Difference between revisions of "Hacme Bank"
From OWASP
Dinis.cruz (talk | contribs) |
Medelibero (talk | contribs) |
||
| Line 14: | Line 14: | ||
To also access (and 'unprotect') the Webservices, remove the same line from the web.config file that is in the HacmeBank_v2_WS folder | To also access (and 'unprotect') the Webservices, remove the same line from the web.config file that is in the HacmeBank_v2_WS folder | ||
| + | |||
| + | {{Template:Stub}} | ||
[[Category:OWASP .NET Project]] | [[Category:OWASP .NET Project]] | ||
Revision as of 02:43, 15 August 2006
[Hacme Bank info will go here]
Since the Foundstone HacmeBank tool was released with an Open Source License, we can host a copy here and add more tests to it as soon as they are ready (i.e. we don't need to wait for Foundstone's release cycles)
Notes:
Removing 'OnlyAllowLocalAccess' restriction
By default (to prevent accidental exploitation) non-local requests are not allowed (i.e. only http://127.0.0.1 will work).
To allow such accesses, edit the Hacme Bank's website web.config (in HacmeBank_v2_Website folder) and comment out the HttpModule_onlyAllowLocalAccess line in the <httpModules> section.
To also access (and 'unprotect') the Webservices, remove the same line from the web.config file that is in the HacmeBank_v2_WS folder
This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.
