Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Added Burp Proxy v1.x support for Wmap by Spinbad

git-svn-id: file:///home/svn/framework3/trunk@6132 4d416f70-5f16-0410-b530-b9f4589650da
  • Loading branch information...
commit 34c0b3a2fa3dd9f0dbdecc69e8d04289b40b437d 1 parent 0dbdc97
et authored
View
42 external/burp-proxy/readme.txt
@@ -0,0 +1,42 @@
+=[Burp proxy WMAP Plugin spinbad.security@googlemail.com
+------------------------------------------------------------------------------------------------------------
+
+
+=[ Intro.
+
+Simple plugin for the burp proxy 1.1/1.2 which stores the requests
+in the metasploit/wmap database. At the moment only
+sqlite3 is supported, I will add support for other databases
+in later releases...
+
+
+=[ Howto install/run.
+
+1. Download burp proxy 1.2: http://portswigger.net/suite/burpsuite_v1.2.zip
+2. Download SQLiteJDBC Jar: http://www.zentus.com/sqlitejdbc/
+3. Copy sqlitejdbc-v054.jar and wmapplugin.jar into the burp proxy directory
+4. Run the following command:
+
+ java -cp sqlitejdbc-v054.jar;burpsuite_v1.2.jar;wmap_plugin_v0.1-burp_v1.2.jar burp.StartBurp database=test.db
+
+ test.db is the name/path of your metasploit sqlite3 database file. You must create the db schema
+ in the metasploit framework first (by using "db_create")
+
+
+=[ Questions/Answers
+
+
+1. Can I use the burp spider to fill my WMAP request table?
+
+ Sorry, no you can't. The reason is that the spider doesn't call implementations of the IBurpExtender
+ interface. So you can only use the MITM Proxy.
+
+
+2. I found a bug, what can I do?
+
+ You can send a description to spinbad.security@googlemail.com. I will try to fix it.
+
+3. Is there a way to extend the stuff you wrote?
+ Shure, I included the source code in the jar file. Feel free to use it.
+
+=[ EOF.
View
BIN  external/burp-proxy/wmap_plugin_v0.1-burp_v1.1.jar
Binary file not shown
View
BIN  external/burp-proxy/wmap_plugin_v0.1-burp_v1.2.jar
Binary file not shown
Please sign in to comment.
Something went wrong with that request. Please try again.