-
-
Notifications
You must be signed in to change notification settings - Fork 78
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add go binaries workflow, update README
- Loading branch information
Showing
6 changed files
with
63 additions
and
10 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,36 @@ | ||
| name: Build and release binaries | ||
|
|
||
| on: | ||
| release: | ||
| types: [created] | ||
| jobs: | ||
| build: | ||
| name: Create native shared C libraries | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v2 | ||
| - name: Execute CGO builds using XGO | ||
| uses: crazy-max/ghaction-xgo@v1 | ||
| # docs: https://github.com/marketplace/actions/golang-cgo-cross-compiler#inputs | ||
| with: | ||
| xgo_version: latest | ||
| go_version: 1.17 | ||
| dest: build | ||
| pkg: cmd | ||
| prefix: server | ||
| targets: windows/amd64,linux/386,linux/amd64,darwin/386,darwin/amd64 | ||
| # Prints the build commands as compilation progresses (default false) | ||
| x: true | ||
| ldflags: -w -s | ||
| buildmode: c-shared | ||
| working_dir: ./src-go/server | ||
| - name: Upload to GitHub releases | ||
| uses: xresloader/upload-to-github-release@v1 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| with: | ||
| file: "./src-go/server/build/*" | ||
| delete_file: "build/*.h" | ||
| tags: true | ||
| draft: false | ||
| update_latest_release: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -5,3 +5,4 @@ | |
| *.h | ||
| *.so | ||
| *.dll | ||
| *.dylib | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,10 +1,29 @@ | ||
| # Awesome TLS | ||
| Fixes Burp Suite's horrible TLS stack. | ||
| This extension hijacks Burp's HTTP and TLS stack to make it more powerful and less prone to fingerprinting by all kinds of WAFs. | ||
| It does this without resorting to hacks, reflection or forked Burp Suite Community code. All Java code only utilises Burp's Extender API. | ||
|
|
||
| ## Build Instructions | ||
| This extension was developed with JetBrains IntelliJ IDE. | ||
| These build instructions assume you're using it too. | ||
| ## How it works | ||
| Unfortunately Burp's Extender API is very limited for more advanced use cases like this, so I had to play around with it to make this work. | ||
|
|
||
| 1. Compile the go package within `./src-go/`. See [go-src/server](./src-go/server) for build instructions. | ||
| Once a request comes in, the extension intercepts it and forwards it to a local HTTPS server that started in the background once loaded/installed. | ||
| This server works like a proxy; it forwards the request to the destination, while persisting the original header order and applying a customizable TLS configuration. | ||
| Then, the local server forwards the response back to Burp. | ||
|
|
||
| Configuration settings and other necessary information like the destination server address are sent to the local server per request by a magic header. | ||
| This magic header is stripped from the request before it's forwarded to the destination server, of course. | ||
|
|
||
|  | ||
|
|
||
| Another option would've been to code an upstream proxy server and connect burp to it, but I personally wanted an extension because it's customizable at runtime and more portable. | ||
|
|
||
| ## Manual build Instructions | ||
| This extension was developed with JetBrains IntelliJ (and GoLand) IDE. | ||
| The build instructions below assume you're using the same tools to build. | ||
| See [workflows](.github/workflows) for the target programming language versions. | ||
|
|
||
| 1. Compile the go package within `./src-go/`. Run `cd ./src-go/server && go build -o ../../src/main/resources/{OS}-{ARCH}/server.{EXT} -buildmode=c-shared ./cmd/main.go`, replacing `{OS}-{ARCH}` with your OS and CPU architecture and `{EXT}` with your platform's preferred extension for dynamic C libraries. For example: `linux-x86-64/server.so`. See the [JNA docs](https://github.com/java-native-access/jna/blob/master/www/GettingStarted.md) for more info about supported platforms. | ||
| 2. Compile the GUI form `SettingsTab.form` into Java code via `Build > Build project`. | ||
| 3. Build the jar with Gradle. | ||
| 3. Build the fat jar with Gradle. | ||
|
|
||
| You should now have on jar file, containing all dependencies. | ||
| If you'd rather separate the server binary from the jar, start over from step 1 but instead build the binary to the output directory of the jar. |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters