diff --git a/share/burpui/etc/buiagent.sample.cfg b/share/burpui/etc/buiagent.sample.cfg index af15330d..bedbc4ef 100644 --- a/share/burpui/etc/buiagent.sample.cfg +++ b/share/burpui/etc/buiagent.sample.cfg @@ -1,20 +1,23 @@ +# Burp-UI agent configuration file +# @version@ - 0.3.0.dev +# @release@ - devel [Global] # On which port is the application listening -port: 10000 +port = 10000 # On which address is the application listening # '::' is the default for all IPv6 # set it to '0.0.0.0' if you want to listen on all IPv4 addresses -bind: :: +bind = :: # enable SSL -ssl: true +ssl = true # ssl cert -sslcert: /etc/burp/ssl_cert-server.pem +sslcert = /etc/burp/ssl_cert-server.pem # ssl key -sslkey: /etc/burp/ssl_cert-server.key +sslkey = /etc/burp/ssl_cert-server.key # burp server version 1 or 2 -version: 1 +version = 1 # agent password -password: password +password = password [Security] ## This section contains some security options. Make sure you understand the @@ -24,12 +27,12 @@ password: password # can lead to accessing sensible files. Defaults to '/etc/burp'. # Note: you can have several paths separated by comas. # Example: /etc/burp,/etc/burp.d -includes: /etc/burp +includes = /etc/burp # if files already included in config do not respect the above restriction, we # prune them -enforce: false +enforce = false # enable certificates revocation -revoke: false +revoke = false [Experimental] ## This section contains some experimental features that have not been deeply @@ -37,36 +40,36 @@ revoke: false # enable zip64 feature. Python doc says: # « ZIP64 extensions are disabled by default because the default zip and unzip # commands on Unix (the InfoZIP utilities) don’t support these extensions. » -zip64: false +zip64 = false ## burp1 backend specific options #[Burp1] ## burp status address (can only be '127.0.0.1' or '::1') -#bhost: 127.0.0.1 +#bhost = 127.0.0.1 ## burp status port -#bport: 4972 +#bport = 4972 ## burp binary -#burpbin: /usr/sbin/burp +#burpbin = /usr/sbin/burp ## vss_strip binary -#stripbin: /usr/sbin/vss_strip +#stripbin = /usr/sbin/vss_strip ## burp client configuration file used for the restoration (Default: None) -#bconfcli: /etc/burp/burp.conf +#bconfcli = /etc/burp/burp.conf ## burp server configuration file used for the setting page -#bconfsrv: /etc/burp/burp-server.conf +#bconfsrv = /etc/burp/burp-server.conf ## temporary directory to use for restoration -#tmpdir: /tmp/bui +#tmpdir = /tmp/bui ## burp2 backend specific options #[Burp2] ## burp binary -#burpbin: /usr/sbin/burp +#burpbin = /usr/sbin/burp ## vss_strip binary -#stripbin: /usr/sbin/vss_strip +#stripbin = /usr/sbin/vss_strip ## burp client configuration file used for the restoration (Default: None) -#bconfcli: /etc/burp/burp.conf +#bconfcli = /etc/burp/burp.conf ## burp server configuration file used for the setting page -#bconfsrv: /etc/burp/burp-server.conf +#bconfsrv = /etc/burp/burp-server.conf ## temporary directory to use for restoration -#tmpdir: /tmp/bui +#tmpdir = /tmp/bui ## how many time to wait for the monitor to answer (in seconds) -#timeout: 15 +#timeout = 15 diff --git a/share/burpui/etc/burpui.sample.cfg b/share/burpui/etc/burpui.sample.cfg index 975083ed..087095e7 100644 --- a/share/burpui/etc/burpui.sample.cfg +++ b/share/burpui/etc/burpui.sample.cfg @@ -1,51 +1,54 @@ +# Burp-UI configuration file +# @version@ - 0.3.0.dev +# @release@ - devel [Global] # On which port is the application listening -port: 5000 +port = 5000 # On which address is the application listening # '::' is the default for all IPv6 # set it to '0.0.0.0' if you want to listen on all IPv4 addresses -bind: :: +bind = :: # enable SSL -ssl: false +ssl = false # ssl cert -sslcert: /etc/burp/ssl_cert-server.pem +sslcert = /etc/burp/ssl_cert-server.pem # ssl key -sslkey: /etc/burp/ssl_cert-server.key +sslkey = /etc/burp/ssl_cert-server.key # burp server version 1 or 2 -version: 1 +version = 1 # Handle multiple bui-servers or not # If set to 'false', you will need to declare at least one 'Agent' section (see # bellow) -standalone: true +standalone = true # authentication plugin (mandatory) # list the misc/auth directory to see the available backends -# to disable authentication you can set "auth: none" -# you can also chain multiple backends. Example: "auth: ldap,basic" +# to disable authentication you can set "auth = none" +# you can also chain multiple backends. Example: "auth = ldap,basic" # the order will be respected unless you manually set a higher backend priority -auth: basic +auth = basic # acl plugin # list misc/acl directory to see the available backends # default is no ACL -acl: basic +acl = basic # You can change the prefix if you are behind a reverse-proxy under a custom # root path. For example: /burpui # You can also configure your reverse-proxy to announce the prefix through the # 'X-Script-Name' header. In this case, the bellow prefix will be ignored in # favour of the one announced by your reverse-proxy -prefix: none +prefix = none [UI] # refresh interval of the pages in seconds -refresh: 180 +refresh = 180 # refresh interval of the live-monitoring page in seconds -liverefresh: 5 +liverefresh = 5 [Production] # storage backend (only used with gunicorn) for session and cache # may be either 'default' or 'redis' -storage: default +storage = default # redis server to connect to -redis: localhost:6379 +redis = localhost:6379 [Security] ## This section contains some security options. Make sure you understand the @@ -55,23 +58,23 @@ redis: localhost:6379 # can lead to accessing sensible files. Defaults to '/etc/burp'. # Note: you can have several paths separated by comas. # Example: /etc/burp,/etc/burp.d -includes: /etc/burp +includes = /etc/burp # if files already included in config do not respect the above restriction, we # prune them -enforce: false +enforce = false # enable certificates revocation -revoke: false +revoke = false # remember_cookie duration in days -cookietime: 14 +cookietime = 14 # whether to use a secure cookie for https or not. If set to false, cookies # won't have the 'secure' flag. # This setting is only useful when HTTPS is detected -scookie: false +scookie = false # application secret to secure cookies. If you don't set anything, the default # value is 'random' which will generate a new secret after every restart of your # application. You can also set it to 'none' although this is not recommended. # /!\ YOU CANNOT USE THE MAGIC 'random' VALUE WHEN USING GUNICORN /!\ -appsecret: random +appsecret = random [Experimental] ## This section contains some experimental features that have not been deeply @@ -79,88 +82,88 @@ appsecret: random # enable zip64 feature. Python doc says: # « ZIP64 extensions are disabled by default because the default zip and unzip # commands on Unix (the InfoZIP utilities) don’t support these extensions. » -zip64: false +zip64 = false ## burp1 backend specific options #[Burp1] ## burp status address (can only be '127.0.0.1' or '::1') -#bhost: ::1 +#bhost = ::1 ## burp status port -#bport: 4972 +#bport = 4972 ## burp binary -#burpbin: /usr/sbin/burp +#burpbin = /usr/sbin/burp ## vss_strip binary -#stripbin: /usr/sbin/vss_strip +#stripbin = /usr/sbin/vss_strip ## burp client configuration file used for the restoration (Default: None) -#bconfcli: /etc/burp/burp.conf +#bconfcli = /etc/burp/burp.conf ## burp server configuration file used for the setting page -#bconfsrv: /etc/burp/burp-server.conf +#bconfsrv = /etc/burp/burp-server.conf ## temporary directory to use for restoration -#tmpdir: /tmp/bui +#tmpdir = /tmp/bui ## burp2 backend