Windows-burp-client does not receive certificate correctly if cert location is saved to a FAT32 partition

[Dpunkt]

When preparing a bootable restore stick (using windows PE, which creates a FAT32 partition by default) to restore windows machines, I run into a certificate problem:

After Installing burp and copying the burp folder to the "Recovery" flash drive, i edited the config (path,name, password,..) to suit my need.
Then I booted Windows PE and tried a restore. Since this client is new it generates a certificate, which it let sign the server. But on the FAT32 Partition setting the file dates seems to fail, the ssl_cert_ca.pem is empty. Afterwards the client is unable to connect (wrong certificate) and also unable to resign another cert (already existing).

I thought it might be a Windows PE issue, but the same problem occured when I tried running burp from this flash drive in windows.
After copying the burp folder to a NTFS partition, changing the paths (burp.cfg and in burp_ca.bat) everything worked fine.

After copying the certs back to the flash drive burp starts to work on windows pe like I expected it in the first place.

Also I would like a files-only distribution of the windows binarys (without this 32 bit installer), as it would simplify updating my flash drive very much. (The 32bit subsystem is missing in 64 bit WinPE)

[grke]

Hello,
setting the file dates seems to fail
What exactly do you mean by this? Is this an error that comes out somewhere?

[Dpunkt]

Yes, the message leads me to this assumption. I attached the outputs of the first connections.
Client Version: 2.2.18 on Windows

On FAT32 Drive E:
`
E:_Tools\burp2>bin\burp -a l -c burp.conf
2020-01-26 15:14:20: bin\burp[3836] Could not find ssl_cert E:/_Tools/Burp2/ssl_cert-client.pem: Unknown error
2020-01-26 15:14:20: bin\burp[3836] Could not find ssl_key E:/_Tools/Burp2/ssl_cert-client.key: Unknown error
2020-01-26 15:14:20: bin\burp[3836] Could not find ssl_cert_ca E:/_Tools/Burp2/ssl_cert_ca.pem: Unknown error
2020-01-26 15:14:20: bin\burp[3836] Connecting to 192.168.1.1:4971
2020-01-26 15:14:20: bin\burp[3836] auth ok
2020-01-26 15:14:20: bin\burp[3836] Server version: 2.2.18
2020-01-26 15:14:20: bin\burp[3836] Server will sign a certificate request
2020-01-26 15:14:20: bin\burp[3836] Generating SSL key and certificate signing request
2020-01-26 15:14:20: bin\burp[3836] Running 'E:/_Tools/Burp2/bin/burp_ca.bat --key --keypath E:/_Tools/Burp2/ssl_cert-client.key --request --requestpath E:/_Tools/Burp2/CA/restoreclientusb.csr --name restoreclientusb'
2020-01-26 15:14:20: bin\burp[3836] Could not set privilege SeBackupPrivilege
2020-01-26 15:14:20: bin\burp[3836] Could not set privilege SeRestorePrivilege
2020-01-26 15:14:20: bin\burp[3836] Could not set privilege SeSecurityPrivilege
2020-01-26 15:14:20: bin\burp[3836] Some privileges were not enabled.

2020-01-26 15:14:20: bin\burp[3836] Are you running as Administrator?

E:_Tools\burp2>echo off
"generating key restoreclientusb: E:_Tools\Burp2\ssl_cert-client.key"
Generating RSA private key, 2048 bit long modulus
...........................................................................+++
..............+++
e is 65537 (0x010001)
"generating certificate signing request: E:_Tools\Burp2\CA\restoreclientusb.csr
"
2020-01-26 15:14:32: bin\burp[3836] Sent E:/_Tools/Burp2/CA/restoreclientusb.csr

2020-01-26 15:14:34: bin\burp[3836] WARNING: Unable to set file times E:/_Tools/Burp2/ssl_cert-client.pem.3836: ERR=Falscher Parameter.

2020-01-26 15:14:34: bin\burp[3836] Received: E:/_Tools/Burp2/ssl_cert-client.pem.3836
2020-01-26 15:14:34: bin\burp[3836] main socket 176: Got network read error
2020-01-26 15:14:34: bin\burp[3836] main socket 176: network read problem in asfd_do_read_ssl: 5 - 0=No error
2020-01-26 15:14:34: bin\burp[3836] This is probably caused by the peer exiting.

2020-01-26 15:14:34: bin\burp[3836] Please check the peer's logs.
2020-01-26 15:14:34: bin\burp[3836] transfer file returning: -1
2020-01-26 15:14:34: bin\burp[3836] WARNING: Unable to set file times E:/_Tools/Burp2/ssl_cert_ca.pem.3836: ERR=Falscher Parameter.

2020-01-26 15:14:34: bin\burp[3836] Received: E:/_Tools/Burp2/ssl_cert_ca.pem.38
36
2020-01-26 15:14:35: bin\burp[3836] Re-opening connection to server
2020-01-26 15:14:40: bin\burp[3836] Can't read ssl_cert_ca file: E:/_Tools/Burp2/ssl_cert_ca.pem
2020-01-26 15:14:40: bin\burp[3836] error initialising ssl ctx`

From NTFS C: (after Deleting the cert on the server side to retry)
`C:_Tools\burp2>echo off
"generating key restoreclientusb: C:_Tools\Burp2\ssl_cert-client.key"
Generating RSA private key, 2048 bit long modulus
.........................+++
........+++
e is 65537 (0x010001)
"generating certificate signing request: C:_Tools\Burp2\CA\restoreclientusb.csr
"
2020-01-26 15:16:08: bin\burp[3696] Sent C:/_Tools/Burp2/CA/restoreclientusb.csr

2020-01-26 15:16:09: bin\burp[3696] Received: C:/_Tools/Burp2/ssl_cert-client.pem.3696
2020-01-26 15:16:09: bin\burp[3696] Received: C:/_Tools/Burp2/ssl_cert_ca.pem.3696
2020-01-26 15:16:09: bin\burp[3696] Re-opening connection to server
2020-01-26 15:16:14: bin\burp[3696] Connecting to 192.168.1.1:4971
2020-01-26 15:16:14: bin\burp[3696] auth ok
2020-01-26 15:16:14: bin\burp[3696] Server version: 2.2.18
2020-01-26 15:16:14: bin\burp[3696] nocsr ok
2020-01-26 15:16:14: bin\burp[3696] SSL is using cipher: ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD

2020-01-26 15:16:14: bin\burp[3696] extra_comms_begin ok:autoupgrade:incexc:orig_client:uname:counters_json:msg:forceproto=1:rshash=blake2:
2020-01-26 15:16:14: bin\burp[3696] Server is forcing protocol 1no backups
2020-01-26 15:16:14: bin\burp[3696] List finished ok
`

[grke]

Hello,
Thanks for that. I will need some spare time to getting around to setting this up and reproducing it.

[grke]

#864 - for the feature request for a separate files-only release.

[grke]

This was fixed in the latest release, last month. Closing.