This documentation will grow organically and is a work in progress.
At the moment, SPARTA can be configured by editing the sparta.conf file located in SPARTA’s root folder. At launch time, SPARTA checks if this file exists and if it does not, a new file is created with default values. In the future, there will be a settings menu which will remove the need to manually edit this file and will make changing the configuration easier and safer.
WARNING: Apart from tools, do not remove any lines from sparta.conf as it could break functionality. Also, assume that setting values are case-sensitive.
Adding new actions
In SPARTA we separate actions in three classes:
- Host Actions: are invoked by right-clicking on a host and their tool output will be stored and displayed in SPARTA
- Port Actions: are invoked by right-clicking on a port or service and their tool output will be stored and displayed in SPARTA (Eg: Nikto)
- Terminal Actions: are invoked by right-clicking on a port and will spawn an external terminal window (Eg: Connect with netcat)
To configure a new action the following format must be used:
tool is a unique identifier, typically the name of the tool.
label is the text that will appear in the context menu.
command is the command you would type in the terminal to run the tool. Note that it must be a non-interactive command. The placeholders [IP], [PORT] and [OUTPUT] when used will be replaced at run time by the right values.
services is the list of nmap service names that the tool applies to. When you right-click on a port/service the tool will only appear in the context menu if the service was defined here. Note that this field is not used by the Host Actions for obvious reasons.
To configure the tool Nikto as a port action we would need to add the following line to the [PortActions] section in sparta.conf:
nikto=Run nikto, nikto -o [OUTPUT].txt -p [PORT] -h [IP], “http,https”
After making changes to the configuration file, SPARTA must be restarted for changes to take effect. This won’t be the case when we implement the settings menu.
Configuring automated attacks
You can set up SPARTA to automatically run any tool – that you have configured in the [PortActions] section of the configuration file – when a service is identified.
Automated attacks are enabled by default but can be disabled by editing the “enable-scheduler” option in the [GeneralSettings] section of the configuration file.
Automated attacks are configured in the [SchedulerSettings] section of the configuration file. The following format must be used:
tool is the unique identifier which was used to define the tool in the [PortActions] section.
services is the list of services that when identified should trigger the tool to run automatically.
protocol is the protocol of the service the tool should run on (tcp/udp).