Research for SharePoint (MOSS)

Revision as of 09:12, 7 April 2011 by Fran Brown (Talk | contribs)

Jump to: navigation, search

This page contains research notes on Microsoft's SharePoint MOSS and WSS


Microsoft resources

Other Resources and Documentation


Other interesting resources

Other Blogs and Articles

Security related technical articles

Published Security issues

SharePoint related vulnerabilities and its status

MOSS Security related WebParts, Tools & services

Open Source

Commercially Supported

Dangerous MOSS APIs

Map the security implications of MOSS APIs, for example:

  • which APIs (if badly used)are vulnerable to: XSS, CSRF, SQL Injection
  • configuration settings that have security implications

SharePoint Hacking

SharePoint Hacking Tools

  • Stach & Liu's SharePoint Hacking Diggity Project - SharePoint hacking tools project page. Currently includes such hacking tools as:
    • SharePoint – GoogleDiggity Dictionary File - New GoogleDiggity input dictionary file containing 118 queries that allow users to uncover SharePoint specific vulnerabilities exposed via the Google search engine. This dictionary helps assessors locate exposures of common SharePoint administrative pages, web services, and site galleries that an organization typically would not want to be made available to the public, let alone indexed by Google.
    • SharePointURLBrute - SharePointURLBrute is a new SharePoint hacking utility developed to help assessors quickly test user access to 99 common SharePoint administrative pages (e.g. “Add Users” page -> /_layouts/aclinv.aspx) by automating forceful browsing attacks.
    • SharePoint UserDispEnum - UserDispEnum is a new SharePoint user enumeration tool that exploits insecure access controls to the /_layouts/UserDisp.aspx?ID=1 page. This utility cycles through the integer ID values from 1 onward to identify valid users, account names, and other related profile information that can be easily extracted from the SharePoint user profiles.
    • SharePoint DLP Tools - COMING SOON – Stach & Liu data loss prevention (DLP) tools for Microsoft SharePoint. SharePoint DLP Tools utilize administrative web services to help automate the searching of SharePoint files and lists for SSNs, credit card numbers, passwords, and other common information disclosures.

SharePoint Hacking Presentations

WebParts Security

  • Security ratings & mappings of MOSS Deployed Web Parts
  • Security ratings & mappings of 3rd Part Web Parts