bui-agent¶
The bui-agent is a kind of proxy between a Burp server and your Burp-UI server. These agents must be launched on every server hosting a Burp instance you’d like to monitor.
They have a specific buiagent.cfg configuration file with a [Global]
section as below:
[Global]
# On which port is the application listening
port: 10000
# On which address is the application listening
# '0.0.0.0' is the default for all IPv4
bind: 0.0.0.0
# enable SSL
ssl: true
# ssl cert
sslcert: /etc/burp/ssl_cert-server.pem
# ssl key
sslkey: /etc/burp/ssl_cert-server.key
# burp server version (currently only burp 1.x is implemented)
version: 1
# agent password
password: password
# socket timeout (in seconds)
timeout: 5
Each option is commented, but here is a more detailed documentation:
- port: On which port is bui-agent listening.
- bind: On which address is bui-agent listening.
- ssl: Whether to communicate with the Burp-UI server over SSL or not.
- sslcert: What SSL certificate to use when SSL is enabled.
- sslkey: What SSL key to use when SSL is enabled.
- version: What version of Burp this bui-agent instance manages. (see Burp-UI versions for more details)
- password: The shared secret between the Burp-UI server and bui-agent.
As with Burp-UI, you need a specific section depending on the version value. Please refer to the Burp-UI versions section for more details.
Example¶
Here is a full usage example:
# On the server called 'agent1'
agent1:~$ python path/to/bui-agent.py -c path/to/buiagent.cfg
# On the server called 'agent2'
agent2:~$ python path/to/bui-agent.py -c path/to/buiagent.cfg
# On the server called 'front'
front:~$ python path/to/burp-ui.py -c path/to/burpui.cfg
This example uses three servers. You then only need to point your browser to http://front:5000/ for instance, and the Burp-UI instance will proxify the requests to the two agents for you.