Mirror
/
CyberChef
mirror of https://github.com/gchq/CyberChef.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added initial tests & counts support

This commit is contained in:
Matt 2019-01-15 16:24:29 +00:00
parent 8bba4b2973
commit 0602f457ce
3 changed files with 35 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/core/operations/YARARules.mjs
View File

@ -49,6 +49,12 @@ class YARARules extends Operation {
type: "boolean", type: "boolean",
hint: "Show the metadata of each rule", hint: "Show the metadata of each rule",
value: false value: false
},
{
name: "Show counts",
type: "boolean",
hint: "Show the number of matches per rule",
value: true
} }
]; ];
} }
@ -61,7 +67,7 @@ class YARARules extends Operation {
run(input, args) { run(input, args) {
if (ENVIRONMENT_IS_WORKER()) if (ENVIRONMENT_IS_WORKER())
self.sendStatusMessage("Instantiating YARA."); self.sendStatusMessage("Instantiating YARA.");
const [rules, showStrings, showLengths, showMeta] = args; const [rules, showStrings, showLengths, showMeta, showCounts] = args;
return new Promise((resolve, reject) => { return new Promise((resolve, reject) => {
Yara().then(yara => { Yara().then(yara => {
if (ENVIRONMENT_IS_WORKER()) self.sendStatusMessage("Converting data for YARA."); if (ENVIRONMENT_IS_WORKER()) self.sendStatusMessage("Converting data for YARA.");
@ -97,10 +103,11 @@ class YARARules extends Operation {
} }
meta = meta.slice(0, -2) + "]"; meta = meta.slice(0, -2) + "]";
} }
const countString = showCounts ? `${matches.size()} time${matches.size() > 1 ? "s" : ""}` : "";
if (matches.size() === 0 || !(showStrings || showLengths)) { if (matches.size() === 0 || !(showStrings || showLengths)) {
matchString += `Input matches rule "${rule.ruleName}"${meta}.\n`; matchString += `Input matches rule "${rule.ruleName}"${meta}${countString.length > 0 ? ` ${countString}`: ""}.\n`;
} else { } else {
matchString += `Rule "${rule.ruleName}"${meta} matches:\n`; matchString += `Rule "${rule.ruleName}"${meta} matches (${countString}):\n`;
for (let j = 0; j < matches.size(); j++) { for (let j = 0; j < matches.size(); j++) {
const match = matches.get(j); const match = matches.get(j);
if (showStrings || showLengths) { if (showStrings || showLengths) {

1
tests/operations/index.mjs
View File

@ -82,6 +82,7 @@ import "./tests/TranslateDateTimeFormat";
import "./tests/Magic"; import "./tests/Magic";
import "./tests/ParseTLV"; import "./tests/ParseTLV";
import "./tests/Media"; import "./tests/Media";
import "./tests/YARA.mjs";
// Cannot test operations that use the File type yet // Cannot test operations that use the File type yet
//import "./tests/SplitColourChannels"; //import "./tests/SplitColourChannels";

24
tests/operations/tests/YARA.mjs Normal file
View File

@ -0,0 +1,24 @@
/**
* YARA Rules tests.
*
* @author Matt C [matt@artemisbot.uk]
*
* @copyright Crown Copyright 2019
* @license Apache-2.0
*/
import TestRegister from "../TestRegister";
TestRegister.addTests([
{
name: "YARA Match: simple foobar",
input: "foobar foobar bar foo foobar",
expectedOutput: "Rule \"foo\" matches (4 times):\nPos 0, length 3, identifier $re1, data: \"foo\"\nPos 7, length 3, identifier $re1, data: \"foo\"\nPos 18, length 3, identifier $re1, data: \"foo\"\nPos 22, length 3, identifier $re1, data: \"foo\"\nRule \"bar\" matches (4 times):\nPos 3, length 3, identifier $re1, data: \"bar\"\nPos 10, length 3, identifier $re1, data: \"bar\"\nPos 14, length 3, identifier $re1, data: \"bar\"\nPos 25, length 3, identifier $re1, data: \"bar\"\n",
recipeConfig: [
{
"op": "YARA Rules",
"args": ["rule foo {strings: $re1 = /foo/ condition: $re1} rule bar {strings: $re1 = /bar/ condition: $re1}", true, true, true, true],
}
],
},
]);