Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Export Burp dynamic generated certs to disk using python extension

GUILHERME | Last updated: May 11, 2023 04:11PM UTC

I am trying to export the auto generated certs from Burp to disk, by developing a Python extension. I found some similar messages from other folks in past, the goal is same, be able to use burp and WireShark for SSL decryption at same time. Since we need to cert/private key to use Wireshark decryption and Burp don't expose this info, I'm trying to find an object that contains the cert info to be able to dump it to disk. Fiddler (different tool) save each dynamic cert generated in Windows Certificate Store, so much easier to export and use in Wireshark. The question is, is there any example of callbacks that return object that have certificate info including private key? If so which one ? I found a great article with some working samples from blog, trying to explore all objects by enumerating properties, but not able to find cert stuff so far.

Hannah, PortSwigger Agent | Last updated: May 12, 2023 09:18AM UTC

Hi Are you trying to put WireShark between your browser and Burp or between Burp and the server?

GUILHERME | Last updated: May 16, 2023 02:33AM UTC

Burp is configured as system proxy and working perfectly. In addition I would like to capture a parallel wireshark and be able to use the certs that burp generate to decrypt the traffic. Using Fiddler it saves the dynamic certs to Windows Store, so its easy to export and use in WireShark. Since BURP its not saving in Windows Store and I don't have access to it, I'm trying to write a burp extension to save certs to disk, but not able to find an object that contains the certs. Thanks

Hannah, PortSwigger Agent | Last updated: May 17, 2023 03:52PM UTC

Hi You won't be able to do this with an extension. If you'd like to capture the decrypted traffic from Burp with Wireshark, then you will need to follow the documentation here: https://wiki.wireshark.org/TLS#using-the-pre-master-secret:~:text=this%20post.-,For%20Java%20programs,-%2C%20secrets%20can%20be As mentioned in the linked tools, you can attach a Java agent to Burp, and follow the steps given. For documentation on launching Burp from the command line, you can find this here: https://portswigger.net/burp/documentation/desktop/getting-started/launch-from-command-line

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.