Nmap afp-brute NSE Script


This page contains detailed information about how to use the afp-brute NSE script. For list of all NSE scripts, visit the Nmap NSE Library.

Select:
Overview
Error Messages

Script Overview

Script source code: https://github.com/nmap/nmap/tree/master/scripts/afp-brute.nse
Script categories: intrusive, brute
Target service / protocol: afp
Target network port(s): 548
List of CVEs: -

Script Description

The afp-brute.nse script performs password guessing against Apple Filing Protocol (AFP).

Afp-brute NSE Script Arguments

This is a full list of arguments supported by the afp-brute.nse script:

afp.password

The password to use for authentication.

afp.username

The username to use for authentication.

passdb

The filename of an alternate password database. Default: nselib/data/passwords.lst

unpwdb.passlimit

The maximum number of passwords passwords will return (default unlimited).

unpwdb.timelimit

The maximum amount of time that any iterator will run before stopping. The value is in seconds by default and you can follow it with ms, s, m, or h for milliseconds, seconds, minutes, or hours. For example, unpwdb.timelimit=30m or unpwdb.timelimit=.5h for 30 minutes. The default depends on the timing template level (see the module description). Use the value 0 to disable the time limit.

unpwdb.userlimit

The maximum number of usernames usernames will return (default unlimited).

userdb

The filename of an alternate username database. Default: nselib/data/usernames.lst

- - -
To use these script arguments, add them to the Nmap command line using the --script-args arg1=value,[arg2=value,..] syntax. For example:

nmap --script=afp-brute --script-args afp.password=value,afp.username=value <target>

Afp-brute NSE Script Example Usage

Here's an example of how to use the afp-brute.nse script:

nmap -p 548 --script afp-brute <host>

Afp-brute NSE Script Example Output

Here's a sample output from the afp-brute.nse script:

PORT    STATE SERVICE
548/tcp open  afp
| afp-brute:
|_  admin:KenSentMe => Valid credentials

Afp-brute NSE Script Example XML Output

There is no sample XML output for this module. However, by providing the -oX <file> option, Nmap will produce a XML output and save it in the file.xml file.

Author

  • Patrik Karlsson

References

See Also

Related NSE scripts to the afp-brute.nse script:

Visit Nmap NSE Library for more scripts.

The afp-brute.nse script may fail with the following error messages. Check for the possible causes by using the code snippets highlighted below found in the script source code. This can often times help in identifying the root cause of the problem.

OpenSession failed

Here is a relevant code snippet related to the "OpenSession failed" error message:

68:	
69:	        helper = afp.Helper:new()
70:	        status, response = helper:OpenSession( host, port )
71:	
72:	        if ( not(status) ) then
73:	          stdnse.debug1("OpenSession failed")
74:	          return
75:	        end
76:	
77:	
78:	        stdnse.debug1("Trying %s/%s ...", username, password)

Version

This page has been created based on Nmap version 7.92.

Go back to menu.