Earlier this summer (at least where I live), I had a conversation with a friend. Our conversation involved a couple questions about INSERTs into a MySQL database. Eventually, I told him that I would do it for him. I came over, sat down on his computer, and accidentally typed his full IP address in. TO my surprise, the host still connected.
Later that night after I had gone home, I got a phone call from the friend asking me to do it again. Already on the computer (go figure d:), I pulled up bash and typed in his IP. Right as I was about to ask him what his password was, I noticed that MySQL hadn't even bothered to authenticate me. I "used mysql" and then SELECTed user, password,host FROM user. To my horror, I received:
+------+----------+-----------+ | user | password | host | +------+----------+-----------+ | root | | localhost | | root | | localhost | +------+----------+-----------+
Not only was name-less login allowed, but root was without password on localhost and remote. Anyway, to make a long story short, I did some research, and found that default Windows MySQL configuration lacks logging or authentication. I did some network scanning, and I think I have around 400 hosts with no root password. Anyway, to automate checking this, I wrote this program up. It tries to login as root/NULL, then takes the values of the user password hashes and tries to find a match to a dictionary file called dictionary.txt. */
Versions of MySQL 3.23.2 through 3.23.52 had a default root account that did not require a password. Hackers were quick to spot and exploit this.