View from unknown mountain

Quick Overview of the Burpsuite – Qubes OS – Java Overlay Issue

In the beginning of 2018, people began complaining in the Burp Community about some issues with overlays in the new Burp version (1.7.31 at that time). Obviously this affected Burpsuite under Fedora 26 at that time.
I can confirm that under Qubes OS, you are also faced with this issue – independent of Fedora or Debian – so here is what you can do about it.

First of all, the discussion continued throughout 2018 where the Burpsuite folks were trying to help but couldn’t reproduce the issues. Also, the first Qubes users came up on stage confirming that they have issues with Burp as well.

screenshot-burp-issue-qubes

In parallel, people opened a case on the Qubes side as well:

Sub windows in java applications close immediately #3982

It affected primarily users with Qubes 3.2 & xfce – Qubes version 4.0 didn’t resolve the issue – but Qubes folks closed the ticket as “not our bug”.

Then, finally in December 2018, Burp said that they found the issue and they will fix it in the next BETA release.

burp-issue-java-qubes

I just tested version 1.7.28 (free community version) and I can confirm that the issue didn’t exist yet. The filter window properly pops up which is not the case for newer versions.

working-java-burpsuite-qubes

I also tested version 1.7.29 (free community version) and I can confirm that something changed between these 2 versions that brought up the issue. Since I do not have a professional version by hand, I couldn’t check whether the latest BETA has fixed the issue. Right now it’s only available to professional licenses.

What can you do?

You have different options.

  1. First, in case you have a professional license, go and check out the latest version 2.0.14 BETA – information can be found here. The release notes do not indicate that anything substantial changed in regards to the issue above, but nevertheless you should try.
  2. In case you don’t have a professional license, go back to version 1.7.28 in your Qubes VM e.g. Kali. You can either change the TemplateVM (in case you use one) or drop the binary directly into your home folder. I recommend to change directly the TemplateVM so in case you create new VMs out of it, it replicates the right Burp version that works.
    How to do this?
    a) Download .sh installer of Burp (version 1.7.28) into a DispVM
    b) qvm-move-to-vm the file to your destination TemplateVM and install the .sh to /usr/share/applications/$$Burpfolder
    c) then change the .desktop file in the folder to something shorter and move it to /usr/share/applications/:
    sudo mv ‘Burp Suite Community Edition.desktop’ burpsuite.desktop
    sudo mv burpsuite.desktop ../
    d) Now go to Dom0 (let the Template VM run) – and execute qvm-sync-appmenus $$TemplateVM
    e) Shut down your TemplateVM and start your AppVM based on the template – Go to the application menu of your Dom0 and add Burp to your shortcut menu for this AppVM – then start Burp – ignore the update request and enjoy a Burp version that at least does not have this Java Overlay issue. This solution works quite stable for me – although you don’t have the latest version, you have a running Burp that does not display any overlay issues.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s