Saturday, May 7, 2011

Buby Script Basics Part 1


For those of you who are new to Buby, it is a platform to write Ruby based extensions for the Burp Suite API and I'm going to attempt to cover some of the basics.  First let me say thank you to Tebo for providing his insight. Tebo is the author of the Buby.kicks_ass => true article. Additionally, thank you Eric Monti the creator of Buby. Buby's homepage is located Here .

Installing:

Although you can write Ruby code, this is a JRuby Gem. What does this mean? It means that the code execution environment is JRuby (Java+Ruby) and the Gem should be installed in the JRuby environment.

Lets install JRuby first:

















Next, install the Buby Gem.


















Basic example of running a script:









The options you see explained

jruby -S buby  => runs the jruby environment leveraging the buby gem

-i  => interactive, this means you can interact with Burp from the console.

-B => this is the location of your Burp jar file

-r => The script you'd like to run. This is an easy way to run the buby code you've created.

Finally, an example of sending a command to burp via the -i (interactive option). Here we produce an alert "Hello World".














Pre-command




Command




Post Command



Okay so that wraps up Part 1 of Buby Basics.

If you'd like some scripts to mess around before Part 2, you can find some scripts I put together Here.

~Happy Hacking

cktricky
cktricky

8 comments:

Anonymous said...

Thanks for all the buby series.

cktricky said...

Thanks for your comment! More Buby-fu and AppSec to come.

Cheers,

Ken

Anonymous said...

Thanks, http://carnal0wnage.attackresearch.com/node/414 - Page not found

CG said...

@anonymous

yeah it may be lost to the interwebs, i'll see if tebo still has the post.

kitkat said...

I did a quick 'installing dser' for java serialised object fiddling, in case it's useful to any pentesters out there by the way... here.

cktricky said...

@kitkat - Thanks for leaving the link. I think it would be cool to see the dser plugin shaped into a wXf/buby module.

Arvind said...

Hi,
Is there a problem with installing buby on Ubuntu 12.04 with jruby? Pulled jruby with apt-get but buby install fails.

Trying to install buby to then play around with Dser, Serializable and other tools related to Java serialization.

Thnx
Arvind

cktricky said...

Hey @Arvind - Couple things I have come across...

Buby 1.3.3 seems to have issues, I usually revert to buby 1.3.1 (gem install buby --version=1.3.1). Also, the latest version of Burp has broken Buby AFAICT so if you want to use Buby (before it is fixed or a new maintainer steps forward), you'll have to leverage an pre- 1.5v of Burp IIRC).

HTH