mirror of
https://github.com/carlospolop/hacktricks
synced 2024-11-22 20:53:37 +00:00
29 lines
1.2 KiB
Markdown
29 lines
1.2 KiB
Markdown
# 548 - Pentesting Apple Filing Protocol \(AFP\)
|
|
|
|
## Basic Information
|
|
|
|
The **Apple Filing Protocol** \(**AFP**\), formerly AppleTalk Filing Protocol, is a proprietary network protocol, and part of the **Apple File Service** \(**AFS**\), that offers file services for macOS and the classic Mac OS. In macOS, AFP is one of several file services supported**.** AFP currently supports Unicode file names, POSIX and access control list permissions, resource forks, named extended attributes, and advanced file locking. In Mac OS 9 and earlier, AFP was the primary protocol for file services.
|
|
|
|
**Default port:** 548
|
|
|
|
```text
|
|
PORT STATE SERVICE
|
|
548/tcp open afp
|
|
```
|
|
|
|
## Enumeration
|
|
|
|
```bash
|
|
msf> use auxiliary/scanner/afp/afp_server_info
|
|
nmap -sV --script "afp-* and not dos and not brute" -p <PORT> <IP>
|
|
```
|
|
|
|
| **Name** | **Description** |
|
|
| :--- | :--- |
|
|
| afp-ls | Lists available AFP volumes and files |
|
|
| afp-path-vuln | Lists all AFP volumes and files[a](https://learning.oreilly.com/library/view/network-security-assessment/9781491911044/ch15.html#ch15fn48) |
|
|
| afp-serverinfo | Displays AFP server information |
|
|
| afp-showmount | Lists available AFP shares and respective ACLs |
|
|
|
|
### [**Brute Force**](../brute-force.md#afp)\*\*\*\*
|
|
|