specific options #[Burp2] ## burp binary -#burpbin: /usr/sbin/burp +#burpbin = /usr/sbin/burp ## vss_strip binary -#stripbin: /usr/sbin/vss_strip +#stripbin = /usr/sbin/vss_strip ## burp client configuration file used for the restoration (Default: None) -#bconfcli: /etc/burp/burp.conf +#bconfcli = /etc/burp/burp.conf ## burp server configuration file used for the setting page -#bconfsrv: /etc/burp/burp-server.conf +#bconfsrv = /etc/burp/burp-server.conf ## temporary directory to use for restoration -#tmpdir: /tmp/bui +#tmpdir = /tmp/bui ## how many time to wait for the monitor to answer (in seconds) -#timeout: 15 +#timeout = 15 ## ldapauth specific options #[LDAP] ## Backend priority. Higher is first -#priority: 1 +#priority = 1 ## LDAP host -#host: 127.0.0.1 +#host = 127.0.0.1 ## LDAP port -#port: 389 +#port = 389 ## Encryption type to LDAP server (none, ssl or tls) ## - try tls if unsure, otherwise ssl on port 636 -#encryption: ssl +#encryption = ssl ## specifies if the server certificate must be validated, values can be: ## - none (certificates are ignored) ## - optional (not required, but validated if provided) ## - required (required and validated) -#validate: none +#validate = none ## SSL or TLS version to use, can be one of the following: ## - SSLv2 ## - SSLv3 ## - SSLv23 ## - TLSv1 ## - TLSv1_1 (Available only with openssl version 1.0.1+, requires python 2.7.9 or higher) -#version: TLSv1 +#version = TLSv1 ## the file containing the certificates of the certification authorities -#cafile: none +#cafile = none ## Attribute to use when searching the LDAP repository -##searchattr: sAMAccountName -#searchattr: uid +##searchattr = sAMAccountName +#searchattr = uid ## LDAP filter to find users in the LDAP repository ## - {0} will be replaced by the search attribute ## - {1} will be replaced by the login name -##filter: (&({0}={1})(burpui=1)) -##filter: (&({0}={1})(|(userAccountControl=512)(userAccountControl=66048))) +##filter = (&({0}={1})(burpui=1)) +##filter = (&({0}={1})(|(userAccountControl=512)(userAccountControl=66048))) ## LDAP base -#base: ou=users,dc=example,dc=com +#base = ou=users,dc=example,dc=com ## Binddn to list existing users -#binddn: cn=admin,dc=example,dc=com +#binddn = cn=admin,dc=example,dc=com ## Bindpw to list existing users -#bindpw: Sup3rS3cr3tPa$$w0rd +#bindpw = Sup3rS3cr3tPa$$w0rd ## basicauth specific options ## Note: in case you leave this section commented, the default login/password ## is admin/admin #[BASIC] ## Backend priority. Higher is first -#priority: 2 -#admin: password -#user1: otherpassword +#priority = 2 +#admin = password +#user1 = otherpassword ## basicacl specific options ## Note: in case you leave this section commented, the user 'admin' will have @@ -169,32 +172,32 @@ zip64: false #[BASIC:ACL] ## Please note the double-quote around the username on the admin line are ## mandatory! -#admin: ["user1","user2"] +#admin = '["user1", "user2"]' ## You can also overwrite the default behavior by specifying which clients a ## user can access -#user3: ["client4", "client5"] +#user3 = '["client4", "client5"]' ## In case you are not in a standalone mode, you can also specify which clients ## a user can access on a specific Agent -#user4: {"agent1": ["client6", "client7"], "agent2": ["client8"]} +#user4 = '{"agent2": ["client8"], "agent1": ["client6", "client7"]}' ## If you set standalone to 'false', add at least one section like this per ## bui-agent #[Agent:agent1] ## bui-agent address -#host: 192.168.1.1 +#host = 192.168.1.1 ## bui-agent port -#port: 10000 +#port = 10000 ## bui-agent password -#password: azerty +#password = azerty ## enable SSL -#ssl: true +#ssl = true #[Agent:agent2] ## bui-agent address -#host: 192.168.2.1 +#host = 192.168.2.1 ## bui-agent port -#port: 10000 +#port = 