Backend¶

Here is the backend interface definition in order to implement a new backend.

class burpui.misc.backend.interface.BUIbackend(server=None, conf=None)[source]¶

The burpui.misc.backend.interface.BUIbackend class provides a consistent interface backend for any burp server.

Parameters:

server (burpui.engines.server.BUIServer) – Flask server instance in order to access logger and/or some global settings
conf (str) – Configuration file to use

abstract cancel_server_backup(client=None, agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.cancel_server_backup() function is used to delete the server-initiated backup file of a given client.

Parameters:

client (str) – The name of the client to look for
agent (str) – What server to ask (only in multi-agent mode)

Returns:

A list of notifications to return to the UI (success or failure)

Example:

[[0, "Success"]]

abstract cancel_server_restore(client=None, agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.cancel_server_restore() function is used to delete the server-initiated restoration file of a given client.

Parameters:

client (str) – The name of the client to look for
agent (str) – What server to ask (only in multi-agent mode)

Returns:

A list of notifications to return to the UI (success or failure)

Example:

[[0, "Success"]]

abstract clients_list(agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.clients_list() function is used to retrieve a list of clients with their configuration file.

Returns:: A list of clients with their configuration file

abstract del_file(path, agent=None)[source]¶: The burpui.misc.backend.interface.BUIbackend.del_file() function is used to delete a file on a remote agent.

abstract delete_backup(name=None, backup=None, agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.delete_backup() function performs a backup deletion and returns an error message if the command failed.

Parameters:

name (str) – Client name
backup (int) – Backup number
agent (str) – What server to ask (only in multi-agent mode)

Returns:

An error message if the command failed

abstract delete_client(client=None, keepconf=False, delcert=False, revoke=False, agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.delete_client() function is used to delete a client from burp’s configuration.

Parameters:

client (str) – The name of the client to remove
keepconf (bool) – Whether to keep the conf (in order to just revoke/delete the certs for instance)
delcert (bool) – Whether to delete the associated certificate
revoke (bool) – Whether to revoke the associated certificate
agent (str) – What server to ask (only in multi-agent mode)

Returns:

A list of notifications to return to the UI (success or failure)

abstract expand_path(path=None, source=None, client=None, agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.expand_path() function is used to expand path of file inclusions glob the user can set in the setting panel. This function is also a proxy for multi-agent setup.

Parameters:

path (str) – The glob/path to expand
source (str) – In which file are we working
client (str) – The client name when working on client files
agent (str) – What server to ask (only in multi-agent mode)

Returns:

A list of files or an empty list

abstract get_all_clients(agent=None, last_attempt=True)[source]¶

The burpui.misc.backend.interface.BUIbackend.get_all_clients() function returns a list containing all the clients with their states.

Parameters:

agent (str) – What server to ask (only in multi-agent mode)
last_attempt (bool) – Whether to return last backup attempt or not. This requires one more query per client hence we can disable it.

Returns:

A list of clients

Example:

[
    {
        "last": "2015-10-02 08:20:03",
        "name": "client1",
        "state": "idle",
    },
    {
        "last": "2015-01-25 13:32:00",
        "name": "client2",
        "state": "idle"
    }
]

abstract get_attr(name, default=None, agent=None)[source]¶: The burpui.misc.backend.interface.BUIbackend.get_attr() function returns the given attribute or default.

abstract get_backup_logs(number, client, forward=False, deep=False, agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.get_backup_logs() function is used to retrieve the burp logs depending the burp-server version.

Parameters:

number (int) – Backup number to work on
client (str) – Client name to work on
forward (bool) – Is the client name needed in later process
deep (bool) – Enable deep log inspection
agent (str) – What server to ask (only in multi-agent mode)

Returns:

Dict containing the backup log

Example:

