Apple Filing Protocol (AFP) - PORT 548
Become VeryLazyTech member! π
Follow us on:
β Twitter @VeryLazyTech.
πΎ Github @VeryLazyTech.
π Medium @VeryLazyTech.
πΊ YouTube @VeryLazyTech.
π© Telegram @VeryLazyTech.
π΅οΈββοΈ My Site @VeryLazyTech.
Visit our shop for e-books and courses. π
Basic info
The Apple Filing Protocol (AFP), formerly known as AppleTalk Filing Protocol, is a proprietary network protocol developed by Apple Inc. It facilitates file services for macOS and classic Mac OS environments. AFP is renowned for its support of Unicode file names, POSIX and access control list (ACL) permissions, resource forks, named extended attributes, and advanced file locking mechanisms. Historically, it served as the primary protocol for file services in Mac OS 9 and earlier versions.
Default Port: 548/tcp
PORT STATE SERVICE
548/tcp open afp
Enumerating AFP Services
Effective enumeration is crucial in assessing AFP services. The following tools and scripts are instrumental in this process:
Metasploit Framework
Utilize the Metasploit auxiliary scanner module to gather AFP server information:
msf> use auxiliary/scanner/afp/afp_server_info
Nmap Scripting Engine (NSE)
Nmap offers specialized scripts for AFP enumeration:
nmap -sV --script "afp-*" -p 548 <target-ip>
Key Nmap AFP scripts include:
afp-ls: Lists available AFP volumes and files.
afp-path-vuln: Identifies potential path vulnerabilities within AFP shares.
afp-serverinfo: Retrieves detailed information about the AFP server.
afp-showmount: Displays available AFP shares along with their respective ACLs.
Brute force
nmap -p 548 --script afp-brute <IP>
msf> use auxiliary/scanner/afp/afp_login
msf> set BLANK_PASSWORDS true
msf> set USER_AS_PASS true
msf> set PASS_FILE <PATH_PASSWDS>
msf> set USER_FILE <PATH_USERS>
msf> run
Learn & practice For the Bug Bounty
Last updated
Was this helpful?