bui-agent

The bui-agent is a kind of proxy between a Burp server and your Burp-UI server. These agents must be launched on every server hosting a Burp instance you’d like to monitor.

They have a specific buiagent.cfg configuration file with a [Global] section as below:

[Global]
# On which port is the application listening
port: 10000
# On which address is the application listening
# '0.0.0.0' is the default for all IPv4
bind: 0.0.0.0
# enable SSL
ssl: true
# ssl cert
sslcert: /etc/burp/ssl_cert-server.pem
# ssl key
sslkey: /etc/burp/ssl_cert-server.key
# burp server version (currently only burp 1.x is implemented)
version: 1
# agent password
password: password
# socket timeout (in seconds)
timeout: 5

Each option is commented, but here is a more detailed documentation:

  • port: On which port is bui-agent listening.
  • bind: On which address is bui-agent listening.
  • ssl: Whether to communicate with the Burp-UI server over SSL or not.
  • sslcert: What SSL certificate to use when SSL is enabled.
  • sslkey: What SSL key to use when SSL is enabled.
  • version: What version of Burp this bui-agent instance manages. (see Burp-UI versions for more details)
  • password: The shared secret between the Burp-UI server and bui-agent.

As with Burp-UI, you need a specific section depending on the version value. Please refer to the Burp-UI versions section for more details.

Example

Here is a full usage example:

# On the server called 'agent1'
agent1:~$ python path/to/bui-agent.py -c path/to/buiagent.cfg

# On the server called 'agent2'
agent2:~$ python path/to/bui-agent.py -c path/to/buiagent.cfg

# On the server called 'front'
front:~$ python path/to/burp-ui.py -c path/to/burpui.cfg

This example uses three servers. You then only need to point your browser to http://front:5000/ for instance, and the Burp-UI instance will proxify the requests to the two agents for you.