548 - Pentesting Apple Filing Protocol (AFP)

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

Basic Information

Apple Filing Protocol (AFP), zamani ikijulikana kama AppleTalk Filing Protocol, ni protokali maalum ya mtandao iliyojumuishwa ndani ya Apple File Service (AFS). Imeundwa kutoa huduma za faili kwa macOS na Mac OS ya jadi. AFP inajitofautisha kwa kuunga mkono majina ya faili ya Unicode, POSIX na ruhusa za orodha ya udhibiti wa ufikiaji, forks za rasilimali, sifa za ziada zenye majina, na mifumo ya kufunga faili ya kisasa. Ilikuwa protokali kuu ya huduma za faili katika Mac OS 9 na matoleo ya awali.

Default Port: 548

PORT    STATE SERVICE
548/tcp open  afp

Kuhesabu

Kwa kuhesabu huduma za AFP, amri na skripti zifuatazo ni muhimu:

msf> use auxiliary/scanner/afp/afp_server_info
nmap -sV --script "afp-* and not dos and not brute" -p <PORT> <IP>

Scripts and Their Descriptions:

afp-ls: Hii script inatumika kuorodhesha volumu na faili za AFP zinazopatikana.
afp-path-vuln: Inataja volumu na faili zote za AFP, ikionyesha uwezekano wa udhaifu.
afp-serverinfo: Hii inatoa maelezo ya kina kuhusu seva ya AFP.
afp-showmount: Inataja sehemu zinazopatikana za AFP pamoja na ACL zao husika.

Brute Force

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

Previous515 - Pentesting Line Printer Daemon (LPD)Next554,8554 - Pentesting RTSP

Last updated 4 months ago