Open yywz1999 opened 3 years ago
You may take this yara.so Put it in the project , This eliminates the need to install Yara , Then add the installation method to readme: set the yara.so Put it in the IDA/python directory
Of course, this is just my personal suggestion.... :)
Problem: Could not find any in this variable libyara.so Because it is a system variable and the directory is not writable![image](https://user-images.githubusercontent.com/35799450/101751130-e0abcf80-3b0a-11eb-8596-447ca1898315.png)
Solved : As can be seen from pypi's official website, Yara has not been updated since 2014, but Yara Python has been released in 2020![image](https://user-images.githubusercontent.com/35799450/101751258-09cc6000-3b0b-11eb-90cd-0d89ee68e514.png)
Step1: install yara-python (yara.so)![image](https://user-images.githubusercontent.com/35799450/101751382-2b2d4c00-3b0b-11eb-9e3a-a19c6e504382.png)
pip install yara-python -i https://pypi.org/simple
Step2: copy "python2.7\site-packages\yara.so" to ida\python\yara.so
The size is 410k, compared with 96k in 2014
Success~![image](https://user-images.githubusercontent.com/35799450/101751681-83fce480-3b0b-11eb-936b-9048fe7a9c83.png)
This IDA-plugin(findcrypt) is very good!! i behind u.