February 18, 2021
How to Update Burp Suite in Kali Linux
February 18, 2021
While this information might already be available in various online forums or quickly retrieved via searching online, there are certain situations where manual intervention might be needed to update the Burp Suite installation in Kali Linux. Upon opening the Burp Suite application in Kali, there is a persistent alert notification that prompts downloading a new version of Burp Suite. Even after running several software updates, followed by package updates through the 'apt-get update' command on Kali, it was still necessary to manually update Burp Suite so that the update could work. Burp Suite can be quickly launched via Applications > Web Applications under numerous sub-menus. It can also be launched from Top 10 Security Tools. Usually, Burp Suite resides in /usr/bin.
Image alt text: Locating Burp suite from Kali Desktop by using the Application Search feature
The Steps to Update Burp Suite
To check if an automatic update is possible, click on the update prompt if it appears. One can also check the Burp Suite update by clicking on Help > Check for Updates, as shown below. If any updates are shown to be available, one can follow the prompts in the subsequent popup window to complete the download.
Manually Updating Burp Suite from the JAR file
In case the above methods fail, one should consider manually downloading the JAR file from the Burp Suite website and try to place it in the /usr/bin directory or in Burp Suite's Installation directory in the Kali installation. To update Burp Suite in this manner, download a copy of the latest version of Burp Suite from the official Portswigger website: https://portswigger.net/burp/communitydownload
The first step in this process is to click on the Download the latest version button on the above page, which redirects to the page containing the latest release of Burp Suite.
Ways to Download the JAR file:
Navigating to the Burp Suite Releases page in a browser, selecting JAR from the second drop-down menu, then clicking on Download, or visiting this direct download link to get the JAR file if the latest release version number is known -
https://portswigger.net/burp/releases/download?product=community&version=2020.12.1&type=Jar (Note: Replace the version with the latest version available at the time).
The second way to Download this JAR file is from the command line:
The required Burp Suite version can be in a variable, or one should be able to change this to the latest version (in the version parameter of the URL below) by visiting the Burp Download page and checking out the version of the latest release. Then, the manual JAR download can be done by the following command, and the required version can be added to it -- wget "https://portswigger.net/burp/releases/download?product=community&version=2020.12.1&type=Jar".
As the download starts, a message would appear in the terminal, similar to this:
- The previously downloaded JAR file needs to be renamed to 'burpsuite' and moved to the 'burpsuite' installation directory found in the last step, using the 'which' command.
- Next, one needs to add Executable permissions to it using 'chmod +x burpsuite' so that 'burpsuite' can be executed as an application. The password (default: kali) for the current Kali user may need to be entered in this step to execute the 'mv' command as 'sudo,' i.e., 'sudo mv burpsuite /usr/bin/burpsuite.' When this file is moved, the old 'burpsuite' application file will be automatically replaced by this newer version downloaded in the previous step.
- Now, by entering 'burpsuite' in the terminal, one can check if the update was successful. The Update Message should be gone now.
- It can be closed now, and one can start using Burp Suite like before. The annoying update alert should hopefully be gone.
Upon launching Burp Suite again, one will notice that they won't be alerted that a new update is available for Burp Suite, proving that the latest version of Burp Suite is now running on the machine. After a successful launch, the old Burp Suite installation file can be safely removed (or deleted) from the */usr/bin *directory, which was already accomplished by renaming and moving the newly downloaded JAR file the directory of the original burp installation. Note: One can write a shell script to automate the process for subsequent manual updates, making this process even easier, in case it's needed.