Cannot get burp-ui to work with burp 2.2.16 (is it supported?)
Hi,
I understand burp 2 is a moving target but I just wanted to know whether burp-ui 0.6.1 can work with burp 2.2.16? The immediate and obvious issue is that I cannot see any clients in the burp-ui GUI. I've tried running "bui-manage setup-burp" and it complains that the status_address is not available even though it appears to be open. Output as follows:
bui-manage output
[root@smon burp]# bui-manage setup-burp -h localhost -b /etc/burp/burp.conf -s /etc/burp/burp-server.conf
[2019-01-30 12:36:45,193] CRITICAL in burp2.__init__: Your burp version (2019-01-30 12:36:45 +0100: burp[12725] Connecting to localhost:4971
2019-01-30 12:36:45 +0100: burp[12725] auth ok
2019-01-30 12:36:45 +0100: burp[12725] Server version: 2.2.16
2019-01-30 12:36:45 +0100: burp[12725] nocsr ok
2019-01-30 12:36:45 +0100: burp[12725] SSL is using cipher: DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD
2019-01-30 12:36:45 +0100: burp[12725] extra_comms_begin ok:autoupgrade:incexc:orig_client:uname:counters_json:msg:forceproto=2:
2019-01-30 12:36:45 +0100: burp[12725] Server is forcing protocol 2
no backups
2019-01-30 12:36:45 +0100: burp[12725] List finished ok) does not fit the minimal requirements: burp-2.0.18
It looks like your burp server is not exposing it's status port in a way that is reachable by Burp-UI!
You may want to set the 'status_address' setting with either 'localhost', '::' or '0.0.0.0' in the /etc/burp/burp-server.conf file in order to make Burp-UI work
Open port information:
[root@smon lib]# netstat -lptu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:mysql 0.0.0.0:* LISTEN 6622/mysqld
tcp 0 0 0.0.0.0:4971 0.0.0.0:* LISTEN 12706/burp
tcp 0 0 localhost:4972 0.0.0.0:* LISTEN 12706/burp
tcp 0 0 0.0.0.0:sunrpc 0.0.0.0:* LISTEN 1/systemd
tcp 0 0 0.0.0.0:x11 0.0.0.0:* LISTEN 6796/X
burp-server.conf (snippet)
mode = server
listen = 0.0.0.0:4971
max_children = 5
listen_status = 127.0.0.1:4972
max_status_children = 15
Sysinfo
Python version: 2.7.5
Burp-UI version: 0.6.1 (stable)
OS: Linux:3.10.0-957.1.3.el7.x86_64 (posix)
Distribution: centos 7.6.1810 Core
Single mode: True
Backend version: 2
WebSocket embedded: False
WebSocket available: False
Config file: burpui.cfg
[root@smon burp]# systemctl status burp
● burp.service - Burp backup server
Loaded: loaded (/etc/systemd/system/burp.service; disabled; vendor preset: disabled)
Active: active (running) since Wed 2019-01-30 12:36:36 CET; 10min ago
Process: 12704 ExecStart=/usr/sbin/burp -c /etc/burp/burp-server.conf (code=exited, status=0/SUCCESS)
Main PID: 12706 (burp)
Tasks: 1
CGroup: /system.slice/burp.service
└─12706 /usr/sbin/burp -c /etc/burp/burp-server.conf
Jan 30 12:42:39 smon.tlse.fujitsu.fr burp[12706]: Child 1 available
Jan 30 12:42:39 smon.tlse.fujitsu.fr burp[12706]: forked child on 0.0.0.0:4971: 12869
Jan 30 12:42:39 smon.tlse.fujitsu.fr burp[12869]: auth ok for: bui
Jan 30 12:42:39 smon.tlse.fujitsu.fr burp[12869]: Client bui does not want a certificate signed
Jan 30 12:42:39 smon.tlse.fujitsu.fr burp[12869]: SSL is using cipher: DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD
Jan 30 12:42:39 smon.tlse.fujitsu.fr burp[12869]: Server is using protocol=2
Jan 30 12:42:39 smon.tlse.fujitsu.fr burp[12869]: Client supports being sent json counters.
Jan 30 12:42:39 smon.tlse.fujitsu.fr burp[12869]: exit child
Jan 30 12:42:39 smon.tlse.fujitsu.fr burp[12706]: pipe from child 5: end of data
Jan 30 12:42:39 smon.tlse.fujitsu.fr burp[12706]: pipe from child 5: disconnected fd 5
[root@smon burp]#
Thanks