github-starred/burp-ui
2
0
Fork 0
mirror of https://github.com/ziirish/burp-ui.git synced 2026-05-15 06:05:58 -06:00
Code Issues 1 Projects Packages Wiki Activity Actions
burp-ui/docs/step-by-step.rst
ziirish 02321bee1f
rework documentation
2019-07-16 19:15:38 +02:00

290 lines
7.3 KiB
ReStructuredText
Raw Permalink Blame History

Step By Step
============
Although `Burp-UI`_ tries to make `Burp`_ accessible to everyone, both products
have their complexity.
In this *Step by Step*, I would like to introduce you different use-cases with
their associated configurations, descriptions and comments.
In every case, we will consider neither `Burp`_ or `Burp-UI`_ are installed and
describe the steps to setup your server from Scratch.
.. note::
Again, this part of the doc is mostly debian-centric. If some users are
willing to adapt these examples with other distros I would be very thankful.
1. `Burp1 server`_ with `Burp-UI`_
2. `Burp2 server`_ with `Burp-UI`_
Burp1 server
------------
In this scenario, we are going to install a `Burp`_ server version 1.4.40 which
is the current stable version. We assume you are using the user *root* to run
the following commands.
We begin with the installation of `Burp`_ itself.
First, we need some system requirements in order to compile `Burp`_ and to
install `Burp-UI`_:
::
apt-get update
apt-get install uthash-dev g++ make libssl-dev librsync-dev python2.7-dev \
git python-pip libffi-dev
Now we retrieve the `Burp`_ sources and then we compile and install it:
::
cd /usr/src
git clone https://github.com/grke/burp.git
cd burp
git checkout tags/1.4.40
./configure --disable-ipv6
make
make install
# we also install init scripts
cp debian/init /etc/init.d/burp
cat >/etc/default/burp<<EOF
RUN="yes"
DAEMON_ARGS="-c /etc/burp/burp-server.conf"
EOF
chmod +x /etc/init.d/burp
update-rc.d burp defaults
It is now time to install `Burp-UI`_:
::
pip install --upgrade burp-ui
Now that everything is installed, let's configure our tools!
In order to perform online restorations, `Burp-UI`_ relies on a classical
`Burp`_ client.
We need to define our client, and we also need to allow it to perform
restorations for other clients. We will set it up globally. Our client will be
named *bui*:
::
# burp-ui client's definition
cat >/etc/burp/clientconfdir/bui<<EOF
password = abcdefgh
EOF
# grant our client to perform restorations for others
echo "restore_client = bui" >>/etc/burp/burp-server.conf
# now we generate ou client configuration
cat >/etc/burp/burp.conf<<EOF
mode = client
port = 4971
server = 127.0.0.1
password = abcdefgh
cname = bui
pidfile = /var/run/burp.bui.pid
syslog = 0
stdout = 1
progress_counter = 1
ca_burp_ca = /usr/sbin/burp_ca
ca_csr_dir = /etc/burp/CA-client
# SSL certificate authority - same file on both server and client
ssl_cert_ca = /etc/burp/ssl_cert_ca-client.pem
# Client SSL certificate
ssl_cert = /etc/burp/ssl_cert-client.pem
# Client SSL key
ssl_key = /etc/burp/ssl_cert-client.key
# SSL key password
ssl_key_password = password
# Common name in the certificate that the server gives us
ssl_peer_cn = burpserver
# The following options specify exactly what to backup.
include = /home
EOF
Our `Burp`_ server is now set up, we can start it:
::
/etc/init.d/burp start
Now we can configure `Burp-UI`_. The package comes with a default configuration.
We copy it at the right place:
::
cp /usr/local/share/burpui/etc/burpui.sample.cfg /etc/burp/burpui.cfg
We have to edit the default configuration in order to work with a `Burp`_-1
server:
::
sed -i "s/^backend = .*/backend = burp1/" /etc/burp/burpui.cfg
The default configuration is plug and play for this case, we just have to start
`Burp-UI`_:
::
burp-ui -- -h 0.0.0.0 -p 5000
Your server is now fully set-up, you can access `Burp-UI`_ by pointing your
browser to: http://server_ip:5000/
The default user / password is: admin / admin
For further customization, you can refer to the `usage`_ page of this
documentation.
Burp2 server
------------
In this scenario, we are going to install a `Burp`_ server version 2.0.54.
We assume you are using the user *root* to run the following commands.
We begin with the installation of `Burp`_ itself.
First, we need some system requirements in order to compile `Burp`_ and to
install `Burp-UI`_:
::
apt-get update
apt-get install uthash-dev g++ make libssl-dev librsync-dev python2.7-dev \
git python-pip libffi-dev libyajl-dev libz-dev
Now we retrieve the `Burp`_ sources and then we compile and install it:
.. note:: There are now plenty of official and unofficial burp packages. See
`here <https://github.com/grke/burp/wiki/Binary-packages>`_ for
details.
::
cd /usr/src
git clone https://github.com/grke/burp.git
cd burp
git checkout tags/2.2.18
./configure --prefix=/usr --sysconfdir=/etc/burp --localstatedir=/var
make
make install
# we also install init scripts
cp debian/init /etc/init.d/burp
cat >/etc/default/burp<<EOF
RUN="yes"
DAEMON_ARGS="-c /etc/burp/burp-server.conf"
EOF
chmod +x /etc/init.d/burp
update-rc.d burp defaults
It is now time to install `Burp-UI`_:
::
pip install --upgrade burp-ui
Now that everything is installed, let's configure our tools!
In order to perform online restorations, `Burp-UI`_ relies on a classical
`Burp`_ client.
We need to define our client, and we also need to allow it to perform
restorations for other clients. We will set it up globally. Our client will be
named *bui*:
::
# burp-ui client's definition
cat >/etc/burp/clientconfdir/bui<<EOF
password = abcdefgh
EOF
# grant our client to perform restorations for others
echo "restore_client = bui" >>/etc/burp/burp-server.conf
# Burp 2 is able to cache the manifests for better performances
echo "monitor_browse_cache = 1" >>/etc/burp/burp-server.conf
# now we generate ou client configuration
cat >/etc/burp/burp.conf<<EOF
mode = client
port = 4971
status_port = 4972
server = ::1
password = abcdefgh
cname = bui
pidfile = /var/run/burp.bui.pid
syslog = 0
stdout = 1
progress_counter = 1
network_timeout = 72000
ca_burp_ca = /usr/sbin/burp_ca
ca_csr_dir = /etc/burp/CA-client
# SSL certificate authority - same file on both server and client
ssl_cert_ca = /etc/burp/ssl_cert_ca-client.pem
# Client SSL certificate
ssl_cert = /etc/burp/ssl_cert-client.pem
# Client SSL key
ssl_key = /etc/burp/ssl_cert-client.key
# SSL key password
ssl_key_password = password
# Common name in the certificate that the server gives us
ssl_peer_cn = burpserver
# The following options specify exactly what to backup.
include = /home
EOF
Our `Burp`_ server is now set up, we can start it:
::
/etc/init.d/burp start
Now we can configure `Burp-UI`_. The package comes with a default configuration.
We copy it at the right place:
::
cp /usr/local/share/burpui/etc/burpui.sample.cfg /etc/burp/burpui.cfg
That's it, the other default parameter should be able to handle such a setup.
We can start `Burp-UI`_:
::
burp-ui -- -h 0.0.0.0 -p 5000
Your server is now fully set-up, you can access `Burp-UI`_ by pointing your
browser to: http://server_ip:5000/
The default user / password is: admin / admin
For further customization, you can refer to the `usage`_ page of this
documentation.
.. _Burp-UI: https://git.ziirish.me/ziirish/burp-ui
.. _Burp: http://burp.grke.net/
.. _usage: advanced_usage.html
Reference in a new issue View git blame Copy permalink