UNPKG

@automattic/yara

Version:

Automattic's fork of YARA support for Node.js with pre-built binaries

github.com/Automattic/node-yara

Automattic/node-yara

79 lines (66 loc) 1.94 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
var assert = require("assert") var yara = require ("../") var scanner before(function(done) { yara.initialize(function(error) { assert.ifError(error) scanner = yara.createScanner() scanner.configure({ rules: [ {string: "import \"pe\"\n"}, {string: "import \"elf\"\n"}, {string: "rule is_stephen : human man {\nmeta:\nm1 = \"m1\"\nm2 = true\nm3 = 123\n\nstrings:\n$s1 = \"stephen\"\ncondition:\n(age == 35) and (any of them)\n}"}, {string: "rule is_silvia : human womman{\nstrings:\n$s1 = \"silvia\"\ncondition:\nany of them\n}"}, {string: "rule is_either : human man woman {\nstrings:\n$s1 = \"stephen\"\n$s2 = \"silvia\"\ncondition:\nany of them\n}"}, ], variables: [ {type: yara.VariableType.Integer, id: "age", value: 25} ] }, function(error) { assert.ifError(error) done() }) }) }) describe("index.js", function() { describe("Scanner.reconfigureVariables()", function() { it("Will change variable value", function(done) { var req = { buffer: Buffer.from("my name is stephen") } scanner.reconfigureVariables( {variables: [ {type: yara.VariableType.Integer, id: "age", value: 35} ] }) scanner.scan(req, function(error, result) { assert.ifError(error) var expected = { "rules": [ { "id": "is_stephen", "tags": ["human", "man"], "matches": [ {offset: 11, length: 7, id: "$s1"} ], "metas": [ {type: 2, id: "m1", value: "m1"}, {type: 3, id: "m2", value: true}, {type: 1, id: "m3", value: 123} ] }, { "id": "is_either", "tags": ["human", "man", "woman"], "matches": [ {offset: 11, length: 7, id: "$s1"} ], "metas": [] } ] } assert.deepEqual(result, expected) done() }) }) }) })