Burp does not start
danielmichaels opened this issue · comments
Issue
Burpsuite does not start.
Error condition
Cli: Burp, /usr/bin/burp and burp.jar — all exit with invalid or corrupt jarfile burp.jar
DE: does not start (no errors logged, or prompts to screen)
System
Vagrant build
Java version: 1.8.0_212
Work around
Download current Burp jar file — Community 2.1 (could also use 1.7.36)
cp into /opt/samurai/burp and replace existing burp.jar.
Burp now starts correctly from cli and desktop.
I have not seen any other similar issues on the tracker, or googling but this did persist over several vagrant reload and destroy commands.
Which version of Samurai? Master or next branch?
Which version of Samurai? Master or next branch?
Master
Please try next to see if that fixes it?
I tried the next branch and still get the same issue.
Are there any logs I can provide?
If you could send the vagrant logs. If you are more comfortable, email them to kevin@secureideas.com. I am not sure what is happening as I just built a vm and burp is running fine in it. But I am aware that "Works on my machine" is a crappy answer. :)
Not a crappy answer! It absolutely should just work, and this gave me pause to where this has been happening.
TL;DR: When I spin it up on my work's network, burp doesn't install correctly. One my home network - it works!
I ran a test at home and burp fires up. At work, burp.jar gets corrupted. I vimdiff'd both vagrant logs and didn't see anything obvious but there's 40k+ lines so 😬
I appreciate your time, happy to close this.
Ahhh I bet you I know what it is. Can you cat the burp.jar that is downloaded on your work network? (Yes cat.) I bet you that your org is blocking or intercepting the request. Either NAC or a proxy. The result that is returned is an html page instead of the burp.jar file. When you try to launch that, it isn't a valid jar. :)
I just got an error related to Burp during startup that looks like it could be related.
TASK [Download burpsuite community] ********************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: SSLError: ('The read operation timed out',)
fatal: [samuraiwtf]: FAILED! => {"changed": false, "elapsed": 1, "msg": "failed to create temporary content file: ('The read operation timed out',)"}
I'm currently running with VirtualBox 5.2.30 and I updated my base box to 201907.07.0.
Ahhh I bet you I know what it is. Can you cat the burp.jar that is downloaded on your work network? (Yes cat.) I bet you that your org is blocking or intercepting the request. Either NAC or a proxy. The result that is returned is an html page instead of the burp.jar file. When you try to launch that, it isn't a valid jar. :)
I did a comparison between the working and non-working vm's:
cat burp.jar both return binary.
file -bi burp.jar both return application/zip; charset=binary
du -h:
working == 280M
corrupt jar == 233M
I am not sure whats happening here. The only difference between my two builds is the network used to download. So I would expect a failed download or a HTML page indicating its being blocked. Maybe the first download link is being blocked and the fallback is issuing a corrupt Jar file? The reasons are outside your control, and squarely with the network imo.
Thanks for letting us know. :)