Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
=[Burp proxy WMAP Plugin				                     [email protected]
2
------------------------------------------------------------------------------------------------------------
3

4

5
=[ Intro.
6

7
Simple plugin for the burp proxy 1.1/1.2 which stores the requests
8
in the metasploit/wmap database. At the moment only
9
sqlite3 is supported, I will add support for other databases
10
in later releases...
11

12

13
=[ Howto install/run.
14

15
1. Download burp proxy 1.2: http://portswigger.net/suite/burpsuite_v1.2.zip
16
2. Download SQLiteJDBC Jar: http://www.zentus.com/sqlitejdbc/
17
3. Copy sqlitejdbc-v054.jar and wmapplugin.jar into the burp proxy directory
18
4. Run the following command:
19

20
   java -cp sqlitejdbc-v054.jar;burpsuite_v1.2.jar;wmap_plugin_v0.1-burp_v1.2.jar burp.StartBurp database=test.db
21

22
   test.db is the name/path of your metasploit sqlite3 database file. You must create the db schema
23
   in the Metasploit Framework first (by using "db_create")
24

25

26
=[ Questions/Answers
27

28

29
1. Can I use the burp spider to fill my WMAP request table?
30

31
   Sorry, no you can't. The reason is that the spider doesn't call implementations of the IBurpExtender
32
   interface. So you can only use the MITM Proxy.
33

34

35
2. I found a bug, what can I do?
36

37
   You can send a description to [email protected]. I will try to fix it.
38

39
3. Is there a way to extend the stuff you wrote?
40
   Shure, I included the source code in the jar file. Feel free to use it.
41

42
=[ EOF.
43