mirrors/CyberChef
1
0
Fork 0
mirror of https://github.com/gchq/CyberChef.git synced 2025-04-24 16:56:15 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update libyara package to fix bug with compile messages and add support for console module

Browse source
This commit is contained in:
Matt C 2022-09-18 16:11:04 +01:00
parent 8f710461da
commit 28ec56a27f
4 changed files with 77 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

46
tests/operations/tests/YARA.mjs
View file

@ -8,6 +8,22 @@
*/
import TestRegister from "../../lib/TestRegister.mjs";
const CONSOLE_COMPILE_WARNING_RULE = `import "console"
rule a
{
strings:
$s=" "
condition:
$s and console.log("log rule a")
}
rule b
{
strings:
$s=" "
condition:
$s and console.hex("log rule b: int8(0)=", int8(0))
}`;
TestRegister.addTests([
{
name: "YARA Match: simple foobar",
@ -38,10 +54,38 @@ TestRegister.addTests([
condition:
hash.sha256(0,filesize) == "7f83b1657ff1fc53b92dc18148a1d65dfc2d4b1fa3d677284addd200126d9069"
}`,
true, true, true, true
true, true, true, true, false, false
],
}
],
},
{
name: "YARA Match: compile warnings",
input: "CyberChef Yara",
expectedOutput: "Warning on line 5: string \"$s\" may slow down scanning\n" +
"Warning on line 12: string \"$s\" may slow down scanning\n" +
"Input matches rule \"a\".\n" +
"Input matches rule \"b\".\n",
recipeConfig: [
{
"op": "YARA Rules",
"args": [CONSOLE_COMPILE_WARNING_RULE, false, false, false, false, true, false],
}
],
},
{
name: "YARA Match: console messages",
input: "CyberChef Yara",
expectedOutput: "log rule a\n" +
"log rule b: int8(0)=0x43\n" +
"Input matches rule \"a\".\n" +
"Input matches rule \"b\".\n",
recipeConfig: [
{
"op": "YARA Rules",
"args": [CONSOLE_COMPILE_WARNING_RULE, false, false, false, false, false, true],
}
],
},
]);