Skip to content

Instantly share code, notes, and snippets.

@r00tdaemon
Last active March 15, 2022 14:29
Show Gist options
  • Save r00tdaemon/1181d442b2a92067b5f3f111d5b3b69e to your computer and use it in GitHub Desktop.
Save r00tdaemon/1181d442b2a92067b5f3f111d5b3b69e to your computer and use it in GitHub Desktop.
How to setup Burp Suite inside a docker container. (https://ujjwal96.github.io/blog/2019/06/02/burpdock)
#! /bin/bash
docker build -t burpdock -f Dockerfile .
How to setup Burp Suite inside a docker container.
FROM debian
RUN apt-get update && apt-get -y install locales
RUN apt-get update \
&& apt-get -y install man sudo locate build-essential wget zsh
RUN apt-get -y install openjdk-8-jdk
RUN useradd -m burp
RUN echo "burp ALL=NOPASSWD: ALL" > /etc/sudoers.d/burp
RUN chsh -s /usr/bin/zsh burp
USER burp
RUN mkdir -p /home/burp/bin
RUN wget -O /home/burp/.zshrc https://git.grml.org/f/grml-etc-core/etc/zsh/zshrc
RUN echo "export PATH=/home/burp/bin:$PATH" >> /home/burp/.zshrc
WORKDIR /home/burp/bin
### Install Burpsuite ###
RUN wget -O ./burp.jar 'https://portswigger.net/DownloadUpdate.ashx?Product=Free' \
&& chmod +x ./burp.jar
RUN echo "#! /bin/bash \n\
java -jar /home/burp/bin/burp.jar > /dev/null 2>&1 & \n" > burpsuite \
&& chmod +x burpsuite
RUN sudo apt-get clean
WORKDIR /home/burp
CMD ["zsh", "-i"]
#! /bin/bash
DOCKER_USER=burp
DOCKER_HOME=/home/$DOCKER_USER
## GUI Support (https://stackoverflow.com/a/25280523)
XSOCK=/tmp/.X11-unix
XAUTH=/tmp/.docker.xauth
touch $XAUTH
xauth nlist :0 | sed -e 's/^..../ffff/' | xauth -f $XAUTH nmerge -
## BURP Dir
burp_dir=$HOME/.java/.userPrefs:$DOCKER_HOME/.java/.userPrefs
burp_conf=$HOME/.BurpSuite:$DOCKER_HOME/.BurpSuite
## -u flag = https://github.com/moby/moby/issues/3206#issuecomment-152682860
docker run -it --rm -h burpdock --name burpdock \
-u $(id -u):$(id -g) \
-v $XSOCK:$XSOCK -v $XAUTH:$XAUTH -e XAUTHORITY=$XAUTH \
-v $burp_dir -v $burp_conf \
-p 8080:8080 \
--env="DISPLAY" \
burpdock
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment