighbor" through the HTTP protocol. We can fill it in as follows (4 ):

 
Figure 4

Click "Next" and wait for a while. Start a name and click "finish". At this time, we will start "Network neighbors! Our online neighbors have a new guest! 5.

 
Figure 5

Let's open it and see what is going on in the end, hey (6 ).

 
Figure 6

Check that all the source files are exposed to us (Note: The files here are all the source files in the browsed directory ). Hey, do you think it's amazing ?! This helps us find the database location. If the database is directly in a readable directory, we can download the database directly!

Sometimes we encounter this situation after entering the website address, as shown in 7.

 
Figure 7

This indicates that this site does not have permission to list directories. Please consider other intrusion methods!
This article has no technical content. It is just a new way to get the source files of the other party. The author's level is limited, and errors are inevitable. I hope you can make a good decision.