Post [6] SharePoint
Misconfigured SharePoint can be *really* useful. Examples of things you can do with it are:
- User/Domain Enumeration
- Access to useful files
We regularly find awesome stuff once we have access to SharePoint. Its not uncommon to find service account passwords, alarm information, employee directories, all kinds of useful stuff.
LOW?
Finding SharePoint servers
random targets...lots of interesting things can be found with google dorks.
If you need to look at specific servers:
Stach and Liu's has released their SharePoint Diggity tools
http://www.stachliu.com/resources/tools/sharepoint-hacking-diggity-project/
you can also roll your own
http://code.google.com/p/fuzzdb/source/browse/trunk/Discovery/PredictableRes/Sharepoint.fuzz.txt
Examples of open access
If you have credentials you can use web services calls to pull information from AD, from: http://blog.mindedsecurity.com/2011/07/athcon-2011-presentation.html
Stuff to read:
http://www.mindedsecurity.com/fileshare/Fedon_Athcon_June11.pdf
http://www.stachliu.com/resources/tools/sharepoint-hacking-diggity-project/
https://www.owasp.org/index.php/Research_for_SharePoint_%28MOSS%29
