This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Hacme Bank

From OWASP
Revision as of 07:16, 29 June 2006 by Dinis.cruz (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

[Hacme Bank info will go here]

Since the Foundstone HacmeBank tool was released with an Open Source License, we can host a copy here and add more tests to it as soon as they are ready (i.e. we don't need to wait for Foundstone's release cycles)


Notes:

Removing 'OnlyAllowLocalAccess' restriction

By default (to prevent accidental exploitation) non-local requests are not allowed (i.e. only http://127.0.0.1 will work).

To allow such accesses, edit the Hacme Bank's website web.config (in HacmeBank_v2_Website folder) and comment out the HttpModule_onlyAllowLocalAccess line in the <httpModules> section.

To also access (and 'unprotect') the Webservices, remove the same line from the web.config file that is in the HacmeBank_v2_WS folder