1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

When You Sell A Site Do You Leave A BackDoor?

Discussion in 'BlackHat Lounge' started by gimme4free, Mar 21, 2009.

  1. gimme4free

    gimme4free Executive VIP Jr. VIP Premium Member

    Joined:
    Oct 22, 2008
    Messages:
    1,879
    Likes Received:
    1,932
    I'm going to be selling one of my domains on egay, I have experienced problems in the past with Paypal and chargebacks, so I have a question for domain flippers:

    Do you leave a backdoor so you can get back in or have any other tips when selling a domain incase the payment goes badly?

    Also, any advise as to what to leave on the site that will carry on to make me money? Already got my CS code there :)
     
  2. SleepieGirl

    SleepieGirl Regular Member

    Joined:
    Mar 7, 2009
    Messages:
    439
    Likes Received:
    290
    Occupation:
    Need Custom Programs? Message Me!!!
    Location:
    TenDollarBlog.com
    make them pay you using mass payment in paypal.
    make them buy it through a godaddy auction and godaddy does some sort of escrow themselves.
     
  3. jasonac2

    jasonac2 Junior Member

    Joined:
    Nov 23, 2008
    Messages:
    119
    Likes Received:
    69
    Occupation:
    Unemployed!
    Not sure about domains, but for content simply write a script that deletes everything off the server. If he scams you, run the script (which connects to his database). Bam, all the databases are gone.
     
  4. the_demon

    the_demon Jr. Executive VIP

    Joined:
    Nov 23, 2008
    Messages:
    3,177
    Likes Received:
    1,563
    Occupation:
    Search Engine Marketing
    Location:
    The Internet
    Agreed. Just leave some latent very well hidden code. Though if a coder is buying it he's likely to look for that and strip it out. I would try to hold payment past a certain date until he can no longer charge back before surrendering. (If possible)

    or have him pay you using VCC then charge the VCC so he cannot get his money back since you can't recharge them also login and register the card so he can't change the card details and then claim a fraudulent charge.
     
  5. pyronaut

    pyronaut Executive VIP

    Joined:
    Dec 9, 2008
    Messages:
    1,229
    Likes Received:
    1,422
    For a domain it may be a bit hard. If it was a site you could probably do it. But not for a clean domain.

    I think you can make him pay by a donate button aswell and there is no chargebacks? Or is there?
     
  6. bizcredit

    bizcredit Power Member

    Joined:
    Apr 1, 2008
    Messages:
    678
    Likes Received:
    253
    Occupation:
    blackhat
    Location:
    usa
    Home Page:
    If you leave a backdoor and some hacker gets in I'd sue your ass
     
  7. jasonac2

    jasonac2 Junior Member

    Joined:
    Nov 23, 2008
    Messages:
    119
    Likes Received:
    69
    Occupation:
    Unemployed!
    So if you were trying to scam him, and he just wanted his site back, you'd try and sue him? What?
     
  8. bizcredit

    bizcredit Power Member

    Joined:
    Apr 1, 2008
    Messages:
    678
    Likes Received:
    253
    Occupation:
    blackhat
    Location:
    usa
    Home Page:


    I dont think you read my post, or at least comprehended it.
     
  9. jasonac2

    jasonac2 Junior Member

    Joined:
    Nov 23, 2008
    Messages:
    119
    Likes Received:
    69
    Occupation:
    Unemployed!
    I did my best to understand a poorly written sentence. You said if he left a backdoor and let hackers in, you would sue him (presuming that you were buyer). If you don't scammed him, you would never know about it, and if you did scam him and he used the backdoor, you couldn't sue him.

    What a pointless conversation. :p
     
    Last edited: Mar 21, 2009
  10. jimbobo2779

    jimbobo2779 Jr. VIP Jr. VIP Premium Member

    Joined:
    Sep 17, 2008
    Messages:
    3,239
    Likes Received:
    2,394
    Occupation:
    Software Engineer
    Location:
    UK
    Home Page:
    I think what he said was to the effect of if he sold a site and a hacker was able to use the intentional backdoor to cause any harm to the site then he would sue the guy who put the back door in. Not too complicated an idea.

    Jim
     
  11. jasonac2

    jasonac2 Junior Member

    Joined:
    Nov 23, 2008
    Messages:
    119
    Likes Received:
    69
    Occupation:
    Unemployed!
    Yeah you make a good point, and IF he found it, then he could I guess. But the chances of finding 1 line of code in many files is pretty slim. Chances are they buyer wont even know how to code PHP (or what ever programming language is used), let alone differentiate a simple upload function from a delete function.
     
  12. gimme4free

    gimme4free Executive VIP Jr. VIP Premium Member

    Joined:
    Oct 22, 2008
    Messages:
    1,879
    Likes Received:
    1,932
    I think it is pretty obvious that you would also add your own method of protection to stop others from using the backdoor also. Thanks for the replies, will definately be leaving a back door just in case ;)