Hey Guys, So here is the short and sweet edition to this story. I'm no where near a good programmer, but I know a good bit about SQL injections to gain control of a site. I use to do it for fun, never did anything harmful. I'm currently doing some web design for a client, it is a decent paying client. One of his competitors "f-ed" his life up at some point and he holds this grudge against the guy. Over coffee the topic of hacking came up, and he told me he would pay me $3,000 in cash to give him the access details to this guys site. I kind of nudged it out of conversation, but last night I was playing around and the guys site is in fact vulnerable to a SQL injection. I'm weighing out this decision, my moral beliefs are to steer away and just finish the web work and be gone with this guy. The $3,000 cash wallet is pushing me another way. Money is a bit tight. The way this guy said it made me believe he was going to down right ruin this guys site, I don't think I want to be apart of that. So my answer is leading more towards no, but I thought it would be interesting hearing your thoughts on the dilemma. *************UPDATE************* So on the phone today with the original client he mentioned the hacking again. I told him that I did not feel comfortable with it, and turnover his site to him (I finished it this morning so I can get out of this). Told him that he had 7 days to pay the outstanding balance. I was assertive. He did agree with no problem. We ended on good terms, he was a little shocked that I wouldn't do it, I'm 25 and he is 48, so he figured that was a lot of money for me. He came back with $3500. He actually paid me today (so I was really happy about this). -------------- I actually went ahead and called the competitor and briefly stated, "I was designing a website for a client and they gave me your site as an example of something they would want. while browsing your site I noticed that it was vulnerable to hackers." He said, "ummm, ok , who are you with?" Me: "I'm just a web developer and security is something I'm proficient with." He said, "So what can a hacker do to my site" Me: "Well sir, I'm going to be honest with you. A hacker can gain full control of your site and spam it, delete it, pretty much do what ever they want with it." He said, "Ok I'll look into it" Me: "Yea definitely do, I can secure it up for you" He said, "No, i'm not interested" Me: " No problem, but before you go, just so you know you should change your password from XXXXXXXXX to something I don't know" He said, (slight pause), "wait...what? How the f--- did you know that". Me: "I told you, your site is vulnerable to attacks" He said, "How much does it cost to secure it" Me: $1000 He said, "Call me in a couple hours". ----------------------------------------------------- Pretty hilarious turnout, I don't know if I will close on the job, but the security is pretty basic for his site. Regardless I feel good about my decision, may even make some money. thanks for all your opinions, I pretty much made up mind before the post but I thought it was an interesting scenario.