Installing:
Although you can write Ruby code, this is a JRuby Gem. What does this mean? It means that the code execution environment is JRuby (Java+Ruby) and the Gem should be installed in the JRuby environment.
Lets install JRuby first:
Next, install the Buby Gem.
Basic example of running a script:
The options you see explained
jruby -S buby => runs the jruby environment leveraging the buby gem
-i => interactive, this means you can interact with Burp from the console.
-B => this is the location of your Burp jar file
-r => The script you'd like to run. This is an easy way to run the buby code you've created.
Finally, an example of sending a command to burp via the -i (interactive option). Here we produce an alert "Hello World".
Pre-command
Command
Post Command
If you'd like some scripts to mess around before Part 2, you can find some scripts I put together Here.
~Happy Hacking
cktricky
Thanks for all the buby series.
ReplyDeleteThanks for your comment! More Buby-fu and AppSec to come.
ReplyDeleteCheers,
Ken
Thanks, http://carnal0wnage.attackresearch.com/node/414 - Page not found
ReplyDelete@anonymous
ReplyDeleteyeah it may be lost to the interwebs, i'll see if tebo still has the post.
I did a quick 'installing dser' for java serialised object fiddling, in case it's useful to any pentesters out there by the way... here.
ReplyDelete@kitkat - Thanks for leaving the link. I think it would be cool to see the dser plugin shaped into a wXf/buby module.
ReplyDeleteHi,
ReplyDeleteIs there a problem with installing buby on Ubuntu 12.04 with jruby? Pulled jruby with apt-get but buby install fails.
Trying to install buby to then play around with Dser, Serializable and other tools related to Java serialization.
Thnx
Arvind
Hey @Arvind - Couple things I have come across...
ReplyDeleteBuby 1.3.3 seems to have issues, I usually revert to buby 1.3.1 (gem install buby --version=1.3.1). Also, the latest version of Burp has broken Buby AFAICT so if you want to use Buby (before it is fixed or a new maintainer steps forward), you'll have to leverage an pre- 1.5v of Burp IIRC).
HTH