{
    "dir": {
        "changed": 0,
        "deleted": 0,
        "new": 17,
        "scanned": 30246,
        "total": 30246,
        "unchanged": 30229
    },
    "duration": 436,
    "efs": {
        "changed": 0,
        "deleted": 0,
        "new": 0,
        "scanned": 0,
        "total": 0,
        "unchanged": 0
    },
    "encrypted": false,
    "end": 1443767237,
    "files": {
        "changed": 47,
        "deleted": 2,
        "new": 2,
        "scanned": 227377,
        "total": 227377,
        "unchanged": 227328
    },
    "files_enc": {
        "changed": 0,
        "deleted": 0,
        "new": 0,
        "scanned": 0,
        "total": 0,
        "unchanged": 0
    },
    "hardlink": {
        "changed": 0,
        "deleted": 0,
        "new": 0,
        "scanned": 28,
        "total": 28,
        "unchanged": 28
    },
    "meta": {
        "changed": 0,
        "deleted": 0,
        "new": 0,
        "scanned": 58,
        "total": 58,
        "unchanged": 58
    },
    "meta_enc": {
        "changed": 0,
        "deleted": 0,
        "new": 0,
        "scanned": 0,
        "total": 0,
        "unchanged": 0
    },
    "number": 576,
    "received": 11691704,
    "softlink": {
        "changed": 0,
        "deleted": 0,
        "new": 0,
        "scanned": 9909,
        "total": 9909,
        "unchanged": 9909
    },
    "special": {
        "changed": 0,
        "deleted": 0,
        "new": 0,
        "scanned": 1,
        "total": 1,
        "unchanged": 1
    },
    "start": 1443766801,
    "total": {
        "changed": 47,
        "deleted": 2,
        "new": 19,
        "scanned": 267619,
        "total": 267619,
        "unchanged": 267553
    },
    "totsize": 52047768383,
    "vssfooter": {
        "changed": 0,
        "deleted": 0,
        "new": 0,
        "scanned": 0,
        "total": 0,
        "unchanged": 0
    },
    "vssfooter_enc": {
        "changed": 0,
        "deleted": 0,
        "new": 0,
        "scanned": 0,
        "total": 0,
        "unchanged": 0
    },
    "vssheader": {
        "changed": 0,
        "deleted": 0,
        "new": 0,
        "scanned": 0,
        "total": 0,
        "unchanged": 0
    },
    "vssheader_enc": {
        "changed": 0,
        "deleted": 0,
        "new": 0,
        "scanned": 0,
        "total": 0,
        "unchanged": 0
    },
    "windows": "false"
}

abstract get_client(name=None, agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.get_client() function returns a list of dict representing the backups of a given client.

Parameters:

name (str) – Client name
agent (str) – What server to ask (only in multi-agent mode)

Returns:

A list of backups

Example:

[
    {
        "date": "2015-01-25 13:32:00",
        "deletable": true,
        "encrypted": true,
        "number": "1",
        "received": 889818873,
        "size": 35612321050
    }
]

abstract get_client_filtered(name=None, limit=-1, page=None, start=None, end=None, agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.get_client_filtered() function returns a list of dict representing the backups of a given client filtered by the given criteria.

Parameters:

name (str) – Client name
limit (int) – Number of element to return, -1 for not limit
page (int) – What page to retrieve
start (int) – Return elements after this date
end (int) – Return elements until this date
agent (str) – What server to ask (only in multi-agent mode)

Returns:

A list of backups

Example:

[
    {
        "date": "2015-01-25 13:32:00",
        "deletable": true,
        "encrypted": true,
        "number": "1",
        "received": 889818873,
        "size": 35612321050
    }
]

abstract get_client_labels(client=None, agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.get_client_labels() function returns a list of labels (if any) for a given client.

Note

Labels are only available since Burp 2.0.34

Parameters:

client (str) – The client for which you want the labels
agent (str) – What server to ask (only in multi-agent mode)

Returns:

A list of labels or an empty list

abstract get_client_status(name=None, agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.get_client_status() function returns the status of a given client with its last stats.

Parameters:

name (str) – What client status do we want
agent (str) – What server to ask (only in multi-agent mode)

Returns:

The last status of a given client

Example:

{
    "state": "idle",
    "percent": null,
    "phase": null,
    "last": "never"
}

abstract get_client_version(agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.get_client_version() function returns the client version used to connect to the server.

Parameters:: agent (str) – What server to ask (only in multi-agent mode)
Returns:: Burp client version

abstract get_clients_report(clients, agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.get_clients_report() function returns the computed/compacted data to display clients report.

