What am I missing here? When attempting to test the yara scan feature in Viper the following error is thrown up:
[!] The command yara raised an exception: Traceback (most recent call last): File "/home/malware/viper/viper/core/ui/console.py", line 313, in start module.run() File "/home/malware/viper/viper/modules/yarascan.py", line 260, in run self.scan() File "/home/malware/viper/viper/modules/yarascan.py", line 108, in scan rules = yara.compile(filepaths=filepaths, externals=externals, includes=False) yara.SyntaxError: /home/malware/yara_rules/test/rules/malware/MALW_TinyShell_Backdoor_gen.yar(126): undefined identifier "is__elf"
After removing this rule and a bunch others which all have the same "undefined identifier "is__elf"`" error in common the scan works fine with the other 500 or so rules I am testing with.
Hi All,
What am I missing here? When attempting to test the yara scan feature in Viper the following error is thrown up:
[!] The command yara raised an exception: Traceback (most recent call last): File "/home/malware/viper/viper/core/ui/console.py", line 313, in start module.run() File "/home/malware/viper/viper/modules/yarascan.py", line 260, in run self.scan() File "/home/malware/viper/viper/modules/yarascan.py", line 108, in scan rules = yara.compile(filepaths=filepaths, externals=externals, includes=False) yara.SyntaxError: /home/malware/yara_rules/test/rules/malware/MALW_TinyShell_Backdoor_gen.yar(126): undefined identifier "is__elf"
After removing this rule and a bunch others which all have the same "undefined identifier "is__elf"`" error in common the scan works fine with the other 500 or so rules I am testing with.