Sparty

Sparty is an open source tool written in python to audit web applications using sharepoint and frontpage architecture. The motivation behind this tool is to provide an easy and robust way to scrutinize the security configurations of sharepoint and frontpage based web applications. Due to the complex nature of these web administration software, it is required to have a simple and efficient tool that gathers information, check access permissions, dump critical information from default files and perform automated exploitation if security risks are identified. A number of automated scanners fall short of this and Sparty is a solution to that.

# python sparty_beta_v_0.1.py -h
        ---------------------------------------------------------------
                                                                 
          _|_|_|    _|_|_|     _|_|    _|_|_|    _|_|_|_|_|  _|      _|  
         _|        _|    _|  _|    _|  _|    _|      _|        _|  _|    
           _|_|    _|_|_|    _|_|_|_|  _|_|_|        _|          _|      
               _|  _|        _|    _|  _|    _|      _|          _|      
         _|_|_|    _|        _|    _|  _|    _|      _|          _|      

        SPARTY : Sharepoint/Frontpage Security Auditing Tool!
        Authored by: Aditya K Sood |{0kn0ck}@secniche.org  | 2013
        Twitter:     @AdityaKSood
        Powered by: IOActive Labs !
       
        --------------------------------------------------------------
Usage: sparty_beta_v_0.1.py [options]

Options:
  --version             show program's version number and exit
  -h, --help            show this help message and exit

  Frontpage::
    -f FRONTPAGE, --frontpage=FRONTPAGE
                        <FRONTPAGE = pvt | bin> -- to check access permissions
                        on frontpage standard files in vti or bin directory!

  Sharepoint::
    -s SHAREPOINT, --sharepoint=SHAREPOINT
                        <SHAREPOINT = forms | layouts | catalog> -- to check
                        access permissions on sharepoint standard files in
                        forms or layouts or catalog directory!

  Mandatory::
    -u URL, --url=URL   target url to scan with proper structure

  Information Gathering and Exploit::
    -v FINGERPRINT, --http_fingerprint=FINGERPRINT
                        <FINGERPRINT = ms_sharepoint | ms_frontpage> --
                        fingerprint sharepoint or frontpage based on HTTP
                        headers!
    -d DUMP, --dump=DUMP
                        <DUMP = dump | extract> -- dump credentials from
                        default sharepoint and frontpage files (configuration
                        errors and exposed entries)!
    -l DIRECTORY, --list=DIRECTORY
                        <DIRECTORY = list | index> -- check directory listing
                        and permissions!
    -e EXPLOIT, --exploit=EXPLOIT
                        EXPLOIT = <rpc_version_check | rpc_service_listing |
                        rpc_file_upload | author_config_check |
                        author_remove_folder> -- exploit vulnerable
                        installations by checking RPC querying, service
                        listing and file uploading
    -i SERVICES, --services=SERVICES
                        SERVICES = <serv | services> -- checking exposed
                        services !

  General::
    -x EXAMPLES, --examples=EXAMPLES
                        running usage examples !