hacktricks/pentesting/584-pentesting-afp.md

28 lines
1.8 KiB
Markdown

# 548 - Pentesting Apple Filing Protocol (AFP)
## Basic Information
The **Apple Filing Protocol** (**AFP**), formerly AppleTalk Filing Protocol, is a proprietary network protocol, and part of the **Apple File Service** (**AFS**), that offers file services for macOS and the classic Mac OS. In macOS, AFP is one of several file services supported**. **AFP currently supports Unicode file names, POSIX and access control list permissions, resource forks, named extended attributes, and advanced file locking. In Mac OS 9 and earlier, AFP was the primary protocol for file services.
**Default port:** 548
```
PORT STATE SERVICE
548/tcp open afp
```
## Enumeration
```bash
msf> use auxiliary/scanner/afp/afp_server_info
nmap -sV --script "afp-* and not dos and not brute" -p <PORT> <IP>
```
| **Name** | **Description** |
| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------ |
| afp-ls | Lists available AFP volumes and files |
| afp-path-vuln | Lists all AFP volumes and files[a](https://learning.oreilly.com/library/view/network-security-assessment/9781491911044/ch15.html#ch15fn48) |
| afp-serverinfo | Displays AFP server information |
| afp-showmount | Lists available AFP shares and respective ACLs |
### [**Brute Force**](../brute-force.md#afp)****