Blank-Password

MariaDB root with no password on port 3306 — from initial banner grab to database enumeration to flag extraction, no exploit required.…

RDP and WinRM both accept a blank Administrator password — attack surface is two services wide when credential assumptions fail at the front door.…