From 8ee1c901feacc5d4b0f87564eaf2497380cabfe5 Mon Sep 17 00:00:00 2001
From: vasco <vasco@vascoalves.xyz>
Date: Tue, 26 May 2026 13:37:17 +0100
Subject: [PATCH] movi webserver para o firewall

---
 CLIENT.sh       |  8 ++++----
 FIREWALL.sh     | 27 +++++++++++++++++++++++++--
 WEB_SERVER.sh   | 35 -----------------------------------
 conf/httpd.conf |  4 ++--
 4 files changed, 31 insertions(+), 43 deletions(-)
 delete mode 100644 WEB_SERVER.sh

diff --git a/CLIENT.sh b/CLIENT.sh
index e65b491..a6615ba 100644
--- a/CLIENT.sh
+++ b/CLIENT.sh
@@ -10,11 +10,11 @@ sudo route add default gw 20.60.0.1
 # owasp zap
 instalar java-17-openjdk
 if [ ! -d "/opt/zap" ]; then
-    sudo wget -q https://github.com/zaproxy/zaproxy/releases/download/v2.14.0/ZAP_2.14.0_Linux.tar.gz -O /tmp/zap.tar.gz
-    sudo tar -xzf /tmp/zap.tar.gz -C /opt
-    sudo mv /opt/ZAP_2.14.0 /opt/zap
+    sudo wget -q https://github.com/zaproxy/zaproxy/releases/download/v2.17.0/ZAP_2_17_0_unix.sh -O /tmp/zap.sh
+    sudo chmod +x /tmp/zap.sh
+    sudo /tmp/zap.sh -q -dir /opt/zap
     sudo ln -s /opt/zap/zap.sh /usr/local/bin/zap
-    rm -f /tmp/zap.tar.gz
+    rm -f /tmp/zap.sh
 fi
 
 
diff --git a/FIREWALL.sh b/FIREWALL.sh
index 4e546cd..95fc341 100644
--- a/FIREWALL.sh
+++ b/FIREWALL.sh
@@ -8,6 +8,14 @@ IP_INTERNAL="10.60.0.1"
 sudo ifconfig enp0s8 $IP_EXTERNAL netmask 255.255.255.0
 sudo ifconfig enp0s9 $IP_INTERNAL netmask 255.255.255.0
 
+# instalar packages
+if ! command -v node &> /dev/null || [[ "$(node -v)" != v24.* ]]; then
+    echo "Configurando repositório do Node.js 24..."
+    curl -fsSL https://rpm.nodesource.com/setup_24.x | sudo bash -
+    sudo yum remove -y nodejs
+fi
+instalar nodejs
+
 # instalar mod security e apache
 instalar epel-release
 instalar httpd
@@ -25,5 +33,20 @@ sudo iptables-save > /etc/sysconfig/iptables
 
 sudo cp conf/httpd.conf /etc/httpd/httpd.conf
 
-# apache
-s enable --now httpd
\ No newline at end of file
+# instalar juice-shop se nao existir
+jspath="/var/juice-shop"
+if [[ ! -f "$jspath/package.json" ]]; then
+    sudo mkdir -p "$jspath"
+    curl -L -o js.tar.gz "https://github.com/juice-shop/juice-shop/releases/download/v20.0.0/juice-shop-20.0.0_node24_linux_x64.tgz"
+    sudo tar -xzvf js.tar.gz -C "$jspath" --strip-components=1
+    rm js.tar.gz
+    sudo chown -R $USER:$USER "$jspath"
+fi
+
+# apache WAF (desativado por default)
+s stop httpd
+s disable httpd
+
+# correr juice shop via npm
+cd "$jspath"
+npm start
\ No newline at end of file
diff --git a/WEB_SERVER.sh b/WEB_SERVER.sh
deleted file mode 100644
index eeee716..0000000
--- a/WEB_SERVER.sh
+++ /dev/null
@@ -1,35 +0,0 @@
-#!/bin/bash
-
-source CONFIG.sh
-
-# instalar packages
-if ! command -v node &> /dev/null || [[ "$(node -v)" != v24.* ]]; then
-    echo "Configurando repositório do Node.js 24..."
-    curl -fsSL https://rpm.nodesource.com/setup_24.x | sudo bash -
-    sudo yum remove -y nodejs
-fi
-instalar nodejs
-
-# instalar juice-shop se nao existir
-jspath="/var/juice-shop"
-if [[ ! -f "$jspath/package.json" ]]; then
-    sudo mkdir -p "$jspath"
-    curl -L -o js.tar.gz "https://github.com/juice-shop/juice-shop/releases/download/v20.0.0/juice-shop-20.0.0_node24_linux_x64.tgz"
-    sudo tar -xzvf js.tar.gz -C "$jspath" --strip-components=1
-    rm js.tar.gz
-    sudo chown -R $USER:$USER "$jspath"
-fi
-
-# fazer so depois de instalar tudo
-ativar_firewall
-
-# interfaces
-IP="10.60.0.2"
-sudo ifconfig enp0s8 $IP netmask 255.255.255.0
-sudo route add default gw 10.60.0.1
-
-
-# correr juice shop via npm
-cd "$jspath"
-npm start
-
diff --git a/conf/httpd.conf b/conf/httpd.conf
index 76d41c7..90eea2c 100644
--- a/conf/httpd.conf
+++ b/conf/httpd.conf
@@ -74,8 +74,8 @@ ProxyRequests Off
 ProxyPreserveHost On
 
 <VirtualHost *:420>
-    ProxyPass / http://10.60.0.2:3000/
-    ProxyPassReverse / http://10.60.0.2:3000/
+    ProxyPass / http://127.0.0.1:3000/
+    ProxyPassReverse / http://127.0.0.1:3000/
 </VirtualHost>
 
 # EnableMMAP off