grke
commented
4 years ago Hello,
setting the file dates seems to fail
What exactly do you mean by this? Is this an error that comes out somewhere?
Closed Dpunkt closed 4 years ago
grke
commented
4 years ago Hello,
setting the file dates seems to fail
What exactly do you mean by this? Is this an error that comes out somewhere?
Dpunkt
commented
4 years ago Yes, the message leads me to this assumption. I attached the outputs of the first connections. Client Version: 2.2.18 on Windows
On FAT32 Drive E: ` E:_Tools\burp2>bin\burp -a l -c burp.conf 2020-01-26 15:14:20: bin\burp[3836] Could not find ssl_cert E:/_Tools/Burp2/ssl_cert-client.pem: Unknown error 2020-01-26 15:14:20: bin\burp[3836] Could not find ssl_key E:/_Tools/Burp2/ssl_cert-client.key: Unknown error 2020-01-26 15:14:20: bin\burp[3836] Could not find ssl_cert_ca E:/_Tools/Burp2/ssl_cert_ca.pem: Unknown error 2020-01-26 15:14:20: bin\burp[3836] Connecting to 192.168.1.1:4971 2020-01-26 15:14:20: bin\burp[3836] auth ok 2020-01-26 15:14:20: bin\burp[3836] Server version: 2.2.18 2020-01-26 15:14:20: bin\burp[3836] Server will sign a certificate request 2020-01-26 15:14:20: bin\burp[3836] Generating SSL key and certificate signing request 2020-01-26 15:14:20: bin\burp[3836] Running 'E:/_Tools/Burp2/bin/burp_ca.bat --key --keypath E:/_Tools/Burp2/ssl_cert-client.key --request --requestpath E:/_Tools/Burp2/CA/restoreclientusb.csr --name restoreclientusb' 2020-01-26 15:14:20: bin\burp[3836] Could not set privilege SeBackupPrivilege 2020-01-26 15:14:20: bin\burp[3836] Could not set privilege SeRestorePrivilege 2020-01-26 15:14:20: bin\burp[3836] Could not set privilege SeSecurityPrivilege 2020-01-26 15:14:20: bin\burp[3836] Some privileges were not enabled.
2020-01-26 15:14:20: bin\burp[3836] Are you running as Administrator?
E:_Tools\burp2>echo off "generating key restoreclientusb: E:_Tools\Burp2\ssl_cert-client.key" Generating RSA private key, 2048 bit long modulus ...........................................................................+++ ..............+++ e is 65537 (0x010001) "generating certificate signing request: E:_Tools\Burp2\CA\restoreclientusb.csr " 2020-01-26 15:14:32: bin\burp[3836] Sent E:/_Tools/Burp2/CA/restoreclientusb.csr
2020-01-26 15:14:34: bin\burp[3836] WARNING: Unable to set file times E:/_Tools/Burp2/ssl_cert-client.pem.3836: ERR=Falscher Parameter.
2020-01-26 15:14:34: bin\burp[3836] Received: E:/_Tools/Burp2/ssl_cert-client.pem.3836 2020-01-26 15:14:34: bin\burp[3836] main socket 176: Got network read error 2020-01-26 15:14:34: bin\burp[3836] main socket 176: network read problem in asfd_do_read_ssl: 5 - 0=No error 2020-01-26 15:14:34: bin\burp[3836] This is probably caused by the peer exiting.
2020-01-26 15:14:34: bin\burp[3836] Please check the peer's logs. 2020-01-26 15:14:34: bin\burp[3836] transfer file returning: -1 2020-01-26 15:14:34: bin\burp[3836] WARNING: Unable to set file times E:/_Tools/Burp2/ssl_cert_ca.pem.3836: ERR=Falscher Parameter.
2020-01-26 15:14:34: bin\burp[3836] Received: E:/_Tools/Burp2/ssl_cert_ca.pem.38 36 2020-01-26 15:14:35: bin\burp[3836] Re-opening connection to server 2020-01-26 15:14:40: bin\burp[3836] Can't read ssl_cert_ca file: E:/_Tools/Burp2/ssl_cert_ca.pem 2020-01-26 15:14:40: bin\burp[3836] error initialising ssl ctx`
From NTFS C: (after Deleting the cert on the server side to retry) `C:_Tools\burp2>echo off "generating key restoreclientusb: C:_Tools\Burp2\ssl_cert-client.key" Generating RSA private key, 2048 bit long modulus .........................+++ ........+++ e is 65537 (0x010001) "generating certificate signing request: C:_Tools\Burp2\CA\restoreclientusb.csr " 2020-01-26 15:16:08: bin\burp[3696] Sent C:/_Tools/Burp2/CA/restoreclientusb.csr
2020-01-26 15:16:09: bin\burp[3696] Received: C:/_Tools/Burp2/ssl_cert-client.pem.3696 2020-01-26 15:16:09: bin\burp[3696] Received: C:/_Tools/Burp2/ssl_cert_ca.pem.3696 2020-01-26 15:16:09: bin\burp[3696] Re-opening connection to server 2020-01-26 15:16:14: bin\burp[3696] Connecting to 192.168.1.1:4971 2020-01-26 15:16:14: bin\burp[3696] auth ok 2020-01-26 15:16:14: bin\burp[3696] Server version: 2.2.18 2020-01-26 15:16:14: bin\burp[3696] nocsr ok 2020-01-26 15:16:14: bin\burp[3696] SSL is using cipher: ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD
2020-01-26 15:16:14: bin\burp[3696] extra_comms_begin ok:autoupgrade:incexc:orig_client:uname:counters_json:msg:forceproto=1:rshash=blake2: 2020-01-26 15:16:14: bin\burp[3696] Server is forcing protocol 1no backups 2020-01-26 15:16:14: bin\burp[3696] List finished ok `
grke
commented
4 years ago Hello, Thanks for that. I will need some spare time to getting around to setting this up and reproducing it.
grke
commented
4 years ago grke
commented
4 years ago This was fixed in the latest release, last month. Closing.
When preparing a bootable restore stick (using windows PE, which creates a FAT32 partition by default) to restore windows machines, I run into a certificate problem:
After Installing burp and copying the burp folder to the "Recovery" flash drive, i edited the config (path,name, password,..) to suit my need. Then I booted Windows PE and tried a restore. Since this client is new it generates a certificate, which it let sign the server. But on the FAT32 Partition setting the file dates seems to fail, the ssl_cert_ca.pem is empty. Afterwards the client is unable to connect (wrong certificate) and also unable to resign another cert (already existing).
I thought it might be a Windows PE issue, but the same problem occured when I tried running burp from this flash drive in windows. After copying the burp folder to a NTFS partition, changing the paths (burp.cfg and in burp_ca.bat) everything worked fine.
After copying the certs back to the flash drive burp starts to work on windows pe like I expected it in the first place.
Also I would like a files-only distribution of the windows binarys (without this 32 bit installer), as it would simplify updating my flash drive very much. (The 32bit subsystem is missing in 64 bit WinPE)