vasco/FSI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

movi webserver para o firewall

Browse Source
This commit is contained in:
vasco
2026-05-26 13:37:17 +01:00
parent b4ff1c0018
commit 8ee1c901fe
4 changed files with 31 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
CLIENT.sh
View File

@@ -10,11 +10,11 @@ sudo route add default gw 20.60.0.1
# owasp zap # owasp zap
instalar java-17-openjdk instalar java-17-openjdk
if [ ! -d "/opt/zap" ]; then if [ ! -d "/opt/zap" ]; then
sudo wget -q https://github.com/zaproxy/zaproxy/releases/download/v2.14.0/ZAP_2.14.0_Linux.tar.gz -O /tmp/zap.tar.gz sudo wget -q https://github.com/zaproxy/zaproxy/releases/download/v2.17.0/ZAP_2_17_0_unix.sh -O /tmp/zap.sh
sudo tar -xzf /tmp/zap.tar.gz -C /opt sudo chmod +x /tmp/zap.sh
sudo mv /opt/ZAP_2.14.0 /opt/zap sudo /tmp/zap.sh -q -dir /opt/zap
sudo ln -s /opt/zap/zap.sh /usr/local/bin/zap sudo ln -s /opt/zap/zap.sh /usr/local/bin/zap
rm -f /tmp/zap.tar.gz rm -f /tmp/zap.sh
fi fi

27
FIREWALL.sh
View File

@@ -8,6 +8,14 @@ IP_INTERNAL="10.60.0.1"
sudo ifconfig enp0s8 $IP_EXTERNAL netmask 255.255.255.0 sudo ifconfig enp0s8 $IP_EXTERNAL netmask 255.255.255.0
sudo ifconfig enp0s9 $IP_INTERNAL netmask 255.255.255.0 sudo ifconfig enp0s9 $IP_INTERNAL netmask 255.255.255.0
# instalar packages
if ! command -v node &> /dev/null || [[ "$(node -v)" != v24.* ]]; then
echo "Configurando repositório do Node.js 24..."
curl -fsSL https://rpm.nodesource.com/setup_24.x | sudo bash -
sudo yum remove -y nodejs
fi
instalar nodejs
# instalar mod security e apache # instalar mod security e apache
instalar epel-release instalar epel-release
instalar httpd instalar httpd
@@ -25,5 +33,20 @@ sudo iptables-save > /etc/sysconfig/iptables
sudo cp conf/httpd.conf /etc/httpd/httpd.conf sudo cp conf/httpd.conf /etc/httpd/httpd.conf
# apache # instalar juice-shop se nao existir
s enable --now httpd jspath="/var/juice-shop"
if [[ ! -f "$jspath/package.json" ]]; then
sudo mkdir -p "$jspath"
curl -L -o js.tar.gz "https://github.com/juice-shop/juice-shop/releases/download/v20.0.0/juice-shop-20.0.0_node24_linux_x64.tgz"
sudo tar -xzvf js.tar.gz -C "$jspath" --strip-components=1
rm js.tar.gz
sudo chown -R $USER:$USER "$jspath"
fi
# apache WAF (desativado por default)
s stop httpd
s disable httpd
# correr juice shop via npm
cd "$jspath"
npm start

35
WEB_SERVER.sh
View File

@@ -1,35 +0,0 @@
#!/bin/bash
source CONFIG.sh
# instalar packages
if ! command -v node &> /dev/null || [[ "$(node -v)" != v24.* ]]; then
echo "Configurando repositório do Node.js 24..."
curl -fsSL https://rpm.nodesource.com/setup_24.x | sudo bash -
sudo yum remove -y nodejs
fi
instalar nodejs
# instalar juice-shop se nao existir
jspath="/var/juice-shop"
if [[ ! -f "$jspath/package.json" ]]; then
sudo mkdir -p "$jspath"
curl -L -o js.tar.gz "https://github.com/juice-shop/juice-shop/releases/download/v20.0.0/juice-shop-20.0.0_node24_linux_x64.tgz"
sudo tar -xzvf js.tar.gz -C "$jspath" --strip-components=1
rm js.tar.gz
sudo chown -R $USER:$USER "$jspath"
fi
# fazer so depois de instalar tudo
ativar_firewall
# interfaces
IP="10.60.0.2"
sudo ifconfig enp0s8 $IP netmask 255.255.255.0
sudo route add default gw 10.60.0.1
# correr juice shop via npm
cd "$jspath"
npm start

4
conf/httpd.conf
View File

@@ -74,8 +74,8 @@ ProxyRequests Off
ProxyPreserveHost On ProxyPreserveHost On
<VirtualHost *:420> <VirtualHost *:420>
ProxyPass / http://10.60.0.2:3000/ ProxyPass / http://127.0.0.1:3000/
ProxyPassReverse / http://10.60.0.2:3000/ ProxyPassReverse / http://127.0.0.1:3000/
</VirtualHost> </VirtualHost>
# EnableMMAP off # EnableMMAP off