Mirrors/CyberChef
2
0
Fork 0
mirror of https://github.com/gchq/CyberChef synced 2024-11-15 09:07:06 +00:00
Code Issues Projects Releases Packages Wiki Activity

Add YARA rules node test

Browse source
This commit is contained in:
Matt 2019-10-18 12:58:17 +01:00
parent e8b4536ec2
commit 252b1b65c4
No known key found for this signature in database
GPG key ID: 2DD462FE98BF38C2
2 changed files with 17 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/core/operations/YARARules.mjs
View file

@ -61,7 +61,7 @@ class YARARules extends Operation {
* @param {Object[]} args
* @returns {string}
*/
run(input, args) {
async run(input, args) {
if (isWorkerEnvironment())
self.sendStatusMessage("Instantiating YARA...");
const [rules, showStrings, showLengths, showMeta, showCounts] = args;

17
tests/node/tests/operations.mjs
View file

@ -31,7 +31,7 @@ import {
cartesianProduct,
CSSMinify,
toBase64,
toHex,
toHex
} from "../../../src/node/index";
import chef from "../../../src/node/index.mjs";
import TestRegister from "../../lib/TestRegister.mjs";
@ -1059,5 +1059,20 @@ ExifImageHeight: 57`);
assert.equal(unzipped.value[0].data, "some content");
}),
it("YARA Rule Matching", async () => {
const input = "foobar foobar bar foo foobar";
const output = "Rule \"foo\" matches (4 times):\nPos 0, length 3, identifier $re1, data: \"foo\"\nPos 7, length 3, identifier $re1, data: \"foo\"\nPos 18, length 3, identifier $re1, data: \"foo\"\nPos 22, length 3, identifier $re1, data: \"foo\"\nRule \"bar\" matches (4 times):\nPos 3, length 3, identifier $re1, data: \"bar\"\nPos 10, length 3, identifier $re1, data: \"bar\"\nPos 14, length 3, identifier $re1, data: \"bar\"\nPos 25, length 3, identifier $re1, data: \"bar\"\n";
const res = await chef.YARARules(input, {
rules: "rule foo {strings: $re1 = /foo/ condition: $re1} rule bar {strings: $re1 = /bar/ condition: $re1}",
showStrings: true,
showStringLengths: true,
showMetadata: true
});
assert.equal(output, res.value);
}),
]);