search

pschiffe / docker-burp

Server, client and web ui Docker images for Burp
https://hub.docker.com/r/pschiffe/burp-server/
MIT License
15 stars 6 forks source link

burp-client /etc/burp volume mounting overwrites burp.conf template #2

Closed jazzdd86 closed 4 years ago

jazzdd86 commented 7 years ago

If I mount the /etc/burp/ volume as stated in your client docker command it overwrite the template and therefore the client is doing nothing.

I deleted the volume flag and now it seems to start up correctly, but only to see following start up behavior:

2017-03-20 11:10:52: burp[1] Could not find ssl_cert /etc/burp/ssl_cert-client.pem: No such file or directory
burp-client    | 2017-03-20 11:10:52: burp[1] Could not find ssl_key /etc/burp/ssl_cert-client.key: No such file or directory
burp-client    | 2017-03-20 11:10:52: burp[1] Could not find ssl_cert_ca /etc/burp/ssl_cert_ca.pem: No such file or directory
burp-client    | 2017-03-20 11:10:52: burp[1] auth ok
burp-client    | 2017-03-20 11:10:52: burp[1] Server version: 2.0.54
burp-client    | 2017-03-20 11:10:52: burp[1] Server will sign a certificate request
burp-client    | 2017-03-20 11:10:52: burp[1] Generating SSL key and certificate signing request
burp-client    | 2017-03-20 11:10:52: burp[1] Running '/usr/sbin/burp_ca --key --keypath /etc/burp/ssl_cert-client.key --request --requestpath /etc/burp/CA-client/test.csr --name test'
burp-client    | generating key test: /etc/burp/ssl_cert-client.key
burp-client    | Generating RSA private key, 2048 bit long modulus
burp-client    | ......................................................................+++
burp-client    | .......................................+++
burp-client    | e is 65537 (0x10001)
burp-client    | generating request test
burp-client    | 2017-03-20 11:10:52: burp[1] /usr/sbin/burp_ca returned: 0
burp-client    | 2017-03-20 11:10:52: burp[1] Sent /etc/burp/CA-client/test.csr
burp-client    | 2017-03-20 11:10:53: burp[1] Received: /etc/burp/ssl_cert-client.pem.1
burp-client    | 2017-03-20 11:10:53: burp[1] Received: /etc/burp/ssl_cert_ca.pem.1
burp-client    | 2017-03-20 11:10:53: burp[1] Rewriting conf file: /etc/burp/burp.conf
burp-client    | 2017-03-20 11:10:53: burp[1] Re-opening connection to server
burp-client    | 2017-03-20 11:10:58: burp[1] auth ok
burp-client    | 2017-03-20 11:10:58: burp[1] Server version: 2.0.54
burp-client    | 2017-03-20 11:10:58: burp[1] nocsr ok
burp-client    | 2017-03-20 11:10:58: burp[1] SSL is using cipher: AES256-GCM-SHA384       TLSv1.2 Kx=RSA      Au=RSA  Enc=AESGCM(256) Mac=AEAD
burp-client    | 
burp-client    | 2017-03-20 11:10:58: burp[1] extra_comms_begin ok:autoupgrade:incexc:orig_client:uname:counters_json:msg:forceproto=1:rshash=blake2:
burp-client    | 2017-03-20 11:10:58: burp[1] Server is forcing protocol 1
burp-client    | 2017-03-20 11:10:58: burp[1] Timer conditions on the server were not met
burp-client    | 2017-03-20 11:14:18: burp[1] auth ok
burp-client    | 2017-03-20 11:14:18: burp[1] Server version: 2.0.54
burp-client    | 2017-03-20 11:14:18: burp[1] nocsr ok
burp-client    | 2017-03-20 11:14:18: burp[1] SSL is using cipher: AES256-GCM-SHA384       TLSv1.2 Kx=RSA      Au=RSA  Enc=AESGCM(256) Mac=AEAD
burp-client    | 
burp-client    | 2017-03-20 11:14:18: burp[1] extra_comms_begin ok:autoupgrade:incexc:orig_client:uname:counters_json:msg:forceproto=1:rshash=blake2:
burp-client    | 2017-03-20 11:14:18: burp[1] Server is forcing protocol 1
burp-client    | 2017-03-20 11:14:18: burp[1] Timer conditions on the server were not met

I did not change any configuration, except adding the hostname to the clientconfdir with the password.

That is my docker-compose file:

version: '3'

services:
  burp-ui:
    image: pschiffe/burp-ui 
    container_name: burp-ui
    environment:
       - BUI_AGENT_PASSWORD=password
    ports:
      - "5000:5000"
    volumes:
       - "./conf:/etc/burp"

  burp-server:
    container_name: burp-server
    image: pschiffe/burp-server
    volumes:
      - ./conf_server:/etc/burp
      - ./data_server:/var/spool/burp
      - /sys/fs/cgroup:/sys/fs/cgroup:ro
    tmpfs: 
      - /run
      - /tmp
    cap_add: 
      - SYS_ADMIN
    ports:
      - 4971:4971
      - 10000:10000
    tty: true

  burp-client:
    container_name: burp-client
    image: pschiffe/burp-client
    environment: 
      - BURP_SERVER=192.168.1.102
      - BURP_CLIENT_PASSWORD=super-secret
    volumes: 
      #- ./conf_client:/etc/burp
      - /home/jazz/ownCloud/Keys:/tobackup/somehost-etc:ro
      - /home/jazz/ownCloud/Fotos:/tobackup/somehost-home:ro
    hostname: test
pschiffe commented 5 years ago

Hi @jazzdd86 . I know this is way too late, but I would like to react anyway. Thank you for that compose file, I've modified it and added to this repo.

Reg. the Timer conditions on the server were not met, this is OK and expected, b/c with the burp, the server manages when the client should do a backup. If there was a backup done recently, you'll get this message meaning you should wait for some time and then retry. Upstream docs: https://burp.grke.org/docs/timer_script.html

I wasn't able to reproduce your original issue with overwriting the client config, however, I've updated the images, so maybe it's fixed now.