# 548 - Pentesting Apple Filing Protocol \(AFP\)

## Basic Information

The **Apple Filing Protocol** \(**AFP**\), formerly AppleTalk Filing Protocol, is a proprietary network protocol, and part of the **Apple File Service** \(**AFS**\), that offers file services for macOS and the classic Mac OS. In macOS, AFP is one of several file services supported**.** AFP currently supports Unicode file names, POSIX and access control list permissions, resource forks, named extended attributes, and advanced file locking. In Mac OS 9 and earlier, AFP was the primary protocol for file services.

**Default port:** 548

```text
PORT    STATE SERVICE
548/tcp open  afp
```

## Enumeration

```bash
msf> use auxiliary/scanner/afp/afp_server_info
nmap -sV --script "afp-* and not dos and not brute" -p <PORT> <IP>
```

| **Name** | **Description** |
| :--- | :--- |
| afp-ls | Lists available AFP volumes and files |
| afp-path-vuln | Lists all AFP volumes and files[a](https://learning.oreilly.com/library/view/network-security-assessment/9781491911044/ch15.html#ch15fn48) |
| afp-serverinfo | Displays AFP server information |
| afp-showmount | Lists available AFP shares and respective ACLs |

### [**Brute Force**](../brute-force.md#afp)\*\*\*\*