Parameters:

clients (list) – List of clients as returned by burpui.misc.backend.interface.BUIbackend.get_all_clients()
agent (str) – What server to ask (only in multi-agent mode)

Returns:

A dict with the computed data

abstract get_counters(name=None, agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.get_counters() function returns a dict of counters for a given client while it performs a backup.

Parameters:

name (str) – Name of the client for which you’d like stats
agent (str) – What server to ask (only in multi-agent mode)

Returns:

A dict of counters

abstract get_file(path, agent=None)[source]¶: The burpui.misc.backend.interface.BUIbackend.get_file() function is used to retrieve a file on a remote agent.

abstract get_parser(agent=None)[source]¶: The burpui.misc.backend.interface.BUIbackend.get_parser() function returns the parser of the current backend.

abstract get_parser_attr(attr=None, agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.get_parser_attr() function is used to retrieve some attributes from the Parser. This function is useful in multi-agent mode because the front-end needs to access the backend attributes through the agents.

Parameters:

attr (str) – Name of the attribute to retrieve
agent (str) – What server to ask (only in multi-agent mode)

Returns:

The requested attribute or an empty list

abstract get_server_version(agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.get_server_version() function returns the server version (if any).

Parameters:: agent (str) – What server to ask (only in multi-agent mode)
Returns:: Burp server version

abstract get_tree(name=None, backup=None, root=None, level=-1, agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.get_tree() function returns a list of dict representing files/dir (with their attr) within a given path

Parameters:

name (str) – Client name
backup (int) – Backup number
root (str) – Root path to look into
level (int) – Level of the tree relative to its root
agent (str) – What server to ask (only in multi-agent mode)

Returns:

A list of files/dir within the given path with their attr

Example:

[
    {
        "date": "2015-01-23 20:00:07",
        "gid": "0",
        "inodes": "168",
        "mode": "drwxr-xr-x",
        "name": "/",
        "parent": "",
        "fullname": "/",
        "level": -1,
        "size": "12.0KiB",
        "type": "d",
        "uid": "0",
        "folder": True,
        "children": []
    }
]

abstract is_backup_running(name=None, agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.is_backup_running() functions tells you if a given client is currently performing a backup.

Parameters:

name (str) – Name of the client
agent (str) – What server to ask (only in multi-agent mode)

Returns:

True or False

abstract is_one_backup_running(agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.is_one_backup_running() function tells you if at least one backup is running.

Parameters:: agent (str) – What server to ask (only in multi-agent mode)
Returns:: A list of running clients

abstract is_server_backup(client=None, agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.is_server_backup() function is used to know if there is a server-initiated backup file in place.

Parameters:

client (str) – The name of the client to look for
agent (str) – What server to ask (only in multi-agent mode)

Returns:

True or False

abstract is_server_restore(client=None, agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.is_server_restore() function is used to know if there is a server-initiated restoration file in place and retrieve its content in order to edit it.

Parameters:

client (str) – The name of the client to look for
agent (str) – What server to ask (only in multi-agent mode)

Returns:

A dict representing the content of the server-initiated restoration file

abstract read_conf_cli(client=None, conf=None, agent=None)[source]¶: The burpui.misc.backend.interface.BUIbackend.read_conf_cli() function works the same way as the burpui.misc.backend.interface.BUIbackend.read_conf_srv() function but for the client config file.

abstract read_conf_srv(conf=None, agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.read_conf_srv() function returns a dict of options present in the server config file.

Parameters:

conf (str) – Complementary configuration file (for instance, file inclusions)
agent (str) – What server to ask (only in multi-agent mode)

Returns:

Dict of options

Example:

{
    "boolean": [
        {
            "name": "hardlinked_archive",
            "value": false
        },
        {
            "name": "syslog",
            "value": true
        },
    ],
    "clients": [
        {
            "name": "client1",
            "value": "/etc/burp/clientconfdir/client1"
        },
        {
            "name": "client2",
            "value": "/etc/burp/clientconfdir/client2"
        },
    ],
    "common": [
        {
            "name": "mode",
            "value": "server"
        },
        {
            "name": "directory",
            "value": "/srv/burp"
        },
    ],
    "includes": [],
    "includes_ext": [],
    "integer": [
        {
            "name": "port",
            "value": 4971
        },
        {
            "name": "status_port",
            "value": 4972
        },
        {
            "name": "max_children",
            "value": 5
        },
        {
            "name": "max_status_children",
            "value": 5
        }
    ],
    "multi": [
        {
            "name": "keep",
            "value": [
                "7",
                "4",
                "4"
            ]
        },
        {
            "name": "timer_arg",
            "value": [
                "12h",
                "Mon,Tue,Thu,Fri,17,18,19,20,21,22,23",
                "Wed,Sat,Sun,06,07,08,09,10,11,12,13,14,15,16,17,18,19,20,21,22,23"
            ]
        }
    ]
}

abstract restore_files(name=None, backup=None, files=None, strip=None, archive='zip', password=None, agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.restore_files() function performs a restoration and returns a tuple containing the path of the generated archive and/or a message if an error happened.

Parameters:

name (str) – Client name
backup (int) – Backup number
files (str) – A string representing a list of files to restore

Example:

['/etc/passwd', '/etc/shadow']

Parameters:

strip (int) – Number of parent directories to strip while restoring files
archive (str) – Format of the generated archive (may be zip, tar.gz or tar.bz2)
password (str) – Password for encrypted backups
agent (str) – What server to ask (only in multi-agent mode)

Returns:

A tuple with the generated archive path and/or an error message

abstract revocation_enabled(agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.revocation_enabled() function is used to know if the revocation feature is enabled or not.

Parameters:: agent (str) – What server to ask (only in multi-agent mode)
Returns:: True or False

abstract server_backup(client=None, agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.server_backup() function is used to schedule a server-side initiated backup.

Parameters:

client (str) – Client name
agent (str) – What server to ask (only in multi-agent mode)

Returns:

A list of notifications to return to the UI (success or failure)

abstract server_restore(client=None, backup=None, files=None, strip=None, force=None, prefix=None, restoreto=None, agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.server_restore() function is used to schedule a server-side initiated restoration.

Parameters:

client (str) – Client name
backup (int) – Backup number
files (str) – List of files to restore
strip (int) – Number of leading path to strip
force (bool) – Whether to force overriding files or not
prefix (str) – Where to restore files
retoreto – Restore on an other client
agent (str) – What server to ask (only in multi-agent mode)

Returns:

A list of notifications to return to the UI (success or failure)

abstract statistics()[source]¶

The burpui.misc.backend.interface.BUIbackend.statistics() method should return statistics about the current backend.

Parameters:: agent (str) – What server to ask (only in multi-agent mode)
Returns:: A dict containing statistics about the backend
Return type:: dict

Example:

{
    "alive": true,
    "server_version": "2.1.12",
    "client_version": "2.1.12"
}

abstract status(query='\n', timeout=None, agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.status() method is used to send queries to the Burp server

Parameters:

query (str) – Query to send to the server
timeout (int) – Query timeout in seconds
agent (str) – What server to ask (only in multi-agent mode)

Returns:

The output returned by the server parsed as an array

Example:

[
    "client1        2       i       576 0 1443766803",
    "client2        2       i       1 0 1422189120"
]

abstract store_conf_cli(data, client=None, conf=None, template=False, statictemplate=False, content='', agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.store_conf_cli() function works the same way as the burpui.misc.backend.interface.BUIbackend.store_conf_srv() function but for the client config file. It takes an extra parameter:

Parameters:: client (str) – Name of the client for which to apply this config

abstract store_conf_srv(data, conf=None, agent=None)[source]¶

The burpui.misc.backend.interface.BUIbackend.store_conf_srv() functions is used to save the new settings in the configuration file.

Parameters:

data (dict) – Data as sent by the web-form
conf (str) – Force the file path (for file inclusions for instance)
agent (str) – What server to ask (only in multi-agent mode)

Returns:

A list of notifications to return to the UI (success or failure)

Example:

[[0, "Success"]]

abstract version(agent=None)[source]¶: The burpui.misc.backend.interface.BUIbackend.version() function returns the version of the given agent.

Backend¶

Table of Contents

Related Topics

This Page