Have you ever run into an issue when using a BApp in Burp Suite that it didn’t quite work with your client’s web application? I’ve personally ran into a client’s application returning 5XX errors after any tampering with the User-Agent header, which Collaborator Everywhere does by default. Instead of shelving Collaborator Everywhere, I decided to modify the source code to no longer do that. This blog post walks you through the process of building that custom version of the Collaborator Everywhere BApp leveraging Docker and Gradle, so you have a custom JAR file to load into Burp Suite.
Setup
If you don’t have Docker installed, but you have a Hypervisor installed, then feel free to use Vagrant. I’ve already configured a Vagrantfile in the root of the repository with everything you’ll need, and that is how I did the video recording shown below. Once you have Docker running, or are in the Vagrant VM, download the repository from Github then navigate to the folder with your CLI. Then, you’re all ready to build the modified BApp.
Building
Now that you’re set up, you can run the following command to build the modified JAR file you’ll load into your Burp Suite instance: docker run --rm -u gradle -v "$PWD":/home/gradle/ docker.io/gradle:7.4.2 ./gradlew fatJar
Afterwards, under the build/libs directory there will be a collaborator-everywhere-all.jar file. Navigate to your Extensions tab in Burp Suite, click the Add button, and navigate to that newly built JAR file. If you’ve gotten this far, then you’ll have a customized version of Collaborator Everywhere loaded locally for your Burp Suite instance.
Demo
Below is a video which walks through each step outlined above.
Now you’ve learned the building blocks for modification, building, and loading a customized BApp JAR file. There’s some extra details below on how I figured out some of the aforementioned information, but otherwise have fun modding BApp plugins. 🙂
Extra Details
Some extra information for why I knew to run the corresponding commands was because of the following:
- I figured out to specify fatJar as the build target for the gradle wrapper (gradlew) because of the build.gradle file
- I figured out which version of gradle, and in turn which Java version, because of the gradle-wrapper.properties file
After recently looking at a few of the other Burp Suite BApp repos, it seems like the gradle wrapper (gradlew) and fatJar convention seems to be relatively ubiquitous.
Alex Rodriguez is a security consultant with experience in Linux systems administration, Infrastructure as Code development, container platforms, automation development, and various CI/CD platforms. In his roles at Secure Ideas, he is one of the main admins of their production systems and all things automation. Besides client work and system administration, he loves giving workshops and presenting on his various projects to the community. When he is not working, he is listening to as many podcasts as he can while continually improving in security, blogging (https://elrey.casa/blog), and coding.
If you found this interesting, check out the latest blogs by Alex:
Alternatively, you can check out the recording of his latest webcast here!
