Jump to content


Photo

TTLG - anyone having trouble geting in ?


  • Please log in to reply
6 replies to this topic

#1 esme

esme

    Member

  • Member
  • PipPip
  • 335 posts

Posted 20 December 2017 - 08:52 AM

Just tried looking at TTLG & got the following error

Database Error: SQLSTATE[HY000] [1862] Your password has expired. To log in you must change it using a client that supports expired passwords.

I get this on 2 different browsers

 

Removed all saved passwords and cookies & still get it

 

Anyone else having an issue or is it just me ?



#2 stumpy

stumpy

    Advanced Member

  • Member
  • PipPipPip
  • 1748 posts

Posted 20 December 2017 - 11:15 AM

are you using google based browsers, they've introduced a system where if a site isn't protected by certain expensive SSL certificates they are going to block access to password protected areas on those sites.


  • teh_saccade likes this

#3 jaxa

jaxa

    Advanced Member

  • Member
  • PipPipPip
  • 1295 posts

Posted 20 December 2017 - 12:51 PM

are you using google based browsers, they've introduced a system where if a site isn't protected by certain expensive SSL certificates they are going to block access to password protected areas on those sites.

 

I accessed it with Google Chrome just fine. Was able to login too.



#4 freyk

freyk

    Advanced Member

  • Member
  • PipPipPip
  • 602 posts

Posted 20 December 2017 - 04:45 PM

I think it was a database connectionerror on ttlg-forum's side.

The password it mentioned, is NOT about your password, but the account what the webserver uses to connect to ttlg mysql database, esme. (error 1862)

Edited by freyk, 20 December 2017 - 04:51 PM.


#5 teh_saccade

teh_saccade

    Advanced Member

  • Member
  • PipPipPip
  • 630 posts

Posted 21 December 2017 - 01:18 AM

Lately there's been a lot of exposure about the vulnerabilities in google chrome over http. Now it's public it means stuff has to be done about it.

 

Can see instantly that TTLG is http only (you'll notice in chrome that there is a broken padlock in the URL bar).

What Stumpy is saying is right (it's a conspiracy!), and Freyk's also correct that it is a server-side error thanks to google's security updates.

Probably TTLG will need to update some php or mysql as it appears as if you're getting the error because mysql is restricting you to sandbox mode or the client (your chrome browser) is connecting to the server via scripts.

It's pretty old, by the looks of things...
 


80/tcp open http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP) <---win server 2008 / microsoft iis7.0

Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

Since it's a win home server and on http, it's potentially a very soft target.
Uses ascii string for passwords and html encoding for special characters in that field. Usernames are on the forum...

Probably TTLG could fix the issue by changing password expiration.
 


SET GLOBAL default_password_lifetime = 0;

So that all user's passwords do not expire, whether they connect via scripts or not.

Or the admin could migrate everything to something such as freeBDS, but they've always been windows server forever - also there's a loootttt of data over the past 21 years at that place.

Best course of action would be to use a different browser (eg firefox) and mail the admin with the issue so that it can be resolved, I'd guess.
http://www.ttlg.com/...sendmessage.php


I'd recommend migration, as the server has no SSL cypher mapping, however the f= parameter means it is an unlikely target for sql injection "practice".
But it is a windows server and it's vbulliten 4.2.3.



#6 Abusimplea

Abusimplea

    Member

  • Member
  • PipPip
  • 304 posts

Posted 21 December 2017 - 02:14 AM

Some site stops working because of a server-side database connectivity issue and people start blaming some browser. I better go back to the nazi thread...


  • Spooks likes this

#7 esme

esme

    Member

  • Member
  • PipPip
  • 335 posts

Posted 21 December 2017 - 07:47 AM

I'm back in, looks like it was their database pw like freyk said, thanks






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users