KrakenTech/RMM-Hunter
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update eliminate connection logic to refine firewall rules and upgrade Scurvy library to latest version

Browse Source
This commit is contained in:
Evan Hosinski
2025-10-11 18:42:58 -04:00
parent 9c54a22bcf
commit d14b2837d0
3 changed files with 51 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/tui/actions.go
+27 -8
View File
@@ -3,6 +3,7 @@ package tui
import (
"fmt"
"path/filepath"
"rmm-hunter/internal/pkg/hunt/eliminate"
"rmm-hunter/internal/suspicious"
"strings"
)
@@ -101,7 +102,7 @@ func CheckDirectoryBlocked(dir string, data suspicious.Suspicious) error {
return nil
}
// Elimination placeholders; TODO: replace with internal/pkg/hunt/eliminate/*
// Elimination functions
var (
EliminateAutoRun = func(ar suspicious.AutoRun) error { return eliminateAutoRun(ar) }
EliminateBinary = func(path string) error { return eliminateBinary(path) }
@@ -113,11 +114,29 @@ var (
)
func eliminateAutoRun(ar suspicious.AutoRun) error {
return fmt.Errorf("eliminate autorun not implemented")
return eliminate.EliminateAutoRun(ar)
}
func eliminateBinary(path string) error {
return eliminate.EliminateBinary(path)
}
func eliminateConnection(conn suspicious.NetworkConnection) error {
return eliminate.EliminateConnection(conn.RemoteHost)
}
func eliminateDirectory(path string) error {
return eliminate.EliminateDirectory(path)
}
func eliminateProcess(p suspicious.Process) error {
return eliminate.EliminateProcess(p)
}
func eliminateScheduledTask(t suspicious.ScheduledTask) error {
return eliminate.EliminateScheduledTask(t)
}
func eliminateService(s suspicious.Service) error {
return eliminate.EliminateService(s)
}
func eliminateBinary(path string) error { return nil }
func eliminateConnection(conn suspicious.NetworkConnection) error { return nil }
func eliminateDirectory(path string) error { return nil }
func eliminateProcess(p suspicious.Process) error { return nil }
func eliminateScheduledTask(t suspicious.ScheduledTask) error { return nil }
func eliminateService(s suspicious.Service) error { return nil }
internal/web/webserver.go
+4
View File
@@ -1 +1,5 @@
package web
func StartWebServer() {
// TODO: Start web server
}