10000 ## bui-agent password -#password: ytreza +#password = ytreza ## enable SSL -#ssl: true +#ssl = true diff --git a/test/test2.cfg b/test/test2.cfg index 8370aea6..3a8601d9 100644 --- a/test/test2.cfg +++ b/test/test2.cfg @@ -1,48 +1,53 @@ +# Burp-UI configuration file +# @version@ - 0.3.0.dev +# @release@ - devel [Global] # On which port is the application listening -port: 5001 +port = 5001 # On which address is the application listening # '::' is the default for all IPv6 -bind: :: +bind = :: # enable SSL -ssl: false +ssl = false # ssl cert -sslcert: /etc/burp/ssl_cert-server.pem +sslcert = /etc/burp/ssl_cert-server.pem # ssl key -sslkey: /etc/burp/ssl_cert-server.key +sslkey = /etc/burp/ssl_cert-server.key # burp server version (currently only burp 1.x is implemented) -version: 1 +version = 1 # Handle multiple bui-servers or not # If set to 'false', you will need to declare at least one 'Agent' section (see # bellow) -standalone: true +standalone = true # authentication plugin (mandatory) # list the misc/auth directory to see the available backends # to disable authentication you can set "auth: none" -auth: basic +auth = basic [UI] # refresh interval of the pages in seconds -refresh: 15 +refresh = 15 # burp1 backend specific options [Burp1] # burp status address (can only be '127.0.0.1' or '::1' -bhost: 127.0.0.1 +bhost = 127.0.0.1 # burp status port -bport: 9999 +bport = 9999 # burp binary -burpbin: /dev/null +burpbin = /dev/null # vss_strip binary -stripbin: /dev/null +stripbin = /dev/null # temporary dir for the on the fly restoration -tmpdir: /dev/null +tmpdir = /dev/null # burp client configuration file used for the restoration (Default: None) -bconfcli: /dev/null +bconfcli = /dev/null # burp server configuration file used for the setting page -bconfsrv: /dev/null +bconfsrv = /dev/null +# Please DO NOT touch the following line +# @salted@ [BASIC] -priority: toto -toto: titi -admin: admin +priority = toto +toto = pbkdf2:sha1:1000$HT0gMoYz$7540515e58f4ba54305664275a14ca5281c5d465 +admin = pbkdf2:sha1:1000$Dgq3Nimi$5befb4cf4c3a7da2549679732908df5f0298b016 diff --git a/test/test4.cfg b/test/test4.cfg index 8349d266..130a677c 100644 --- a/test/test4.cfg +++ b/test/test4.cfg @@ -1,47 +1,52 @@ +# Burp-UI configuration file +# @version@ - 0.3.0.dev +# @release@ - devel [Global] # On which port is the application listening -port: 5001 +port = 5001 # On which address is the application listening # '::' is the default for all IPv6 -bind: :: +bind = :: # enable SSL -ssl: false +ssl = false # ssl cert -sslcert: /etc/burp/ssl_cert-server.pem +sslcert = /etc/burp/ssl_cert-server.pem # ssl key -sslkey: /etc/burp/ssl_cert-server.key +sslkey = /etc/burp/ssl_cert-server.key # burp server version (currently only burp 1.x is implemented) -version: 1 +version = 1 # Handle multiple bui-servers or not # If set to 'false', you will need to declare at least one 'Agent' section (see # bellow) -standalone: true +standalone = true # authentication plugin (mandatory) # list the misc/auth directory to see the available backends # to disable authentication you can set "auth: none" -auth: basic +auth = basic [UI] # refresh interval of the pages in seconds -refresh: 15 +refresh = 15 # burp1 backend specific options [Burp1] # burp status address (can only be '127.0.0.1' or '::1' -bhost: ::1 +bhost = ::1 # burp status port -bport: 5072 +bport = 5072 # burp binary -burpbin: /dev/null +burpbin = /dev/null # vss_strip binary -stripbin: /dev/null +stripbin = /dev/null # temporary dir for the on the fly restoration -tmpdir: /dev/null +tmpdir = /dev/null # burp client configuration file used for the restoration (Default: None) -bconfcli: /dev/null +bconfcli = /dev/null # burp server configuration file used for the setting page -bconfsrv: /dev/null +bconfsrv = /dev/null +# Please DO NOT touch the following line +# @salted@ [BASIC] -priority: 100 -admin: admin +priority = 100 +admin = pbkdf2:sha1:1000$CgUFdUCs$294cbaaba63ba59eb28e1a9a52263957478cd0e7 diff --git a/test/test6.cfg b/test/test6.cfg index e9538f09..72dca48b 100644 --- a/test/test6.cfg +++ b/test/test6.cfg @@ -1,55 +1,60 @@ +# Burp-UI configuration file +# @version@ - 0.3.0.dev +# @release@ - devel [Global] # On which port is the application listening -port: 5001 +port = 5001 # On which address is the application listening # '::' is the default for all IPv6 -bind: :: +bind = :: # enable SSL -ssl: false +ssl = false # ssl cert -sslcert: /etc/burp/ssl_cert-server.pem +sslcert = /etc/burp/ssl_cert-server.pem # ssl key -sslkey: /etc/burp/ssl_cert-server.key +sslkey = /etc/burp/ssl_cert-server.key # burp server version (currently only burp 1.x is implemented) -version: 1 +version = 1 # Handle multiple bui-servers or not # If set to 'false', you will need to declare at least one 'Agent' section (see # bellow) -standalone: true +standalone = true # authentication plugin (mandatory) # list the misc/auth directory to see the available backends # to disable authentication you can set "auth: none" -auth: basic +auth = basic # acl plugin # list misc/auth directory to see the available backends # default is no ACL -acl: basic +acl = basic [UI] # refresh interval of the pages in seconds -refresh: 15 +refresh = 15 # burp1 backend specific options [Burp1] # burp status address (can only be '127.0.0.1' or '::1' -bhost: 127.0.0.1 +bhost = 127.0.0.1 # burp status port -bport: 9999 +bport = 9999 # burp binary -burpbin: this-file-should-not-exist +burpbin = this-file-should-not-exist # vss_strip binary -stripbin: this-file-should-not-exist +stripbin = this-file-should-not-exist # temporary dir for the on the fly restoration -tmpdir: this-file-should-not-exist +tmpdir = this-file-should-not-exist # burp client configuration file used for the restoration (Default: None) -bconfcli: this-file-should-not-exist +bconfcli = this-file-should-not-exist # burp server configuration file used for the setting page -bconfsrv: this-file-should-not-exist +bconfsrv = this-file-should-not-exist +# Please DO NOT touch the following line +# @salted@ [BASIC] -admin: admin -user1: password +admin = pbkdf2:sha1:1000$6pirc0vT$f9a6fb8b190d1c511aa9495dc18abb3dbd990d8f +user1 = pbkdf2:sha1:1000$Qz7VdEqR$ecb2025e90516cb379c26d2e0a6b6e74cc6f8b9a [BASIC:ACL] -user1: ["client1", "client2"] -user2: {"agent1": ["client3"]} +user1 = '["client1", "client2"]' +user2 = {"agent1": ["client3"]} diff --git a/test/test7-1.cfg b/test/test7-1.cfg index 5bc5e906..83aa0040 100644 --- a/test/test7-1.cfg +++ b/test/test7-1.cfg @@ -1,56 +1,61 @@ +# Burp-UI configuration file +# @version@ - 0.3.0.dev +# @release@ - devel [Global] # On which port is the application listening -port: 5001 +port = 5001 # On which address is the application listening # '::' is the default for all IPv6 -bind: :: +bind = :: # enable SSL -ssl: false +ssl = false # ssl cert -sslcert: /etc/burp/ssl_cert-server.pem +sslcert = /etc/burp/ssl_cert-server.pem # ssl key -sslkey: /etc/burp/ssl_cert-server.key +sslkey = /etc/burp/ssl_cert-server.key # burp server version (currently only burp 1.x is implemented) -version: 1 +version = 1 # Handle multiple bui-servers or not # If set to 'false', you will need to declare at least one 'Agent' section (see # bellow) -standalone: true +standalone = true # authentication plugin (mandatory) # list the misc/auth directory to see the available backends # to disable authentication you can set "auth: none" -auth: basic +auth = basic # acl plugin # list misc/auth directory to see the available backends # default is no ACL -acl: basic +acl = basic [UI] # refresh interval of the pages in