This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Hacme Bank

Revision as of 07:16, 29 June 2006 by Dinis.cruz (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

[Hacme Bank info will go here]

Since the Foundstone HacmeBank tool was released with an Open Source License, we can host a copy here and add more tests to it as soon as they are ready (i.e. we don't need to wait for Foundstone's release cycles)


Removing 'OnlyAllowLocalAccess' restriction

By default (to prevent accidental exploitation) non-local requests are not allowed (i.e. only will work).

To allow such accesses, edit the Hacme Bank's website web.config (in HacmeBank_v2_Website folder) and comment out the HttpModule_onlyAllowLocalAccess line in the <httpModules> section.

To also access (and 'unprotect') the Webservices, remove the same line from the web.config file that is in the HacmeBank_v2_WS folder