Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
rapid7
GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/modules/auxiliary/scanner/afp/afp_server_info.rb
19500 views
1
##

2
# This module requires Metasploit: https://metasploit.com/download

3
# Current source: https://github.com/rapid7/metasploit-framework

4
##

5


6
require 'English'

7
class MetasploitModule < Msf::Auxiliary

8
  include Msf::Auxiliary::Report

9
  include Msf::Auxiliary::Scanner

10
  include Msf::Exploit::Remote::AFP

11


12
  def initialize(info = {})

13
    super(

14
      update_info(

15
        info,

16
        'Name' => 'Apple Filing Protocol Info Enumerator',

17
        'Description' => %q{

18
          This module fetches AFP server information, including server name,

19
          network address, supported AFP versions, signature, machine type,

20
          and server flags.

21
        },

22
        'References' => [

23
          [ 'URL', 'https://web.archive.org/web/20130309051753/https://developer.apple.com/library/mac/#documentation/Networking/Reference/AFP_Reference/Reference/reference.html' ]

24
        ],

25
        'Author' => [ 'Gregory Man <man.gregory[at]gmail.com>' ],

26
        'License' => MSF_LICENSE,

27
        'Notes' => {

28
          'Stability' => [CRASH_SAFE],

29
          'SideEffects' => [],

30
          'Reliability' => []

31
        }

32
      )

33
    )

34
  end

35


36
  def run_host(ip)

37
    print_status("AFP #{ip} Scanning...")

38
    connect

39
    response = get_info

40
    report(response)

41
  rescue ::Timeout::Error => e

42
    vprint_error(e.message)

43
  rescue ::Rex::ConnectionError, ::IOError, ::Errno::ECONNRESET, ::Errno::ENOPROTOOPT => e

44
    vprint_error(e.message)

45
  rescue ::Interrupt

46
    raise $ERROR_INFO

47
  rescue StandardError

48
    print_error("AFP #{rhost}:#{rport} #{$ERROR_INFO.class} #{$ERROR_INFO}")

49
    raise $ERROR_INFO

50
  ensure

51
    disconnect

52
  end

53


54
  def report(response)

55
    report_info = "AFP #{rhost}:#{rport} Server Name: #{response[:server_name]} \n" \

56
                  "AFP #{rhost}:#{rport}  Server Flags: \n" +

57
                  format_flags_report(response[:server_flags]) +

58
                  "AFP #{rhost}:#{rport}  Machine Type: #{response[:machine_type]} \n" \

59
                  "AFP #{rhost}:#{rport}  AFP Versions: #{response[:versions].join(', ')} \n" \

60
                  "AFP #{rhost}:#{rport}  UAMs: #{response[:uams].join(', ')}\n" \

61
                  "AFP #{rhost}:#{rport}  Server Signature: #{response[:signature]}\n" \

62
                  "AFP #{rhost}:#{rport}  Server Network Address: \n" +

63
                  format_addresses_report(response[:network_addresses]) +

64
                  "AFP #{rhost}:#{rport}   UTF8 Server Name: #{response[:utf8_server_name]}"

65


66
    lines = "AFP #{rhost}:#{rport}:#{rport} AFP:\n#{report_info}"

67


68
    lines.split(/\n/).each do |line|

69
      print_status(line)

70
    end

71


72
    report_note(

73
      host: datastore['RHOST'],

74
      proto: 'tcp',

75
      port: datastore['RPORT'],

76
      type: 'afp_server_info',

77
      data: { server_info: response }

78
    )

79


80
    report_service(

81
      host: datastore['RHOST'],

82
      port: datastore['RPORT'],

83
      proto: 'tcp',

84
      name: 'afp',

85
      info: "AFP name: #{response[:utf8_server_name]}, Versions: #{response[:versions].join(', ')}"

86
    )

87
  end

88


89
  def format_flags_report(parsed_flags)

90
    report = ''

91
    parsed_flags.each do |flag, val|

92
      report << "AFP #{rhost}:#{rport}     *  #{flag}: #{val} \n"

93
    end

94
    return report

95
  end

96


97
  def format_addresses_report(parsed_network_addresses)

98
    report = ''

99
    parsed_network_addresses.each do |val|

100
      report << "AFP #{rhost}:#{rport}     *  #{val} \n"

101
    end

102
    return report

103
  end

104
end

105


106