Mysql connect without username/password

MySQLPHP

I build a new website for a client (WordPress is underlying) and have access trough FTP to his webspace. He does not provide or even know more informations than this because he had taken it from an former employee.

Is it possible to get know if any MySQL database exist on localhost and connect to it without the knowledge of an username or password?

I dont think that the web space host could help me with this problem, because they switched there business orientation a while ago and don't provide any new web space at all.

Best Answer

I do not think it is possible to attempt to connect to a database without knowing the username, password, or whether it even exists.

If you could have someone log into MySQL (requires admin privileges without the MySQL name/password) they could run mysql> show databases; at the MySQL command line interface to get you started.

Related Solutions

Thesql change password in session

According to MySQL Documentation on SET PASSWORD

The SET PASSWORD statement assigns a password to an existing MySQL user account. If the password is specified using the PASSWORD() or OLD_PASSWORD() function, the literal text of the password should be given. If the password is specified without using either function, the password should be the already-encrypted password value as returned by PASSWORD().

With no FOR clause, this statement sets the password for the current user. Any client that has connected to the server using a nonanonymous account can change the password for that account

However, you just been struck by lightning because the same webpage says

Important

SET PASSWORD may be recorded in server logs or in a history file such as ~/.mysql_history, which means that plaintext passwords may be read by anyone having read access to that information. See Section 6.1.2, “Password Security in MySQL”.

Note

If you are connecting to a MySQL 4.1 or later server using a pre-4.1 client program, do not use the preceding SET PASSWORD or UPDATE statement without reading Section 6.1.2.3, “Password Hashing in MySQL”, first. The password format changed in MySQL 4.1, and under certain circumstances it is possible that if you change your password, you might not be able to connect to the server afterward.

Your password change is forever, so to speak.

HOW TO FIX IT

Suppose your user is myuser@localhost, you can have someone with ALL PRIVILEGES run this

UPDATE mysql.user SET password=OLD_PASSWORD('[your password]')
WHERE user='myuser' AND host='localhost';
FLUSH PRIVILEGES;

If you have no DBA but can restart mysql, then do this

service mysql restart --skip-networking --skip-grant-tables
mysql -e"UPDATE mysql.user SET password=OLD_PASSWORD('[your password]') WHERE user='myuser' AND host='localhost'"
service mysql restart

MySQL Root Password – How to Recover Forgotten MySQL Owner/Root Username and Password

You have a variety of options to reset the password http://code.openark.org/blog/mysql/recovering-a-mysql-root-password-the-fourth-solution

UPD: Following the Max's advice let me elaborate. The easiest way to reset any password is to restart MySQL with skip-grant-tables in my.cnf. Then MySQL won't ask the password. To set new password execute this:

 mysql -e "UPDATE mysql.user SET password = PASSWORD('newpassword') WHERE user = 'root' and host = '<host>'"

where <host> is host where user connects form.

Then restart MySQL again, but without skip-grant-tables option.

Best Answer

Related Solutions

Thesql change password in session

HOW TO FIX IT

MySQL Root Password – How to Recover Forgotten MySQL Owner/Root Username and Password

Related Question