Friday, May 18, 2012

From LOW to PWNED [9] Apple Filing Protocol (AFP)

Post [9] Apple Filing Protocol (AFP)

The Apple Filing Protocol (AFP) is a network protocol that offers file services for Mac OS X and original Mac OS. In Mac OS X, AFP is one of several file services supported including Server Message Block (SMB), Network File System (NFS), File Transfer Protocol (FTP), and WebDAV.

Lives on TCP port 548


What can I do with it?

  • Read access to files/folders (always fun)
  • Write access (sometimes)
  • Vuln scanners (duh)
  • Nmap scripts
    • afp-showmount
    • afp-serverinfo
    • afp-ls
    • afp-brute
    • afp-path-vuln (directory traversal exploit)
Nmap examples

Connecting to AFP servers

Super easy if you have a Mac
Linux you can use Afpfs-ng

Window? dunno. Don't think so...


1 comment:

Tom Mac said...

I see this every now and again on different tests. Buffallo SANs, Terrastations etc have it enabled sometimes, it might even be enabled by default,

Have you seen any good guides on setting up a test env. without any mac's or expensive sans?