Sparty – MS Sharepoint and Frontpage Auditing Tool

En la pasada BlackHat USA Arsenal se presetó una herrramienta para hacer auditoría a Sharepoint y Frontpage. El autor define la herramienta como: Sparty is an open source tool written in python to audit web applications using sharepoint and frontpage architecture. The motivation behind this tool is to provide an easy and robust way to scrutinize the security configurations of sharepoint and frontpage based web applications. Due to the complex nature of these web administration software, it is required to have a simple and efficient tool that gathers information, check access permissions, dump critical information from default files and perform automated exploitation if security risks are identified. A number of automated scanners fall short of this and Sparty is a solution to that. Yo la he usado, y me ha dado bastantes buenos resultados. Checking de permisos Una de las cosas que podemos hacer con la herramienta es hacer check de los permisos, vamos a ver un ejemplo. [email protected]:~/sparty_v_0.1# python sparty_v_0.1.py -s layouts -u https://www.XXXXXXXXXX.gov --------------------------------------------------------------- _|_|_| _|_|_| _|_| _|_|_| _|_|_|_|_| _| _| _| _| _| _| _| _| _| _| _| _| _|_| _|_|_| _|_|_|_| _|_|_| _| _| _| _| _| _| _| _| _| _| _|_|_| _| _| _| _| _| _| _| SPARTY : Sharepoint/Frontpage Security Auditing Tool! Authored by: Aditya K Sood [email protected] | 2013 Twitter: @AdityaKSood Powered by: SecNiche Security Labs ! -------------------------------------------------------------- [+] fetching information from the given target : (https://www.XXXXXXXXXX.gov/SitePages/Home.aspx) [+] target responded with HTTP code: (200) [+] target is running server: (Microsoft-IIS/7.5) [+]-----------------------------------------------------------------! [+] auditing sharepoint '/_layouts/' directory for access permissions ! [+]-------------------------------------------------------------------! [-] (https://www.XXXXXXXXXX.gov/_layouts/aclinv.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/addrole.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/AdminRecycleBin.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/AreaNavigationSettings.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_Layouts/AreaTemplateSettings.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_Layouts/AreaWelcomePage.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/associatedgroups.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/bpcf.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_Layouts/ChangeSiteMasterPage.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/create.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/editgrp.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/editprms.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/groups.aspx) - (403) [+] (https://www.XXXXXXXXXX.gov/_layouts/help.aspx) - (200) [-] (https://www.XXXXXXXXXX.gov/_layouts/images/) - (403) [+] (https://www.XXXXXXXXXX.gov/_layouts/listedit.aspx) - (200) [-] (https://www.XXXXXXXXXX.gov/_layouts/ManageFeatures.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/ManageFeatures.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/mcontent.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/mngctype.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/mngfield.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/mngsiteadmin.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/mngsubwebs.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/mngsubwebs.aspx?view=sites) - (403) [+] (https://www.XXXXXXXXXX.gov/_layouts/mobile/mbllists.aspx) - (200) [+] (https://www.XXXXXXXXXX.gov/_layouts/MyInfo.aspx) - (200) [+] (https://www.XXXXXXXXXX.gov/_layouts/MyPage.aspx) - (200) [+] (https://www.XXXXXXXXXX.gov/_layouts/MyTasks.aspx) - (200) [-] (https://www.XXXXXXXXXX.gov/_layouts/navoptions.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/NewDwp.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/newgrp.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/newsbweb.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/PageSettings.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/people.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/people.aspx?MembershipGroupId=0) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/permsetup.aspx) - (403) [+] (https://www.XXXXXXXXXX.gov/_layouts/picker.aspx) - (200) [-] (https://www.XXXXXXXXXX.gov/_layouts/policy.aspx) - (403) [+] (https://www.XXXXXXXXXX.gov/_layouts/policyconfig.aspx) - (200) [-] (https://www.XXXXXXXXXX.gov/_layouts/policycts.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/Policylist.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/prjsetng.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/quiklnch.aspx) - (403) [-] (https://www.XXXXXXXXXX.gov/_layouts/recyclebin.aspx) - (403) [+] (https://www.XXXXXXXXXX.gov/_Layouts/RedirectPage.aspx) -...

Leer Más

Siguenos!

O Puedes Subscribete

ANTES DE

SALIRTE ...

NO TE

ARREPENTIRÁS

!Gracias¡

NO OLVIDES NUESTRAS REDES SOCIALES