hacktricks/network-services-pentesting/584-pentesting-afp.md

# 548 - Pentesting Apple Filing Protocol (AFP)

{% hint style="success" %}
Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Support HackTricks</summary>

* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
{% endhint %}


## Basic Information

Die **Apple Filing Protocol** (**AFP**), voorheen bekend as AppleTalk Filing Protocol, is 'n gespesialiseerde netwerkprotokol ingesluit in die **Apple File Service** (**AFS**). Dit is ontwerp om lêerdienste te bied vir macOS en die klassieke Mac OS. AFP val op deur ondersteuning van Unicode-lêernames, POSIX en toegangbeheerlys toestemmings, hulpbronvorke, benoemde uitgebreide eienskappe, en gesofistikeerde lêerslotmeganismes. Dit was die hoofprotokol vir lêerdienste in Mac OS 9 en vroeëre weergawes.

**Default Port:** 548
```bash
PORT    STATE SERVICE
548/tcp open  afp
```
### **Enumerasie**

Vir die enumerasie van AFP-dienste is die volgende opdragte en skripte nuttig:
```bash
msf> use auxiliary/scanner/afp/afp_server_info
nmap -sV --script "afp-* and not dos and not brute" -p <PORT> <IP>
```
**Scripts en Hul Beskrywings:**

- **afp-ls**: Hierdie skrip word gebruik om die beskikbare AFP volumes en lêers te lys.
- **afp-path-vuln**: Dit lys alle AFP volumes en lêers, terwyl potensiële kwesbaarhede uitgelig word.
- **afp-serverinfo**: Dit bied gedetailleerde inligting oor die AFP bediener.
- **afp-showmount**: Dit lys beskikbare AFP gedeeltes saam met hul onderskeie ACLs.

### [**Brute Force**](../generic-methodologies-and-resources/brute-force.md#afp)

{% hint style="success" %}
Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Support HackTricks</summary>

* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
{% endhint %}
GitBook: [#3160] No subject 2022-05-01 13:25:53 +00:00			`# 548 - Pentesting Apple Filing Protocol (AFP)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`{% hint style="success" %}`
			`Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[HackTricks Training AWS Red Team Expert (ARTE)](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\`
			`Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[HackTricks Training GCP Red Team Expert (GRTE)<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`<details>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`<summary>Support HackTricks</summary>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`* Check the [subscription plans](https://github.com/sponsors/carlospolop)!`
			`* Join the 💬 [Discord group](https://discord.gg/hRep4RUj7f) or the [telegram group](https://t.me/peass) or follow us on Twitter 🐦 [@hacktricks\_live](https://twitter.com/hacktricks\_live).`
			`* Share hacking tricks by submitting PRs to the [HackTricks](https://github.com/carlospolop/hacktricks) and [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) github repos.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`</details>`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`{% endhint %}`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
a 2024-02-08 21:36:35 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`## Basic Information`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			Die Apple Filing Protocol (AFP), voorheen bekend as AppleTalk Filing Protocol, is 'n gespesialiseerde netwerkprotokol ingesluit in die Apple File Service (AFS). Dit is ontwerp om lêerdienste te bied vir macOS en die klassieke Mac OS. AFP val op deur ondersteuning van Unicode-lêernames, POSIX en toegangbeheerlys toestemmings, hulpbronvorke, benoemde uitgebreide eienskappe, en gesofistikeerde lêerslotmeganismes. Dit was die hoofprotokol vir lêerdienste in Mac OS 9 en vroeëre weergawes.
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`Default Port: 548`
a 2024-02-08 21:36:35 +00:00			```bash
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			`PORT STATE SERVICE`
			`548/tcp open afp`
			```
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`### Enumerasie`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`Vir die enumerasie van AFP-dienste is die volgende opdragte en skripte nuttig:`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			```bash
			`msf> use auxiliary/scanner/afp/afp_server_info`
			`nmap -sV --script "afp-* and not dos and not brute" -p <PORT> <IP>`
			```
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`Scripts en Hul Beskrywings:`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated to Afrikaans 2024-02-11 02:07:06 +00:00			`- afp-ls: Hierdie skrip word gebruik om die beskikbare AFP volumes en lêers te lys.`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`- afp-path-vuln: Dit lys alle AFP volumes en lêers, terwyl potensiële kwesbaarhede uitgelig word.`
			`- afp-serverinfo: Dit bied gedetailleerde inligting oor die AFP bediener.`
			`- afp-showmount: Dit lys beskikbare AFP gedeeltes saam met hul onderskeie ACLs.`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
GitBook: [#3160] No subject 2022-05-01 13:25:53 +00:00			`### [Brute Force](../generic-methodologies-and-resources/brute-force.md#afp)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`{% hint style="success" %}`
			`Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[HackTricks Training AWS Red Team Expert (ARTE)](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\`
			`Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[HackTricks Training GCP Red Team Expert (GRTE)<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`<details>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`<summary>Support HackTricks</summary>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`* Check the [subscription plans](https://github.com/sponsors/carlospolop)!`
			`* Join the 💬 [Discord group](https://discord.gg/hRep4RUj7f) or the [telegram group](https://t.me/peass) or follow us on Twitter 🐦 [@hacktricks\_live](https://twitter.com/hacktricks\_live).`
			`* Share hacking tricks by submitting PRs to the [HackTricks](https://github.com/carlospolop/hacktricks) and [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) github repos.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`</details>`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`{% endhint %}`