Update yara to 4.2.3 and fix output reading 0 matches
This commit is contained in:
Matt C
parent
c2cf535f88
commit
8f710461da
14
package-lock.json
generated
14
package-lock.json
generated
@ -52,7 +52,7 @@
|
||||
"jsrsasign": "^10.5.23",
|
||||
"kbpgp": "2.1.15",
|
||||
"libbzip2-wasm": "0.0.4",
|
||||
"libyara-wasm": "^1.1.0",
|
||||
"libyara-wasm": "^1.2.0",
|
||||
"lodash": "^4.17.21",
|
||||
"loglevel": "^1.8.0",
|
||||
"loglevel-message-prefix": "^3.0.0",
|
||||
@ -9152,9 +9152,9 @@
|
||||
"integrity": "sha512-RqscTx95+RTKhFAyjedsboR0Lmo3zd8//EuRwQXkdWmsCwYlzarVRaiYg6kS1O8m10MCQkGdrnlK9L4eAmZUwA=="
|
||||
},
|
||||
"node_modules/libyara-wasm": {
|
||||
"version": "1.1.0",
|
||||
"resolved": "https://registry.npmjs.org/libyara-wasm/-/libyara-wasm-1.1.0.tgz",
|
||||
"integrity": "sha512-MI2C4v8JxPN46l3VPWK66HApLPO4rx7n4rGioaSOfbIZikTJIuvI+eRPPnW3K2BXzrOHYj5sMl/RoLlKbXtiLw=="
|
||||
"version": "1.2.0",
|
||||
"resolved": "https://registry.npmjs.org/libyara-wasm/-/libyara-wasm-1.2.0.tgz",
|
||||
"integrity": "sha512-Dx6lnwy/JIuYSAhLcRBqdNBOzzrFoCcthmIuiNHi89P3fObXAxQYajWxOv3OFjXfIyTLr8mqSUSiyzfonbQoXg=="
|
||||
},
|
||||
"node_modules/lie": {
|
||||
"version": "3.3.0",
|
||||
@ -21198,9 +21198,9 @@
|
||||
"integrity": "sha512-RqscTx95+RTKhFAyjedsboR0Lmo3zd8//EuRwQXkdWmsCwYlzarVRaiYg6kS1O8m10MCQkGdrnlK9L4eAmZUwA=="
|
||||
},
|
||||
"libyara-wasm": {
|
||||
"version": "1.1.0",
|
||||
"resolved": "https://registry.npmjs.org/libyara-wasm/-/libyara-wasm-1.1.0.tgz",
|
||||
"integrity": "sha512-MI2C4v8JxPN46l3VPWK66HApLPO4rx7n4rGioaSOfbIZikTJIuvI+eRPPnW3K2BXzrOHYj5sMl/RoLlKbXtiLw=="
|
||||
"version": "1.2.0",
|
||||
"resolved": "https://registry.npmjs.org/libyara-wasm/-/libyara-wasm-1.2.0.tgz",
|
||||
"integrity": "sha512-Dx6lnwy/JIuYSAhLcRBqdNBOzzrFoCcthmIuiNHi89P3fObXAxQYajWxOv3OFjXfIyTLr8mqSUSiyzfonbQoXg=="
|
||||
},
|
||||
"lie": {
|
||||
"version": "3.3.0",
|
||||
|
||||
@ -128,7 +128,7 @@
|
||||
"jsrsasign": "^10.5.23",
|
||||
"kbpgp": "2.1.15",
|
||||
"libbzip2-wasm": "0.0.4",
|
||||
"libyara-wasm": "^1.1.0",
|
||||
"libyara-wasm": "^1.2.0",
|
||||
"lodash": "^4.17.21",
|
||||
"loglevel": "^1.8.0",
|
||||
"loglevel-message-prefix": "^3.0.0",
|
||||
|
||||
@ -100,7 +100,7 @@ class YARARules extends Operation {
|
||||
}
|
||||
meta = meta.slice(0, -2) + "]";
|
||||
}
|
||||
const countString = showCounts ? `${matches.size()} time${matches.size() > 1 ? "s" : ""}` : "";
|
||||
const countString = matches.size() === 0 ? "" : (showCounts ? `${matches.size()} time${matches.size() > 1 ? "s" : ""}` : "");
|
||||
if (matches.size() === 0 || !(showStrings || showLengths)) {
|
||||
matchString += `Input matches rule "${rule.ruleName}"${meta}${countString.length > 0 ? ` ${countString}`: ""}.\n`;
|
||||
} else {
|
||||
|
||||
@ -20,5 +20,28 @@ TestRegister.addTests([
|
||||
}
|
||||
],
|
||||
},
|
||||
{
|
||||
name: "YARA Match: hashing rules",
|
||||
input: "Hello World!",
|
||||
expectedOutput: "Input matches rule \"HelloWorldMD5\".\nInput matches rule \"HelloWorldSHA256\".\n",
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "YARA Rules",
|
||||
"args": [
|
||||
`import "hash"
|
||||
rule HelloWorldMD5 {
|
||||
condition:
|
||||
hash.md5(0,filesize) == "ed076287532e86365e841e92bfc50d8c"
|
||||
}
|
||||
|
||||
rule HelloWorldSHA256 {
|
||||
condition:
|
||||
hash.sha256(0,filesize) == "7f83b1657ff1fc53b92dc18148a1d65dfc2d4b1fa3d677284addd200126d9069"
|
||||
}`,
|
||||
true, true, true, true
|
||||
],
|
||||
}
|
||||
],
|
||||
},
|
||||
]);
|
||||
|
||||
|
||||
@ -109,7 +109,8 @@ module.exports = {
|
||||
"buffer": require.resolve("buffer/"),
|
||||
"crypto": require.resolve("crypto-browserify"),
|
||||
"stream": require.resolve("stream-browserify"),
|
||||
"zlib": require.resolve("browserify-zlib")
|
||||
"zlib": require.resolve("browserify-zlib"),
|
||||
"process": false
|
||||
}
|
||||
},
|
||||
module: {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user