Armed with valid usernames and leaked passwords from the logs, attackers can launch credential stuffing campaigns against the target's other portals (such as corporate email, VPNs, or SSH terminals), assuming users reuse passwords.
used by security professionals to find publicly exposed log files that might contain sensitive user information. Allintext Username Filetype Log
If you try this search (and you should, for educational purposes), you must follow two golden rules: Armed with valid usernames and leaked passwords from
If you find an exposed log file containing usernames or other sensitive data: or SSH terminals)