Skip to content

Instantly share code, notes, and snippets.

@postworthy

postworthy/Headless-BurpSuite-With-Rest-API.dockerfile

Last active March 30, 2021 15:20
Show Gist options
  • Save postworthy/6353cf8652d7ec8836034c84e3d6590b to your computer and use it in GitHub Desktop.
Save postworthy/6353cf8652d7ec8836034c84e3d6590b to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Headless-BurpSuite-With-Rest-API.dockerfile
FROM gradle:latest as restapi
WORKDIR /app
RUN echo -e '\033[36;1m ******* INSTALL GIT ******** \033[0m' && \
apt-get update && apt-get upgrade -y && \
apt-get install -y git jq
RUN echo -e '\033[36;1m ******* PULL BURP-REST-API (from Fork) ******** \033[0m' && \
git clone https://github.com/vmware/burp-rest-api.git
WORKDIR /app/burp-rest-api
RUN echo -e '\033[36;1m ******* BUILD BURP-REST-API ******** \033[0m' && \
./gradlew clean build && \
./gradlew bootJar
FROM debian:stable-slim as base
LABEL authors https://landonkey.com
ENV USER burpsuite
ENV HOME /home/${USER}
ENV VERSION 2020.12.1
ENV DEBIAN_FRONTEND noninteractive
ENV APP https://portswigger.net/burp/releases/download?product=pro&version=${VERSION}&type=Linux
RUN echo -e '\033[36;1m ******* INSTALL PACKAGES ******** \033[0m' && \
# apt update && apt upgrade -y && \
apt update && \
apt install -y sudo wget libfreetype6 software-properties-common ttf-dejavu openssl libxext6 libxrender1 libxtst6 libxi6 font-manager socat && \
rm -rf /var/lib/apt/lists/*
RUN echo -e '\033[36;1m ******* ADD USER ******** \033[0m' && \
useradd -d ${HOME} -m ${USER} && \
passwd -d ${USER} && \
adduser ${USER} sudo
RUN echo -e '\033[36;1m ******* SELECT USER ******** \033[0m'
USER ${USER}
RUN echo -e '\033[36;1m ******* SELECT WORKING SPACE ******** \033[0m'
WORKDIR ${HOME}
RUN echo -e '\033[36;1m ******* DOWNLOAD INSTALLER ******** \033[0m' && \
sudo mkdir /burp && \
sudo chown -R ${USER}:${USER} /burp && \
wget -O /burp/burpsuite.sh ${APP} && \
chmod +x /burp/burpsuite.sh && \
sudo apt-get --purge autoremove -y wget
RUN echo -e '\033[36;1m ******* EXECUTE INSTALLER ******** \033[0m' && \
echo 'o\n/burp/\ny\ny\n/usr/local/bin\n1' | /burp/burpsuite.sh && \
sudo chown root:root /burp/burpbrowser/87.0.4280.88/chrome-sandbox && sudo chmod u+s /burp/burpbrowser/87.0.4280.88/chrome-sandbox && \
rm -f /burp/burpsuite.sh && \
mkdir -p ./.java/.userPrefs/burp/
ENV JAVA_HOME /burp/jre
ENV PATH /burp/jre/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
RUN echo -e '\033[36;1m ******* COPY OVER BURP-REST-API ******** \033[0m'
COPY --from=restapi /app/burp-rest-api/build/libs/*.jar /burp
COPY --from=restapi /app/burp-rest-api/burp-rest-api.sh /burp
RUN sudo chown -R ${USER}:${USER} /burp/burp-rest-api.sh && \
sudo chown -R ${USER}:${USER} /burp/*.jar && \
chmod +x /burp/burp-rest-api.sh
RUN echo -e '\033[36;1m ******* CREATE ENTRYPOINT SCRIPT ******** \033[0m' && \
echo 'socat TCP-LISTEN:9090,fork TCP:127.0.0.1:8080 &' > /burp/entrypoint.sh && \
echo '/burp/burp-rest-api.sh -Djava.awt.headless=true --server.address=0.0.0.0' >> /burp/entrypoint.sh && \
chmod +x /burp/entrypoint.sh
RUN echo -e '\033[36;1m ******* ADD USER TO GROUP ******** \033[0m' && \
sudo addgroup burp && \
sudo adduser ${USER} burp
RUN echo -e '\033[36;1m ******* OPENING PORTS ******** \033[0m'
EXPOSE 8080
EXPOSE 8090
RUN echo -e '\033[36;1m ******* SETUP BURP LICENSE ******** \033[0m' && \
echo 'y\nYOUR_BURP_LICENSE_GOES_HERE\no\n' | /burp/BurpSuitePro & pid="$!";sleep 10;kill $pid
RUN echo -e '\033[36;1m ******* CONTAINER START COMMAND ******** \033[0m'
CMD /burp/entrypoint.sh
#
# Build:
# docker build . -t headlessburpsuite
#
# Usage:
# docker run -it --rm -p 8080:9090 -p 8090:8090 headlessburpsuite
#
# Now visit http://localhost:8090/swagger-ui.html
#
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment