Access to Web Site

**simonf** · 10-05-2006, 05:51 AM

Hi Guys & Dolls

Question to you boffin's out there...

I designed a commercial web site for a customer, and now the owner has changed the FTP password and refuses to pay me for my services. Any idea how I could get access to the site to delete my work etc.

I know it sounds strange.. but customers can be a real pain at times and I do not see why he should have 50 pages of my work for free.. after all I'm not a charity.

Any suggestions or ideas would be appreciated...

**codeexploiter** · 10-05-2006, 06:51 AM

I think if you try to access the FTP password using some indirect methods it will create problems for you.

Even if it is your work i think simply accessing the FTP server by breaking into the server and deletes your work will make that an illegal act from your side. The site owner can approach justice department in that.

You can go legally if you have some proof that you've done the work and if that person can't provide any payment details he made in the past, it will become his problem to provide enough proof that clarifies that he did pay you.

Difficult situation.

**tech_support** · 10-05-2006, 07:23 AM

Go to Court!!!!!

**djr33** · 10-05-2006, 10:47 AM

Sue him.

The only way that I can think of to hack into ftp would be to use brute force.
To do so, it's not that complex, more tedious, really, to write a script that would do it for you.
The problems--
1-- you need to know the username (or, I suppose, the password), as doing both would take an insanely long time.... insanely long. As in decades.... millennia.
2-- brute force works great through about 5 characters. After that, it starts to take about a week for 6 chars, and for 7, muuuuuuch longer.... like a year, if not more.
I think these numbers are about right. The process is exponential, and all based on the number of characters you check for.

I wrote a script that did this (just for fun, tried to hack my own server), and I think it took like 2 days to get a 6 character password (and that was all limited to lowercase letters).

So.... this was just a random tangent, and wouldn't help you anyway.
And, yes, it would be illegal.

Just sue him.

Get a lawyer (or a lawyer friend) to write him a letter. Should do the trick.

**BLiZZaRD** · 10-05-2006, 11:51 AM

Also note, that if you were able to get in, most web hosts offer a back up of all files, and this back up is usually done daily.

If you were to delete your files, the client could just run the back up and re install the pages.

**Twey** · 10-05-2006, 07:06 PM

djr33: Depends on the speed of the processor (and network).
Brute-forcing is a particularly clumsy method, and will be immediately noticed by any competent network admin.

Also, of course, it's illegal: whether it'd be a crime against the client or not, I don't know, but the server company can (and probably would) prosecute.

Lawyer suggestion seconded.

**blm126** · 10-05-2006, 07:57 PM

you could also try going through the host. Once again you will need proof that they stole your work, but the host may be willing to help.

**djr33** · 10-06-2006, 01:55 AM

Right. But the processor of the server you're trying to access, not yours. For example, if you were to run the same script from multiple computers, it might seem as if that would be faster, but it would instead do twice as many requests from twice as many servers, thereby slowing the rate at which they are processed.... so.... no way to speed that up.
And, yes, illegal.

Go through the host, send him an official letter (from a lawyer if possible), then get a lawyer and sue/etc.