TUTORIAL: Install burpsuite on FreeBSD using Linuxulator.

F

flowerpower471

Hello everyone, i've been setting up a pentest workstation on FreeBSD,i have had a lot of struggle on making Burp Suite work, so i'm writing this tutorial to spare you all such pain.

This tutorial has been tested on FreeBSD 13.0 Release and Burpsuite v2022.1.1. But it likely works on other versions too!

First what is Burp Suite.
Burp Suite is a framework for web pentesting, it has many tools such as a proxy to intercept HTTP requests and a bruteforcing tool.
It has become an industry standard in pentesting and you (kind of) have to know how to use it.
It has some free and open source alternatives such as Mitmproxy and Owasp Zap.

Before we start:
1- Burp suite is closed source software, if you are generally distrustful of proprietary software like i am, you may want to think before following this tutorial.
2- We will use a CentOS 7 base for this tutorial, the instructions may vary if you use a SUSE base for example.
3- We will be dealing with the burp suite community edition as it's free.
4-

# Means that a command must be run with root permissions.

$ Means that you don't need root permissions to run a command.

With that out of the way, let's get started.

Setting up linux compatibility.

First you should make sure the "linux" and "linux64" kernel modules are loaded.
To do that run $ kldstat in a terminal.
If "linux.ko" and "linux64.ko" appear somewhere, then you're good.
Otherwise run # kldload linux and # kldload linux64.

Then you must install the linux CentOS7 base.
To do that run # pkg install linux_base-c7.

You must also install linux xorg libraries in order to run linux GUI programs.
To do that: # pkg install linux-c7-Xorg-libs

Finally, make sure the linux service has been started.
For this append linux_enable="YES" to /etc/rc.conf (to start it at boot) and run # service linux start

Now you are all good to run Burpsuite.

Installing and running Burp Suite.

Download Burp Suite community edition for Linux 64 bits at https://portswigger.net/burp/releases/professional-community-2022-1-1?requestededition=community.
This should download a bash script.
After downloading it cd into its directory and run it with bash.
$ bash burpsuite_community_linux_*.sh.

This should pop a straightforward GUI installer.
NOTE: After the install an error will be thrown, ignore it.

Now cd into your home directory, a BurpSuiteCommunity directory should be there, it should contain a burpsuite_community jar file and a jre folder.
cd into it and run $ ./jre/bin/java --illegal-access=permit -noverify -jar burpsuite_community.jar.
And voila ! A GUI prompt asking you to accept the license should appear, accept it and then congratulations. You got burp suite running on FreeBSD.

Everything should work except the embedded browser, you may also encounter some random crashed but those dont happen very often.


Extras (OPTIONAL).

If you don't want to repeat the same weird command to run burpsuite, you can make a shell script to run it.

Create a file named burpsuite in /usr/local/bin. I will do it using the nano text editor for the sake of simplicity.
# nano /usr/local/bin/burpsuite.
Then write the following to it:

Code: 
#!/bin/sh

path/to/the/BurpSuiteCommunity/folder/jre/bin/java --illegal-access=permit -noverify -jar path/to/BurpSuiteCommunity/folder/burpsuite_community.jar

Save and then run # chmod +x /usr/local/bin/burpsuite.
And tadam! You can run burpsuite by simple typing "burpsuite" in your terminal!.

I hope this tutorial will help people struggling to get this tool working on FreeBSD.
 
Last edited:
Thanks for this! I followed your instructions, but get an error.

Code: 
% ./jre/bin/java --illegal-access=permit -noverify -jar burpsuite_community.jar
GLib-GIO-Message: 23:00:10.652: Using the 'memory' GSettings backend.  Your settings will not be saved or shared with other applications.
OpenJDK 64-Bit Server VM warning: Option --illegal-access is deprecated and will be removed in a future release.
OpenJDK 64-Bit Server VM warning: Options -Xverify:none and -noverify were deprecated in JDK 13 and will likely be removed in a future release.
Could not start Burp: java.lang.NullPointerException

The only thing different is a more recent burpsuite version -- burpsuite_community_linux_v2022_2_2.sh

Did you have to install anything else?
 
pinned said:
Thanks for this! I followed your instructions, but get an error.

