1
0
mirror of synced 2025-01-19 00:04:08 +01:00

Add YARA rules node test

This commit is contained in:
Matt 2019-10-18 12:58:17 +01:00
parent e8b4536ec2
commit 252b1b65c4
No known key found for this signature in database
GPG Key ID: 2DD462FE98BF38C2
2 changed files with 17 additions and 2 deletions

View File

@ -61,7 +61,7 @@ class YARARules extends Operation {
* @param {Object[]} args
* @returns {string}
*/
run(input, args) {
async run(input, args) {
if (isWorkerEnvironment())
self.sendStatusMessage("Instantiating YARA...");
const [rules, showStrings, showLengths, showMeta, showCounts] = args;

View File

@ -31,7 +31,7 @@ import {
cartesianProduct,
CSSMinify,
toBase64,
toHex,
toHex
} from "../../../src/node/index";
import chef from "../../../src/node/index.mjs";
import TestRegister from "../../lib/TestRegister.mjs";
@ -1059,5 +1059,20 @@ ExifImageHeight: 57`);
assert.equal(unzipped.value[0].data, "some content");
}),
it("YARA Rule Matching", async () => {
const input = "foobar foobar bar foo foobar";
const output = "Rule \"foo\" matches (4 times):\nPos 0, length 3, identifier $re1, data: \"foo\"\nPos 7, length 3, identifier $re1, data: \"foo\"\nPos 18, length 3, identifier $re1, data: \"foo\"\nPos 22, length 3, identifier $re1, data: \"foo\"\nRule \"bar\" matches (4 times):\nPos 3, length 3, identifier $re1, data: \"bar\"\nPos 10, length 3, identifier $re1, data: \"bar\"\nPos 14, length 3, identifier $re1, data: \"bar\"\nPos 25, length 3, identifier $re1, data: \"bar\"\n";
const res = await chef.YARARules(input, {
rules: "rule foo {strings: $re1 = /foo/ condition: $re1} rule bar {strings: $re1 = /bar/ condition: $re1}",
showStrings: true,
showStringLengths: true,
showMetadata: true
});
assert.equal(output, res.value);
}),
]);