Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update base image, work with latest burp, and a few other improvements #14

Open
wants to merge 9 commits into
base: master
Choose a base branch
from
Open

Update base image, work with latest burp, and a few other improvements #14

wants to merge 9 commits into from

Conversation

intrudir
Copy link

I finally got this working in one shot on a brand new Debian 12 VM.

The biggest changes are:

  • Dockerfile now uses latest debian 12 base image
  • Installs Oracle JDK 21, can now use latest Burp jar
  • The symlinks from certbot will be wrong when they come out of the certbot container.
  • We need to copy the actual certificate files from the archive directory to burp/keys
  • give permissions for user/group 999 (burp user on the burp container) to the privkey file.
  • cleaned up and improved init.sh for readability, functionized a lot of the repeated code
  • make the cert renewal script fix the perms on the renewed privkey
  • a few other things im probably forgetting

TLDR; this run runs in one shot : ./init.sh :)

@intrudir
Update README to explain NS record requirement a bit better
1ea1007
@intrudir
add gitignore to ignore burp jars
38e9421
@intrudir
Improve init.sh
449f2cb 
 Docker needs sudo privs unless you add your user to the docker group. 

- Added a func to check if docker perms are good. 
- Asks user if they wanna add user to docker group
- improved script by using funcs instead of repeating code
@intrudir
Copy the certs dir over recursively.
c3cf6dc 
the original cp command was failing with ZSH. This shoudl do the same thing and work in all shells
@intrudir
Update certificaterenewal.sh
40ecaa2 
Moved chown cmd from run.sh to here to be able to use $DOMAIN var
@intrudir
Update run.sh
23c5394 
Move chown command to cert renewal script
@intrudir
Update Dockerfile
6a3c1f1 
Use latest Debian and the compatible Java for latest burp as of july 12 2024
@intrudir
Update init.sh
6d031fa 
After MANY MANY hours of troubleshooting....

the symlinks to the cert fies are wrong when they come from certbot container. 

This fixes them, applies the permissions so that only the burp user on the container can read the privkey file, and finally, FINALLY, burp collab runs

docker logs burp                                                                                             +
2024-07-12 23:33:29.092 : Using configuration file /opt/burp/conf/burp.config
2024-07-12 23:33:29.311 : Listening for SMTP on 0.0.0.0:8025
2024-07-12 23:33:29.312 : Listening for SMTP on 0.0.0.0:8587
2024-07-12 23:33:29.312 : Listening for HTTP on 0.0.0.0:9090
2024-07-12 23:33:29.312 : Listening for HTTP on 0.0.0.0:8080
2024-07-12 23:33:29.318 : Listening for DNS on 0.0.0.0:8053
2024-07-12 23:33:29.426 : Listening for SMTPS on 0.0.0.0:8465
2024-07-12 23:33:29.427 : Listening for HTTPS on 0.0.0.0:8443
2024-07-12 23:33:29.427 : Listening for HTTPS on 0.0.0.0:9443
@intrudir
Update README.md
97c6962 
Add UFW docker fix
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@intrudir