Code: 
% ./jre/bin/java --illegal-access=permit -noverify -jar burpsuite_community.jar
GLib-GIO-Message: 23:00:10.652: Using the 'memory' GSettings backend.  Your settings will not be saved or shared with other applications.
OpenJDK 64-Bit Server VM warning: Option --illegal-access is deprecated and will be removed in a future release.
OpenJDK 64-Bit Server VM warning: Options -Xverify:none and -noverify were deprecated in JDK 13 and will likely be removed in a future release.
Could not start Burp: java.lang.NullPointerException

The only thing different is a more recent burpsuite version -- burpsuite_community_linux_v2022_2_2.sh

Did you have to install anything else?
Click to expand...
I am indeed getting the same error when trying with v2022.2.2, i don't really know what could cause such breakage. So the problem is likely coming from this version of burp. But the JRE seems to be working so you should have no problems running v2022.1.1.
 
Yup, v2022.1.1 works!

Did you manage to get the embedded browser running without issues? I don't think the installer script executes completely as the burpbrowser directory is missing. I'll run the installer in a linux vm and then copy the directory over to test.

The embedded browser isn't a necessity for me, as using another browser will work just fine. I usually just fire up chrome from the terminal pointing to the proxy and with burp plugins enabled. But I would be interested to know if running the embedded browser without any tweaks was possible.
 
pinned said:
Yup, v2022.1.1 works!

Did you manage to get the embedded browser running without issues? I don't think the installer script executes completely as the burpbrowser directory is missing. I'll run the installer in a linux vm and then copy the directory over to test.

The embedded browser isn't a necessity for me, as using another browser will work just fine. I usually just fire up chrome from the terminal pointing to the proxy and with burp plugins enabled. But I would be interested to know if running the embedded browser without any tweaks was possible.
Click to expand...
I forgot to specify it in the post, but the embedded browser is indeed not installed by the installer.
I guess the error that ends it might be related to the part where it installs the burp browser. It may be possible to install it in a native linux environment and then transfer it to your Freebsd install but i haven't tested it.
 
SirDice said:
There used to be a port for it: security/burpsuite but it got deprecated a couple years ago. Do you think you could resurrect the port and update it?
Click to expand...
I'm going to take a look at the porter's handbook and see what i can do.
Though maybe i should make something like a linux-burpsuite port instead ? Since linux emulation is required for it.
 
Thanks for this guide, did not get any errors during installation, only a warning for GTK.

pkg install emulators/linux_base-c7

pkg install compat9x-amd64

export LD_LIBRARY_PATH=/compat/linux/usr/lib64:$LD_LIBRARY_PATH

setenv LD_LIBRARY_PATH /compat/linux/usr/lib64:$LD_LIBRARY_PATH

reboot FreeBSD

service linux start

However it seems like it was installed in compat directory.
I entered the following to terminal after installation:

./jre/bin/java --illegal-access=permit -noverify -jar burpsuite_community.jar

Get the following output error:
Code: 
Authorization required, but no authorization protocol specified
OpenJDK 64-Bit Server VM warning: Option --illegal-access is deprecated and will be removed in a future release.
OpenJDK 64-Bit Server VM warning: Options -Xverify:none and -noverify were deprecated in JDK 13 and will likely be removed in a future release.
Authorization required, but no authorization protocol specified
Could not start Burp: java.awt.AWTError: Can't connect to X11 window server using ':0' as the value of the DISPLAY variable.

Edit:

I just exit from the chroot (seems like there is no reason to do that).

Now back to freebsd mode user, was at the same directory as to:
/compat/ubuntu/opt/BurpSuiteCommunity/

Then I entered again:
./jre/bin/java --illegal-access=permit -noverify -jar burpsuite_community.jar

Burp Suite Community Edition 2022.1.1 is really working...

aaaa.jpg
 
Last edited:
Burpsuite Community 2023.2.3 (Latest edition) is working on FreeBSD 13.1

All I did was following the steps of OP but for the latest edition:
https://portswigger.net/burp/releas...requestededition=community&requestedplatform=

I got an error thrown saying that it "Failed to configure embedded browser" and the installer said it was "rolling back", however it seems that it installed correctly, I went to the directory and opened it up, new GUI:

burp_suite.jpg
 
You must log in or register to reply here.
Back
Top