search

volatilityfoundation / volatility

An advanced memory forensics framework
http://volatilityfoundation.org/
GNU General Public License v2.0
7.26k stars 1.28k forks source link

Error when I run volatility. #805

Open mymistoe opened 3 years ago

mymistoe commented 3 years ago

Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'

I installed volatility on Macbook Air with apple silicon.

The operating system of the computer is mac OS Big Sur 11.5.2.

This is my python version.

$ python --version
Python 2.7.16

This is the error message output by the program.

$ python vol.py
Volatility Foundation Volatility Framework 2.6.1
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
*** Failed to import volatility.plugins.linux.malfind (OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found)
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
*** Failed to import volatility.plugins.malware.timers (OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found)
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
*** Failed to import volatility.plugins.overlays.windows.win8 (OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found)
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
*** Failed to import volatility.plugins.drivermodule (OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found)
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
*** Failed to import volatility.plugins.overlays.mac.mac (OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found)
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
*** Failed to import volatility.plugins.overlays.windows.win8_kdbg (OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found)
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
*** Failed to import volatility.plugins.timeliner (OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found)
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
*** Failed to import volatility.plugins.malware.apihooks (OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found)
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
*** Failed to import volatility.plugins.multiscan (OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found)
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
*** Failed to import volatility.plugins.dumpcerts (OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found)
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
*** Failed to import volatility.plugins.linux.netscan (OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found)
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
*** Failed to import volatility.plugins.tcaudit (OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found)
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
*** Failed to import volatility.plugins.malware.devicetree (OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found)
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
*** Failed to import volatility.plugins.overlays.windows.win10 (OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found)
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
*** Failed to import volatility.plugins.malware.threads (OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found)
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
*** Failed to import volatility.plugins.malware.idt (OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found)
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
*** Failed to import volatility.plugins.mac.mac_yarascan (OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found)
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
*** Failed to import volatility.plugins.linux.linux_truecrypt (OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found)
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
*** Failed to import volatility.plugins.linux.linux_yarascan (OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found)
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
*** Failed to import volatility.plugins.malware.malfind (OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found)
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
*** Failed to import volatility.plugins.ssdt (OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found)
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
*** Failed to import volatility.plugins.mac.malfind (OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found)
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
*** Failed to import volatility.plugins.malware.callbacks (OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found)
ERROR   : volatility.debug    : You must specify something to do (try -h)
$ pip list | grep yara
yara                                   1.7.7
yara-python                            4.1.2

I tried import yara.

>>> import yara
Failed to import '/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so'
PATH = /opt/homebrew/opt/openjdk/bin:/opt/homebrew/opt/binutils/bin:/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/Applications/Wireshark.app/Contents/MacOS:/Users/mistoe/path/maven/bin:;/System/Library/Frameworks/Python.framework/Versions/2.7/lib
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/Library/Python/2.7/site-packages/yara/__init__.py", line 7, in <module>
    from yara.rules import compile
  File "/Library/Python/2.7/site-packages/yara/rules.py", line 17, in <module>
    from yara.libyara_wrapper import *
  File "/Library/Python/2.7/site-packages/yara/libyara_wrapper.py", line 315, in <module>
    libyaradll = cdll.LoadLibrary(library)
  File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/ctypes/__init__.py", line 444, in LoadLibrary
    return self._dlltype(name)
  File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/ctypes/__init__.py", line 366, in __init__
    self._handle = _dlopen(self._name, mode)
OSError: dlopen(/System/Library/Frameworks/Python.framework/Versions/2.7/lib/libyara.so, 6): image not found
mymistoe commented 3 years ago 
$ pip show yara
Name: yara
Version: 1.7.7
Summary: Compile YARA rules to test against files or strings
Home-page: http://code.google.com/p/yara-project/
Author: Michael Dorman
Author-email: mjdorma@gmail.com
License: Apache Software Licence
Location: /Library/Python/2.7/site-packages
Requires:
Required-by:
$ pip show yara-python
Name: yara-python
Version: 4.1.2
Summary: Python interface for YARA
Home-page: https://github.com/VirusTotal/yara-python
Author: Victor M. Alvarez
Author-email: plusvic@gmail.com, vmalvarez@virustotal.com
License: Apache 2.0
Location: /Library/Python/2.7/site-packages
Requires:
Required-by:
ElegantPercentage commented 3 years ago

I believe Big Sur isn't supported yet.

cur1ydog commented 1 year ago

Any update on this? Is it confirmed a support issue? I have the same issue on Ventura (V13.1).