seconds -refresh: 15 +refresh = 15 # burp1 backend specific options [Burp1] # burp status address (can only be '127.0.0.1' or '::1' -bhost: 192.168.1.1 +bhost = 192.168.1.1 # burp status port -bport: 9999 +bport = 9999 # burp binary -burpbin: this-file-should-not-exist +burpbin = this-file-should-not-exist # vss_strip binary -stripbin: this file should not exist +stripbin = this file should not exist # temporary dir for the on the fly restoration -tmpdir: this-file-should-not-exist +tmpdir = this-file-should-not-exist # burp client configuration file used for the restoration (Default: None) -bconfcli: this-file-should-not-exist +bconfcli = this-file-should-not-exist # burp server configuration file used for the setting page -bconfsrv: this-file-should-not-exist +bconfsrv = this-file-should-not-exist +# Please DO NOT touch the following line +# @salted@ [BASIC] -admin: admin -user1: password +admin = pbkdf2:sha1:1000$x0FYnJ8G$9a060c5939492f92a1889aa1a87a9647c3ec7a58 +user1 = pbkdf2:sha1:1000$Iq2TSyBv$a6c22de68d387946195323f9130029085b9a3707 [BASIC:ACL] -admin: toto -user1: ["client1", "client2"] -user2: {"agent1": ["client3"]} +admin = toto +user1 = '["client1", "client2"]' +user2 = {"agent1": ["client3"]} diff --git a/test/test7-2.cfg b/test/test7-2.cfg index c1ae748e..17acac2c 100644 --- a/test/test7-2.cfg +++ b/test/test7-2.cfg @@ -1,56 +1,61 @@ +# Burp-UI configuration file +# @version@ - 0.3.0.dev +# @release@ - devel [Global] # On which port is the application listening -port: 5001 +port = 5001 # On which address is the application listening # '::' is the default for all IPv6 -bind: :: +bind = :: # enable SSL -ssl: false +ssl = false # ssl cert -sslcert: /etc/burp/ssl_cert-server.pem +sslcert = /etc/burp/ssl_cert-server.pem # ssl key -sslkey: /etc/burp/ssl_cert-server.key +sslkey = /etc/burp/ssl_cert-server.key # burp server version (currently only burp 1.x is implemented) -version: 1 +version = 1 # Handle multiple bui-servers or not # If set to 'false', you will need to declare at least one 'Agent' section (see # bellow) -standalone: true +standalone = true # authentication plugin (mandatory) # list the misc/auth directory to see the available backends # to disable authentication you can set "auth: none" -auth: basic +auth = basic # acl plugin # list misc/auth directory to see the available backends # default is no ACL -acl: basic +acl = basic [UI] # refresh interval of the pages in seconds -refresh: 15 +refresh = 15 # burp1 backend specific options [Burp1] # burp status address (can only be '127.0.0.1' or '::1' -#bhost: 127.0.0.1 +#bhost = 127.0.0.1 # burp status port -bport: 9999 +bport = 9999 # burp binary -burpbin: /this file-should-not-exist +burpbin = /this file-should-not-exist # vss_strip binary -stripbin: /this file-should-not-exist +stripbin = /this file-should-not-exist # temporary dir for the on the fly restoration -#tmpdir: this-file-should-not-exist +#tmpdir = this-file-should-not-exist # burp client configuration file used for the restoration (Default: None) -bconfcli: this-file-should-not-exist +bconfcli = this-file-should-not-exist # burp server configuration file used for the setting page -bconfsrv: this-file-should-not-exist +bconfsrv = this-file-should-not-exist +# Please DO NOT touch the following line +# @salted@ [BASIC] -admin: admin -user1: password +admin = pbkdf2:sha1:1000$NQcrMl1z$5687697aa1e2b4febe52741d50bd3265f3c7c99c +user1 = pbkdf2:sha1:1000$vGGwkyTV$7fb645b398a160eb860add362b3e79ae00ab5c86 [BASIC:ACL] -admin: ["fail] -user1: ["client1", "client2"] -user2: {"agent1": ["client3"] +admin = ["fail] +user1 = '["client1", "client2"]' +user2 = {"agent1": ["client3"] diff --git a/test/test7-3.cfg b/test/test7-3.cfg index b259269b..1a02465f 100644 --- a/test/test7-3.cfg +++ b/test/test7-3.cfg @@ -1,56 +1,59 @@ +# Burp-UI configuration file +# @version@ - 0.3.0.dev +# @release@ - devel [Global] # On which port is the application listening -port: 5001 +port = 5001 # On which address is the application listening # '::' is the default for all IPv6 -bind: :: +bind = :: # enable SSL -ssl: false +ssl = false # ssl cert -sslcert: /etc/burp/ssl_cert-server.pem +sslcert = /etc/burp/ssl_cert-server.pem # ssl key -sslkey: /etc/burp/ssl_cert-server.key +sslkey = /etc/burp/ssl_cert-server.key # burp server version (currently only burp 1.x is implemented) -version: 1 +version = 1 # Handle multiple bui-servers or not # If set to 'false', you will need to declare at least one 'Agent' section (see # bellow) -standalone: true +standalone = true # authentication plugin (mandatory) # list the misc/auth directory to see the available backends # to disable authentication you can set "auth: none" -auth: handler +auth = handler # acl plugin # list misc/auth directory to see the available backends # default is no ACL -acl: basic +acl = basic [UI] # refresh interval of the pages in seconds -refresh: 15 +refresh = 15 # burp1 backend specific options [Burp1] # burp status address (can only be '127.0.0.1' or '::1' -#bhost: 127.0.0.1 +#bhost = 127.0.0.1 # burp status port -bport: 9999 +bport = 9999 # burp binary -burpbin: /this file-should-not-exist +burpbin = /this file-should-not-exist # vss_strip binary -stripbin: /this file-should-not-exist +stripbin = /this file-should-not-exist # temporary dir for the on the fly restoration -#tmpdir: this-file-should-not-exist +#tmpdir = this-file-should-not-exist # burp client configuration file used for the restoration (Default: None) -bconfcli: this-file-should-not-exist +bconfcli = this-file-should-not-exist # burp server configuration file used for the setting page -bconfsrv: this-file-should-not-exist +bconfsrv = this-file-should-not-exist [BASIC] -admin: admin -user1: password +admin = admin +user1 = password [BASIC:ACL] -admin: ["fail] -user1: ["client1", "client2"] -user2: {"agent1": ["client3"] +admin = ["fail] +user1 = '["client1", "client2"]' +user2 = {"agent1": ["client3"] diff --git a/test/test_burpui.py b/test/test_burpui.py index cbb3c7e4..da0599aa 100755 --- a/test/test_burpui.py +++ b/test/test_burpui.py @@ -24,12 +24,12 @@ class BurpuiLiveTestCase(LiveServerTestCase): def create_app(self): conf = os.path.join(os.path.dirname(os.path.realpath(__file__)), '../share/burpui/etc/burpui.sample.cfg') bui = BUIinit(debug=12, gunicorn=False, unittest=True) + bui.setup(conf) bui.config['DEBUG'] = False bui.config['TESTING'] = True bui.config['LOGIN_DISABLED'] = True bui.config['LIVESERVER_PORT'] = 5001 bui.config['CFG'] = conf - bui.setup(conf) bui.login_manager.init_app(bui) return bui @@ -88,10 +88,10 @@ class BurpuiAPITestCase(TestCase): def create_app(self): conf = os.path.join(os.path.dirname(os.path.realpath(__file__)), 'test2.cfg') bui = BUIinit(gunicorn=False, unittest=True) + bui.setup(conf) bui.config['TESTING'] = True bui.config['LOGIN_DISABLED'] = True bui.config['CFG'] = conf - bui.setup(conf) bui.login_manager.init_app(bui) self.bui = bui return bui @@ -208,10 +208,10 @@ class BurpuiRoutesTestCase(TestCase): def create_app(self): conf = os.path.join(os.path.dirname(os.path.realpath(__file__)), 'test4.cfg') bui = BUIinit(conf, gunicorn=False, unittest=True) + bui.setup(conf) bui.config['TESTING'] = True bui.config['LOGIN_DISABLED'] = True bui.config['LIVESERVER_PORT'] = 5001 - bui.setup(conf) bui.config['SECRET_KEY'] = 'toto' bui.login_manager.init_app(bui) return bui @@ -289,7 +289,6 @@ class BurpuiACLTestCase(TestCase): bui.config['TESTING'] = True bui.config['LIVESERVER_PORT'] = 5001 bui.config['WTF_CSRF_ENABLED'] = False - bui.config['SECRET_KEY'] = 'toto' bui.cli.port = 9999 return bui