Sparty - MS Sharepoint and Frontpage Auditing Tool

                               

Introducing Sparty!

  • Overview
    Sparty is an open source tool written in python to audit web applications using sharepoint and frontpage architecture. The motivation behind this tool is to provide an easy and robust way to scrutinize the security configurations of sharepoint and frontpage based web applications. Due to the complex nature of these web administration software, it is required to have a simple and efficient tool that gathers information, check access permissions, dump critical information from default files and perform automated exploitation if security risks are identified. A number of automated scanners fall short of this and Sparty is a solution to that.

Release

Presentation !

Version 0.1 - Functionality !

  • Sharepoint and Frontpage Version Detection!
  • Dumping Password from Exposed Configuration Files!
  • Exposed Sharepoint/Frontpage Services Scan!
  • Exposed Directory Check!
  • Installed File and Access Rights Check!
  • RPC Service Querying!
  • File Enumeration!
  • File Uploading Check!

Documentation - Usage Examples:

Download !

Installation !

  • Step 1: # gunzip sparty_v_0.1.tar.gz
  • Step 2: # tar -xvf sparty_v_0.1.tar
  • Avoid using : # tar zxvf sparty_v_0.1.tar.gz

Bugs !

  • Send all bugs and queries to : 0kn0ck [no spam] secniche.org