burp client usage

由 datahunter 在三, 27/03/2019 - 16:26 發表

最後更新: 2019-08-01

Backup

# Runs a Backup by hand

burp -a b

* 當 File/Folder 的 permission 改變後, 不會把 File/Folder 視為"新"的而去 backkup

# Timed Backup

burp -a t

2017-09-22 10:38:17: burp.exe[5932] auth ok
2017-09-22 10:38:17: burp.exe[5932] Server version: 2.0.54
2017-09-22 10:38:17: burp.exe[5932] nocsr ok
2017-09-22 10:38:17: burp.exe[5932] SSL is using cipher: DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DHAu=RSA  Enc=AESGCM(256) Mac=AEAD
2017-09-22 10:38:17: burp.exe[5932] extra_comms_begin ok:autoupgrade:incexc:orig_client:uname:counters_json:msg:forceproto=1:
2017-09-22 10:38:17: burp.exe[5932] Server is forcing protocol 1
2017-09-22 10:38:17: burp.exe[5932] Timer conditions on the server were not met

# Client 自發的 Timed Backup

# 此設定會在 cron jobs 用到

0,20,40 * * * * root    /usr/sbin/burp -a t -q 1200 >>/var/log/burp-client 2>&1

Check Current Settings

burp -t

List backup

# Lists the available backups and dates.

burp -a l # 相當於執行 burp

Backup: 0000001 2013-10-17 20:04:12 (deletable)
Backup: 0000002 2013-10-17 20:04:51
Backup: 0000003 2013-10-17 20:05:42
Backup: 0000004 2013-10-17 20:07:10
Backup: 0000005 2013-10-17 20:11:55

# Lists all the files in backup number 1

burp -a l -b 1

Backup: 0000006 2013-10-17 20:18:42
C:/test
C:/test/burp-win32-installer-1.3.38.exe
C:/test/mysql-4.1.22-win32
C:/test/mysql-4.1.22-win32/Setup.exe
C:/test/pietty0.327.exe
C:/test/test.txt
C:/test/test2.txt
2013-10-17 15:01:42: burp.exe[2620] List finished ok
2013-10-17 15:01:42: burp.exe[2620] after client

# Lists all the files in all the backups

burp -a l -b a

# Lists all the files in the current backup

burp.exe -a l -b c

# Long lists (ls -l) with filename (-r myregex)

burp -a L -b 1 -r myregex

i.e. 列出在 backup 5 內有 mysql 這名的檔案

burp -a l -b 5 -r mysql

Backup: 0000005 2013-10-17 20:11:55
With regex: mysql
C:/test/mysql-4.1.22-win32
C:/test/mysql-4.1.22-win32/Setup.exe
2013-10-17 15:11:08: burp.exe[2652] List finished ok

Mysql 與 mysql 係不同的 !!

Monitor

burp -a s

 burp monitor 1.3.38                                                 2013-10-17 21:24:30

 * tim            idle           last backup: 0000001 2013-10-17 19:55:41
   winxp1         idle           last backup: 0000006 2013-10-17 20:18:42

Restore

[1] -a r

# Restores all the files in the most recent backup to their original location.

burp -a r

-f Short for 'force overwrite'

* Without '-f' option set, a restore will not overwrite existing files

* 在 Windows 上 restore 要加上 -d

[2] -b N

# Restores all the files in backup number 3

burp -a r -b 3

[3] -d P

# restore 到另一個 folder (/tmp/restore)

# Burp will create the "restore" directory if it doesn't exist

burp -a r -d /tmp/restore

設定 Default restore 去邊: burp.conf

restoreprefix = /home/restore

[4] -r regex

# restore expression 'myregex' into the directory /tmp/restoredir.

burp -a r -b 1 -r myregex -d c:/restore

C:\restore\C_\test

* 所有Path有 mysql 的項目都會 restore 到 c:/restore

[5] -s

# strip off some of the original leading directories (-s)

burp -a r -r test.txt -d /tmp/restore -s 3

# 找出 file

burp.exe -a l -r test.txt

...
Backup: 0000013 2019-03-27 13:09:44 +0800 (deletable)
With regex: test.txt
D:/test-burp/1/2/3/test.txt
...

burp.exe -a r -r test.txt -d d:/restore

dir /b /s d:\restore

...
d:\restore\D_\test-burp\1\2\3\test.txt

burp.exe -a r -r test.txt -d d:\restore -s 5 # 去除 5 層後: d:\restore\test.txt

Windows

# 在 windows 上 restore 要加上 "-x"

-x On restore, do not use the Windows VSS API, and strip out the VSS data.
-X Like "-x" but do not attempt to strip out the VSS data.

burp -a r -x

# 否則會有 Error

...
2019-08-01 16:26:41: burp[2076] doing restore 0:
2019-08-01 16:26:41: burp[2076] doing restore confirmed

2019-08-01 16:26:42: burp[2076] error when appending 1024: -1
2019-08-01 16:26:42: burp[2076] transfer file returning: -1
2019-08-01 16:26:42: burp[2076] WARNING: Could not transfer file in: 
  D:/tmp/C_/Users/Administrator/.rnd
fdd2019-08-01 16:26:42: burp[2076] error when appending 16000: -1
2019-08-01 16:26:42: burp[2076] transfer file returning: -1
2019-08-01 16:26:42: burp[2076] WARNING: Could not transfer file in: 
  D:/tmp/C_/Users/Administrator/AppData/Local/GDIPFONTCACHEV1.DAT
fd2019-08-01 16:26:42: burp[2076] error when appending 16000: -1
2019-08-01 16:26:42: burp[2076] transfer file returning: -1
2019-08-01 16:26:42: burp[2076] WARNING: Could not transfer file in:
  D:/tmp/C_/Users/Administrator/AppData/Local/IconCache.db
2019-08-01 16:26:42: burp[2076] unexpected command in restore_interrupt(): c:000A:restoreend
2019-08-01 16:26:42: burp[2076] restore_file error 5

Other Usage

# Verify backup

i.e. verify 最新一次 backup

burp -a v

i.e. verify 指定 id 的 backup

burp -a v -b 5

2013-10-17 15:07:07: burp.exe[1764] doing verify
2013-10-17 15:07:08: burp.exe[1764] doing verify confirmed

fffffff 7

--------------------------------------------------------------------------------

Start time: 2013-10-17 23:04:32
  End time: 2013-10-17 15:07:08
Time taken: -7:-57:-7:-24
                             Attempted | Expected
                   ------------------------------
            Files:                   7 |        7
      Grand total:                   7 |        7
                   ------------------------------

             Warnings:             0

      Bytes estimated:      46849184 (44.68 MB)
        Bytes checked:             0
--------------------------------------------------------------------------------

2013-10-17 15:07:08: burp.exe[1764] got verify end
2013-10-17 15:07:08: burp.exe[1764] verify finished

# Delete backup

i.e. delete number 1

burp -a delete -b 1

# Show Backup Difference

# Report the differences between the current backup and the backup that will be made next.

burp -a d

# Report the differences between backups 1 and 2

burp -a d -b 1 -b 2

瀏覽次數： 791

夢想家