AppSecLive.org

Get the Binary for Burp Suite

Go to the PortSwigger website and navigate to the download page. On the Downloads page, you'll see a links to .zip and .tar.gz version of Burp Suite. Grab either as Linux plays well with both formats. I grabbed burpsuite_v1.1.tar.gz which was the latest at the time of this writing.

Go ahead and extract the download into the working/temp directory:

 $ cp /home/mtesauro/owasp-live-cd/tools-in-SoC-release/burpsuite_v1.1.tar.gz temp/
 $ cd temp/
 $ tar -xzvf burpsuite_v1.1.tar.gz
 $ cd ../

Create the needed directories in fakeroot

Eventually, we'll use dir2lzm to make the module, so lets get the directories created that we need:

 $ mkdir -p ./fakeroot/opt/owasp/
 $ mkdir -p ./fakeroot/usr/bin
 $ mkdir -p ./fakeroot/usr/share/aplications
 $ mkdir -p ./fakeroot/usr/share/pixmaps

Create and put the module's files into the fakeroot directory

Since we are getting a pre-compiled binary, lets get the application file where it needs to go.

 mv temp/burpsuite_v1.1 fakeroot/opt/owasp/

Next, well need a script to start Burp Suite in fakeroot/usr/bin. This one is very easy:

 $ vi fakeroot/usr/bin/burpsuite
   [create script]
 $ cat fakeroot/usr/bin/burpsuite 
#!/bin/sh

cd /opt/owasp/burpsuite_v1.1
java -jar burpsuite_v1.1.jar

Creating Burp Suite's menu file is rather simple. Use a text editor and create the file burpsuite.desktop

 $ vi fakeroot/usr/share/applications/burpsuite.desktop
   [create the file]
 $ cat fakeroot/usr/share/applications/burpsuite.desktop 
[Desktop Entry]
Encoding=UTF-8
Exec=burpsuite
Icon=/usr/share/pixmaps/burpsuite-icon.png
Type=Application
Categories=Application;Network;
Name=Local Proxy
Name[cs]=Local Proxy
GenericName=Burp Suite
GenericName[cs]=Burp Suite
MimeType=text/html
X-KDE-StartupNotify=true

The icon was a bit interesting. I didn't get one with the download. I cheated and grabbed a screenshot from the the PortSwigger site. I then used Gimp to cut out the little face in the top left of the title bar of the application. I saved that as a 48x48 .png file called burpsuite-icon.png in the working/temp directory. I then moved that into fakeroot.

 cp ./temp/burpsuite-icon.png ./fakeroot/usr/share/pixmaps/

Burp requires Java. I've already created a Java module. I document how I did that in the making the Java Module page. [PAGE NOT MADE].

Everything is in place to create the modules, a quick final check:

find fakeroot
fakeroot/
fakeroot/opt
fakeroot/opt/owasp
fakeroot/opt/owasp/burpsuite_v1.1
fakeroot/opt/owasp/burpsuite_v1.1/IBurpExtender.html
 ...

Generate the .lzm module

This is the easy part.

 $ ./dir2lzm ./fakeroot burpsuite-1.1.lzm

Add the modules to the ISO build directory

Also cake

 $ cp -i burpsuite-1.1.lzm ../contents/slax/base/
 $ chmod 775 ../contents/slax/base/burpsuite-1.1.lzm

Test the new module

I like scp'ing the new modules into a running Live CD and using the Module Manager to Add modules to a running system. [PAGE NOT MADE] I typically have the Live CD running in a VM while I create modules so its already up and ready.

You can also gen a new ISO and run it in a VM of your choice.

 $ cd ../contents/slax/
$  ./make_iso.sh /home/mtesauro/isos/new-owasp.iso

If anything doesn't work as expected, make the changes needed to ./fakeroot and try again.

Clean up and archive

Once you've got a working module, lets clean up a bit.

 $ $ mkdir ./completed_modules/burpsuite
 $ mv burpsuite-1.1.lzm ./completed_modules/burpsuite/
 $ mv temp/burpsuite_v1.1.tar.gz ./completed_modules/burpsuite/
 $ mv temp/burpsuite-icon.png ./completed_modules/burpsuite/
 $ rm -rf ./temp/*

I usually delete anything under ./fakeroot also.

 $ rm -rf ./fakeroot/*