Hi,
You define an external variable using the -d option when calling Yara in
the command line and can use this variable name in the Yara ruleset file
you pass as argument to the yara program. For i.e.:
$ cat rule.yar
rule rule_example {
condition:
foo contains "bar"
}
$ yara -d foo="bar" rule.ya
Hi Victor
Yes, I know that YARA does not support back reference, but we still have
the old rules that we will need to port somehow.
So my question is, since it looks currently as a long effort to do the
manual conversion,
is there a possibility to use another module to process the back referenc
Hi Igor,
Back references are not supported anymore as YARA now uses its own regexp
engine and not PCRE. YARA's regexp engine is more similar to RE2, which
doesn't implement back references neither. For a more detailed explanation
of why back references are not supported by RE2 nor YARA read this:
i am a newbie, how -d param use?
--
You received this message because you are subscribed to the Google Groups
"YARA" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to yara-project+unsubscr...@googlegroups.com.
For more options, visit https://groups.googl
