burp-ui 0.0.5

Burp-UI is a web-ui for burp backup written in python with Flask and jQuery/Bootstrap

Build Status

Requirements

Please note that currently, Burp-UI must be running on the same server that runs the burp-server.

For LDAP authentication (optional), we need the simpleldap module that requires the following packages on Debian:

aptitude install libsasl2-dev libldap2-dev python-dev

Then we install the module itself:

pip install simpleldap

Installation

Burp-UI is written in Python with the Flask micro-framework. The easiest way to install Flask is to use pip.

On Debian, you can install pip with the following command:

aptitude install python-pip

Once pip is installed, you can install Burp-UI this way:

pip install burp-ui

You can setup various parameters in the burpui.cfg file. This file can be specified with the -c flag or should be present in /etc/burp/burpui.cfg. By default Burp-UI ships with a default file located in $BURPUIDIR/../share/burpui/etc/burpui.cfg.

Then you can run burp-ui: burp-ui

By default, burp-ui listens on all interfaces (including IPv6) on port 5000.

You can then point your browser to http://127.0.0.1:5000/

Instructions

In order to make the on the fly restoration/download functionality work, there you need to check a few things:

1. Provide the full path of the burp (client) binary file

2. Provide the full path of an empty directory where a temporary restoration will be made. This involves you have enough space left on that location on the server that runs Burp-UI

3. Launch Burp-UI with a user that can proceed restorations and that can write in the directory above

4. Make sure to configure a client on the server that runs Burp-UI that can restore files of other clients (option restore_client in burp-server configuration)

Notes

Please feel free to report any issues on my gitlab I have closed the github tracker to have a unique tracker system.

The multi-server mode is a Work In Progress, it is quite unstable yet. Use it only if you know what you are doing.

TODO

Here is a non-exhaustive list of things I’d like to add.

Also note that in the future, I’d like to write a burp-client GUI. But I didn’t think yet of what to do.

Changelog

• version 0.0.5:

  • Add multi-server support

  • fix bugs

• version 0.0.4:

  • Add the ability to download files directly from the web interface

• version 0.0.3:

  • Add authentication

• version 0.0.2:

  • Fix bugs

• version 0.0.1:

  • Initial release

Licenses

Burp-UI is released under the BSD 3-clause License.

But this project is built on top of other tools listed here:

• d3.js (BSD)

• nvd3.js (Apache)

• jQuery (MIT)

• jQuery-UI (MIT)

• fancytree (MIT)

• bootstrap (MIT)

• typeahead (MIT)

• bootswatch (MIT)

• Home-made favicon based on pictures from simsoncrazy

Also note that this project is made with the Awesome Flask micro-framework.

Thanks

Special Thanks to Graham Keeling for its great software! This project would not exist without Burp.