YARA-X 1.10.0 Release: Fix Warnings, (Sun, Nov 23rd)
YARA-X's 1.10.0 release brings a new command: fix warnings.If you have a rule that would generate 2025-11-23 10:50:2 Author: isc.sans.edu(查看原文) 阅读量:10 收藏
YARA-X's 1.10.0 release brings a new command: fix warnings.If you have a rule that would generate 2025-11-23 10:50:2 Author: isc.sans.edu(查看原文) 阅读量:10 收藏
YARA-X's 1.10.0 release brings a new command: fix warnings.
If you have a rule that would generate a warning with a help section (explaining how to fix it), like this example rule:
rule FixableCountWarning
{
strings:
$a1 = "malicious"
$a2 = "badstuff"
condition:
0 of ($a*)
}
Then YARA-X from version 1.10.0 on can fix this for you
You will get a warning when you use this rule:
The suggested fix is to replace 0 with none.
This can be done automatically with command fix warnings:
Remark that this command alters your original rule file, and doesn't make a backup of the unaltered file:
Didier Stevens
Senior handler
blog.DidierStevens.com
文章来源: https://isc.sans.edu/diary/rss/32514
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh