취약 웹 개발

CentOS 인프라 구성

CodeBeginer 2023. 3. 30. 14:19

VMware NAT 설정

 

*eth0 (vm host-only)

1. 네트워크 공유 -> 어댑터 설정 변경 -> eth8 (vm nat) 속성 -> TCP/IPv4 속성 -> 다음 IP주소사용 192.168.xxx.1

2. vmware edit -> nat 설정 -> net settings -> 192.168.xxx.2

*주의* ping google.com 으로 핑이가면 잘 된거임 근데 192.168.xxx.1은 안될수 있음 윈도우 방화벽 때문 상관 x

 

vi /etc/sysconfig/network-scripts/ifcfg-ens33

BOOTPROTO=static
ONBOOT=yes
IPADDR=192.168.100.200
NETMASK=255.255.255.0
GATEWAY=192.168.100.2
DNS1=192.168.100.2

 

service network restart

ping google.com -> 확인

 

ping error

방화벽 -> 허용 앱 -> 파일 및 프린터 공유 확인

 

tomcat

더보기

yum update

yum list java*jdk-devel

yum install -y java-1.8.0-openjdk-devel.x86_64

java -version

 

yum install wget -y

wget http://archive.apache.org/dist/tomcat/tomcat-8/v8.5.27/bin/apache-tomcat-8.5.27.tar.gz

tar zxvf apache-tomcat-8.5.27.tar.gz

mv apache-tomcat-8.5.27 /usr/local/tomcat

 

which java

vi /etc/profile (shift +g 맨아래)

 

export JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.x86_64
export CATALINA_HOME=/usr/local/tomcat
export CATALINA_BASE=/usr/local/tomcat
export CLASSPATH=.:$JAVA_HOME/lib/tools.jar:$CATALINA_HOME/lib-jsp-api.jar:$CATALINA_HOME/lib/servlet-api.jar:$CATALINA_HOME/webapps/fintech_pj_damn/WEB-INF/classes

 

echo $JAVA_HOME

source /etc/profile

 

시스템 등록 및 방화벽 끄기

systemctl stop firewalld

systemctl disable firewalld

chmod -R +x /usr/local/tomcat/bin/*.sh

vi /etc/systemd/system/tomcat.service

[Unit]
Description=Apache Tomcat Service
After=syslog.target network.target

[Service]
Type=forking

WorkingDirectory=/usr/local/tomcat/bin

ExecStart=/bin/bash /usr/local/tomcat/bin/catalina.sh start
ExecStop=/bin/bash /usr/local/tomcat/bin/catalina.sh stop

User=root
Group=root

[Install]
WantedBy=multi-user.target

systemctl daemon-reload

systemctl enable tomcat

systemctl restart tomcat

 

$JAVA_HOME/bin/javac -d /usr/local/tomcat/webapps/fintech_pj_damn/WEB-INF/classes/ ./*.java -encoding euc-kr

 

 

oracle (메모리 1기가보다 커야함)

오라클 rpm 다운로드

https://www.oracle.com/kr/database/technologies/oracle-database-software-downloads.html#19c/

 

Database Software Downloads | Oracle 대한민국

Oracle Database Express Edition Previous Database Release Software Oracle Database 10.2, 11.x, 12.x, and 18c are available as a media or FTP request for those customers who own a valid Oracle Database product license for any edition. To request access to t

www.oracle.com

더보기

yum update -y

yum install -y https://yum.oracle.com/repo/OracleLinux/OL7/latest/x86_64/getPackage/oracle-database-preinstall-19c-1.0-1.el7.x86_64.rpm

 

<cmd에서 아까 다운받은 오라클 rpm  옮기기>

scp oracle-database-ee-19c-1.0-1.x86_64.rpm root@192.168.xxx.xxx:/root

 

GCC라이브러리 설치

yum -y install compat-libstdc++-33.x86_64 binutils elfutils-libelf elfutils-libelf-devel

 

GNU 라이브러리 설치

yum -y install glibc glibc-common glibc-devel glibc-headers gcc gcc-c++ libaio-devel

 

비동기 I/O 관련 libaio 라이브러리

yum -y install libaio libgcc libstdc++ libstdc++ make sysstat unixODBC unixODBC-devel

 

yum install -y oracle-database-preinstall-19c-1.0-1.el7.x86_64.rpm

yum install -y oracle-database-ee-19c-1.0-1.x86_64.rpm 

 

/etc/init.d/oracledb_ORCLCDB-19c configure

환경변수 설정

su - oracle

vi .bash_profile

export TMP=/tmp;
export ORACLE_BASE=/opt/oracle
export ORACLE_HOME=/opt/oracle/product/19c/dbhome_1
export ORACLE_SID=ORCLCDB
export PATH=$PATH:$ORACLE_HOME/bin
한글
export NLS_LANG=KOREAN_KOREA.AL32UTF8
명령어 단축키 등록 => ss 만쳐도 됨
alias ss='sqlplus / as sysdba'

. ./.bash_profile   (적용)

 

sql확인 및 system 계정 비밀번호 초기화

select instance_name, version, status from v$instance; 

alter user system identified by 1234;

conn system;

alter session set "_ORACLE_SCRIPT"=true; -> 유저 만들때 앞에 c## 안붙여도 됨

create user id identified by passwd;

grant connect, resource, dba to id;

 

conn id;

 

방화벽 내리기

systemctl stop firewalld

systemctl disable firewalld

 

오라클, 리스너 프로세스 확인

ps -ef | grep pmon
ps -ef | grep tns

잘 안되면 로그 보고 
$ORACLE_HOME/deinstall 삭제후 다시 진행