The document discusses the security vulnerabilities of SharePoint applications, highlighting that many organizations lack adequate security policies for the platform. It provides insights from cybersecurity experts and emphasizes the need for proper installation, configuration, access control, and development practices to mitigate risks. The document also offers tips for organizations to enhance their SharePoint security and protect against potential hacker exploits.

1. Why Your SharePoint Applications
are a Hackers Best Friend

2. Waughn
Hughes
Waughn has over 14 years of consulting experience, and has worked
extensively with SharePoint for the past seven years as a developer
and solutions architect.
Solutions Architect | about.me/waughn

3. Justin
Tibbs
Justin Tibbs, developed and heads up the security solutions practice
at NET Source, Inc, in Littleton Colorado. Prior to NET Source, Justin
held positions at Cisco Systems, Lockheed Martin, and others,
specializing in the areas of Vulnerability & Threat Research,
Exploitation Development, and Secure Architecture Design.
NET Source Security Director | about.me/justintibbs

4. Agenda
• Introduction
• SharePoint Tips and Tools
Why Your SharePoint Applications are a Hackers Best Friend 4

5. Definitions
Security Breach
An act from outside an organization that bypasses or contravenes security policies, practices, or
procedures.
Security Violation
An act from inside an organization that bypasses or contravenes security policies, practices, or
procedures.
Why Your SharePoint Applications are a Hackers Best Friend 5

6. National Security Agency
"This leaker was a sysadmin who was trusted with moving the information to actually make
sure that the right information was on the SharePoint servers that NSA Hawaii needed."
- National Security Agency Director and the Pentagon's Cyber Command Commander
General Keith Alexander
Why Your SharePoint Applications are a Hackers Best Friend
NSA chief leaks info on data sharing tech: It's SharePoint, By Jack Clark
Clear and Present Danger: Cyber-Crime; Cyber-Espionage; Cyber-Terror; and Cyber-War
6

7. Why SharePoint?
Started as a way to simplify document sharing…
12 years and numerous releases later…
Evolved into a platform for collaboration, document and file management, intranets,
extranets, websites, enterprise search, business intelligence, business process automation,
social networks, etc…
Used by 78% of the Fortune 500 companies*
Why Your SharePoint Applications are a Hackers Best Friend 7
* SharePoint 2010 : The First 10 Years [http://technet.microsoft.com/en-us/magazine/gg981684.aspx]

8. SharePoint Security Policy
Why Your SharePoint Applications are a Hackers Best Friend 8
A recent study by Emedia, covered in full by
InfoSecurity magazine in February 2013,
found that only about one-third of
organizations with 25-5000 users employing
SharePoint have security policies covering
the platform.

9. Installation & Configuration
• Windows, SQL Server and .NET Stack
• Security Patching
• Service Accounts
• Service Applications
• Authentication
• Web Applications, Site Collections and Sites
Why Your SharePoint Applications are a Hackers Best Friend 9

10. Installation & Configuration: Tips
• Review and install applicable service packs and cumulative updates
• Plan for least-privilege administration and do not use single account to run SharePoint
farm(s)
• Understand the features and configuration options for service applications prior to
deployment
• Define authentication methods for the various web and extended web applications
• Develop and use information architecture to define web applications, site collections and
sites
• Use metadata to identify data sensitivity
Why Your SharePoint Applications are a Hackers Best Friend 10

11. Access Control
• User Permissions
• Excessive Access
• Administrative Access
Why Your SharePoint Applications are a Hackers Best Friend 11

12. Access Control: Tips
• Train end users on the key permission feature within SharePoint (e.g. security groups,
permission levels, and permissions inheritance)
• Automate the review process to keep rights aligned with business needs
• Enable auditing for sites that contain sensitive information
• Access the need to use database encryption to protect content
Why Your SharePoint Applications are a Hackers Best Friend 12

13. External Exposure: Demo
Why Your SharePoint Applications are a Hackers Best Friend 13

14. External Exposure: Tips
• Use Google or Bing to check for externally exposed information
• Google Samples:
• inurl:"/_layouts/viewlsts.aspx"
• "all site content" filetype:aspx
• Use port scanner like nMap to look for open listeners
• Management applications
• Misconfigured web services
• Database listeners (SQL)
• Pretend to be a hacker… Try Shodan, a search engine that lets you find specific types of
computers using a variety of filters
Why Your SharePoint Applications are a Hackers Best Friend 14

15. Development
• Cross-Site Scripting
• Cross-Site Request Forgery
• Elevation of Privilege
• Information Disclosure
Why Your SharePoint Applications are a Hackers Best Friend 15

16. Development: Tips
• Understand Code Access Security
• Encode output properly using SPHttpUtility methods
• Do not allow contributor users to add script to the site
• Specify a charset in the Content-Type HTTP response header
• Avoid using AllowUnsafeUpdates where possible
• Check user permissions appropriately
Why Your SharePoint Applications are a Hackers Best Friend 16

17. Questions?
Why Your SharePoint Applications are a Hackers Best Friend 17

18. 6000 Greenwood Plaza Blvd
Suite 110
Greenwood Village, CO 80111
303.798.5458
www.aspenware.com
Aspenware