Skip to content
SharePoint Security Auditor
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.idea
Dev_Notes
README.md
SP2010_Notes
SP2013_Notes
browse_list.txt
browser.py
brute_browse.py
people_enum.py
requirements.txt
service_interrogator.py
sharepwn.py
url_processor.py
user_id.py
version_id.py

README.md

SharePwn

A tool for auditing SharePoint security settings and identifying common security holes.

Use:

Install Dependencies: pip install -r requirements.txt
Run: python sharepwn.py
-or-
Call specific functionality from the command-line:
sharepwn.py [-h] [-t T] [-p P] [-v] [-b] [-pe] [-u]

optional arguments:
  -h, --help  show this help message and exit
  -t T        URL of the target SP site
  -p P        Port/Protocol to target (80 or 443)
  -v        Perform Version Detection
  -b        Perform Brute-Force Browsing
  -pe      Perform Enumeration via People Service
  -u        Perform Brute-Force User ID Search

###Features:###

  • Service Discovery
  • Version Identification
  • User Enumeration
  • System/Machine Account Discovery
  • NTLM Authentication

Known Issues:

  • People Enumeration is not fully functional, primarily in success cases, as I need to stand up a testing environment in order to finish some of the details.

Short Term Development TO-DO items:

  • Finish People Enumeration Success Parsing
  • Finish support for Cookie-based Authentication
  • Store/Save Results In Files or DB

Contributing:

Although I've written and released the initial development version of this tool myself, I am eager for any help in further development that I can get. I'm not a professional developer and could use the help! Create a Pull Request if you'd like to contribue something, or e-mail me at 0rigen[ at ]0rigen [d0t] net to discuss any work.

You can’t perform that action at this time.