Burp community forum

start burp remotely with Remote procedure call (windows)

hong | Last updated: Dec 24, 2015 02:58AM UTC

Hi, We need to start burp on a windows server remotely using Remote procedure call. We also need the burp started with an extension loaded. Since we are not able to specify an extension on command line, we start burp locally, load the extension, and then exit. Hope burp will be started with extension loaded when we use Remote procedure call. when we pragmatically start burp from another system using remote procedure call, I can see a java process started. However, I believe the burp extension is NOT loaded by using Remote procedure call. We really need burp started remotely with extension loaded. Please help! Can you help us?

PortSwigger Agent | Last updated: Dec 24, 2015 10:25AM UTC

We are planning to provide command line options that will do what you want, at some point. In the meantime, you will need to manually run Burp on the *remote* machine, install your extension, and shut down. Then when Burp is launched remotely (provided it is the same user context), the configured extension should be reloaded.

Burp User | Last updated: Dec 24, 2015 03:30PM UTC

We use the same user/password to start burp locally and remotely. This is the test I did on the remote machine: (1) start burp locally, set interception on, exit. (2) start burp remotely, (see java process started running) (3) make request to port 8080, it hang. (5) kill java process (4) start burp locally, set interception off, exit. (5) start burp remotely, (6) make request to port 8080, it went through. The only thing starting burp remotely did NOT do, is that it did not load extension. Yes the "Automatically reload extensions on startup" is selected.

PortSwigger Agent | Last updated: Dec 24, 2015 07:27PM UTC

Extensions are configured with a path to the extension executable. Normally, this will be a local file path on the machine on which the extension is configured in Burp. In your situation, the remote machine won't find an extension executable at that path. If you do what I previously described, then things should work. A possible alternative would be to copy the extension executable to the same file path on the remote machine. That might work too.

Burp User | Last updated: Dec 24, 2015 09:49PM UTC

Problem solved. extension load failed because the file is saved on a mount point. Apparently that mount point is not accessible for that user context.

You need to Log in to post a reply. Or register here, for free.