Mirror
/
CyberChef
mirror of https://github.com/gchq/CyberChef.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update yara to 4.2.3 and fix output reading 0 matches

This commit is contained in:
Matt C 2022-09-17 23:48:11 +01:00
parent c2cf535f88
commit 8f710461da
5 changed files with 34 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
package-lock.json generated
View File

@ -52,7 +52,7 @@
"jsrsasign": "^10.5.23",
"kbpgp": "2.1.15",
"libbzip2-wasm": "0.0.4",
"libyara-wasm": "^1.1.0",
"libyara-wasm": "^1.2.0",
"lodash": "^4.17.21",
"loglevel": "^1.8.0",
"loglevel-message-prefix": "^3.0.0",
@ -9152,9 +9152,9 @@
"integrity": "sha512-RqscTx95+RTKhFAyjedsboR0Lmo3zd8//EuRwQXkdWmsCwYlzarVRaiYg6kS1O8m10MCQkGdrnlK9L4eAmZUwA=="
},
"node_modules/libyara-wasm": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/libyara-wasm/-/libyara-wasm-1.1.0.tgz",
"integrity": "sha512-MI2C4v8JxPN46l3VPWK66HApLPO4rx7n4rGioaSOfbIZikTJIuvI+eRPPnW3K2BXzrOHYj5sMl/RoLlKbXtiLw=="
"version": "1.2.0",
"resolved": "https://registry.npmjs.org/libyara-wasm/-/libyara-wasm-1.2.0.tgz",
"integrity": "sha512-Dx6lnwy/JIuYSAhLcRBqdNBOzzrFoCcthmIuiNHi89P3fObXAxQYajWxOv3OFjXfIyTLr8mqSUSiyzfonbQoXg=="
},
"node_modules/lie": {
"version": "3.3.0",
@ -21198,9 +21198,9 @@
"integrity": "sha512-RqscTx95+RTKhFAyjedsboR0Lmo3zd8//EuRwQXkdWmsCwYlzarVRaiYg6kS1O8m10MCQkGdrnlK9L4eAmZUwA=="
},
"libyara-wasm": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/libyara-wasm/-/libyara-wasm-1.1.0.tgz",
"integrity": "sha512-MI2C4v8JxPN46l3VPWK66HApLPO4rx7n4rGioaSOfbIZikTJIuvI+eRPPnW3K2BXzrOHYj5sMl/RoLlKbXtiLw=="
"version": "1.2.0",
"resolved": "https://registry.npmjs.org/libyara-wasm/-/libyara-wasm-1.2.0.tgz",
"integrity": "sha512-Dx6lnwy/JIuYSAhLcRBqdNBOzzrFoCcthmIuiNHi89P3fObXAxQYajWxOv3OFjXfIyTLr8mqSUSiyzfonbQoXg=="
},
"lie": {
"version": "3.3.0",

2
package.json
View File

@ -128,7 +128,7 @@
"jsrsasign": "^10.5.23",
"kbpgp": "2.1.15",
"libbzip2-wasm": "0.0.4",
"libyara-wasm": "^1.1.0",
"libyara-wasm": "^1.2.0",
"lodash": "^4.17.21",
"loglevel": "^1.8.0",
"loglevel-message-prefix": "^3.0.0",

2
src/core/operations/YARARules.mjs
View File

@ -100,7 +100,7 @@ class YARARules extends Operation {
}
meta = meta.slice(0, -2) + "]";
}
const countString = showCounts ? `${matches.size()} time${matches.size() > 1 ? "s" : ""}` : "";
const countString = matches.size() === 0 ? "" : (showCounts ? `${matches.size()} time${matches.size() > 1 ? "s" : ""}` : "");
if (matches.size() === 0 || !(showStrings || showLengths)) {
matchString += `Input matches rule "${rule.ruleName}"${meta}${countString.length > 0 ? ` ${countString}`: ""}.\n`;
} else {

23
tests/operations/tests/YARA.mjs
View File

@ -20,5 +20,28 @@ TestRegister.addTests([
}
],
},
{
name: "YARA Match: hashing rules",
input: "Hello World!",
expectedOutput: "Input matches rule \"HelloWorldMD5\".\nInput matches rule \"HelloWorldSHA256\".\n",
recipeConfig: [
{
"op": "YARA Rules",
"args": [
`import "hash"
rule HelloWorldMD5 {
condition:
hash.md5(0,filesize) == "ed076287532e86365e841e92bfc50d8c"
}
rule HelloWorldSHA256 {
condition:
hash.sha256(0,filesize) == "7f83b1657ff1fc53b92dc18148a1d65dfc2d4b1fa3d677284addd200126d9069"
}`,
true, true, true, true
],
}
],
},
]);

3
webpack.config.js
View File

@ -109,7 +109,8 @@ module.exports = {
"buffer": require.resolve("buffer/"),
"crypto": require.resolve("crypto-browserify"),
"stream": require.resolve("stream-browserify"),
"zlib": require.resolve("browserify-zlib")
"zlib": require.resolve("browserify-zlib"),
"process": false
}
},
module: {