Я успешно установил Yara, следуя инструкциям здесь: https://yara.readthedocs.io/en/v3.8.1/gettingstarted.html#compiling-and-installing-yara включая выполнение ./configure --with-crypto и не видел никаких ошибок Сообщения.
Когда я дохожу до шага «сделать проверку», я получаю следующие два отказа.
PASS: test-alignment
PASS: test-atoms
PASS: test-api
FAIL: test-rules
FAIL: test-pe
PASS: test-elf
PASS: test-version
PASS: test-bitmask
PASS: test-math
PASS: test-exception
Открытая версия SSL: OpenSSL 1.0.2k-fips 26 Jan 2017
Если я запускаю phpmalwarefinder, я получаю
[ec2-user@ip-internal-ip php-malware-finder]$ ./phpmalwarefinder -v /var/www/html/mysite.org
./php.yar(1): error: unknown module "hash"
./whitelists/drupal.yar(10): error: invalid field name "sha1"
./whitelists/drupal.yar(8): error: can't open include file: whitelists/wordpress.yar
./whitelists/drupal.yar(9): error: can't open include file: whitelists/symfony.yar
./whitelists/drupal.yar(10): error: can't open include file: whitelists/phpmyadmin.yar
./whitelists/drupal.yar(11): error: can't open include file: whitelists/magento1ce.yar
./whitelists/drupal.yar(12): error: can't open include file: whitelists/magento2.yar
./whitelists/drupal.yar(13): error: can't open include file: whitelists/prestashop.yar
./whitelists/drupal.yar(14): error: can't open include file: whitelists/custom.yar
./whitelists/drupal.yar(21): error: invalid field name "sha1"
./whitelists/drupal.yar(63): error: invalid field name "sha1"
./whitelists/drupal.yar(76): error: invalid field name "sha1"
./whitelists/drupal.yar(85): error: invalid field name "sha1"
./whitelists/drupal.yar(99): error: invalid field name "sha1"
./whitelists/drupal.yar(110): error: invalid field name "sha1"
./whitelists/drupal.yar(116): error: undefined identifier "Symfony"
./whitelists/drupal.yar(95): warning: $pr contains .* or .+, consider using .{N} or .{1,N} with a reasonable value for N
