Unable to launch Burp Suite Community integrated browser

[zer0uid]

Issue

Unable to use the built in "Launch Browser" feature within BurpSuite; error received. This may be a "side effect" of the running Burp via docker; but wanted to report it for discussion.

Work Around

Use the docker host Firefox with FoxyProxy plugin

[ShutdownRepo]

Hey there, thank you for that issue. Indeed, Burp's browser doesn't work yet through Exegol. If I remember correctly, it's because Burp is executed as root in the docker container. We probably need to give some arguments or configure something somewhere to allows that behavior.

[Dramelac]

If you have to use the root user to run Burp, then you would need to enable the "Allow the embedded browser to run without a sandbox" option in Project options -> Misc -> Embedded Browser in order to use the embedded browser. Source: https://forum.portswigger.net/thread/use-embedded-browser-sandbox-as-root-user-fe158657

To see if this configuration can be persisted in a configuration file.

[ShutdownRepo]

Nice 👌 it'd be awesome to see if changing that setting writes something somewhere, and do that write before-hand when Exegol builds, so that users don't have to edit that setting each and every time.

[Mathisca]

When activating this change, Burp writes the following in the project file:

{
    "project_options":{
        "misc":{
            "embedded_browser":{
                "allow_running_without_sandbox":true,
            }
        }
    }
}                                                                                                                                                                                                                                 

However, loading/saving a project config file is not available in the Community Edition of Burp Suite. I tried some workaround but can't manage to get Chromium working without having the user to manually check this box.

Maybe the best solution would be to print a message to the user in the console so that he knows that he must set this setting on each Burp startup.

[wlayzz]

Maybe a good alternative will be to pre install foxyproxy plugin with burp configuration set into firefox.

[psyray]

@wlayzz The really good alternative is to install PwnFox :grin:

[ShutdownRepo]

@wlayzz The really good alternative is to install PwnFox 😁

Maybe a good alternative will be to pre install foxyproxy plugin with burp configuration set into firefox.

Agreed, but in my opinion, those are two distinct actions. We need to fix the integrated browser stuff, but also find a way to install a pre-modified Firefox install.

[ShutdownRepo]

I found that creating a JSON file named UserConfigCommunity.json in ~/.BurpSuite/ allows to customise BurpSuite a bit I managed to add a custom Dark mode config by default (f9fc8eac9217aa379ff3caa5fa1e090360ff742d and 13ba9f75d8a0a939c7a9ae5b5fb57e4588f55154) but I found no way to have Burp's browser unsandboxed by default as this settings falls in the "Project Settings" section rather than the "User Settings" one... I tried to have the following content in UserConfigCommunity.json, to no avail (only the dark theme is set)

{
    "user_options":{
        "display":{
            "user_interface":{
                "look_and_feel":"Dark"
            }
        }
    },
    "project_options":{
        "misc":{
            "embedded_browser":{
                "allow_running_without_sandbox":true,
            }
        }
    }
}

[ShutdownRepo]

Also, some googling indicates that there are issues with Burp's browser on ARM64 devices, preventing the browser from running, no idea if there's a way to fix that for now, but I've not googled much about this yet

[ShutdownRepo]

Closing, as the issue probably won't be resolved on our end. We can't seem to have configuration files indicate a default "unsandboxed" setting. And on another topic, ARM64 integrated browser seems to encounter issues, but that's beyond our scope..