Difference between revisions of "Hacme Bank"

From OWASP
Redirect page
Jump to: navigation, search
 
 
(2 intermediate revisions by 2 users not shown)
Line 1: Line 1:
[Hacme Bank info will go here]
+
#Redirect [[OWASP_O2_Platform/WIKI/Using_O2_on:_HacmeBank]]
 
+
Since the Foundstone HacmeBank tool was released with an Open Source License, we can host a copy here and add more tests to it as soon as they are ready (i.e. we don't need to wait for Foundstone's release cycles)
+
 
+
 
+
 
+
== Notes: ==
+
 
+
'''Removing 'OnlyAllowLocalAccess' restriction'''
+
 
+
By default (to prevent accidental exploitation) non-local requests are not allowed (i.e. only http://127.0.0.1 will work).
+
 
+
To allow such accesses, edit the Hacme Bank's website web.config (in HacmeBank_v2_Website folder) and comment out the HttpModule_onlyAllowLocalAccess line in the <httpModules> section.
+
 
+
To also access (and 'unprotect') the Webservices, remove the same line from the web.config file that is in the HacmeBank_v2_WS folder
+
  
 
[[Category:OWASP .NET Project]]
 
[[Category:OWASP .NET Project]]

Latest revision as of 18:16, 7 December 2009