From 934979ee0ee0c552ba2e9a4dccc5054df96fae1c Mon Sep 17 00:00:00 2001 From: Florian Roth Date: Sun, 30 Jul 2017 11:55:19 +0200 Subject: [PATCH] Bugfix in filename parameter that is given to YARA matching --- lib/lokilogger.py | 2 +- loki.py | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/lokilogger.py b/lib/lokilogger.py index d910a8d6..f11c0e9b 100644 --- a/lib/lokilogger.py +++ b/lib/lokilogger.py @@ -13,7 +13,7 @@ import socket from helpers import removeNonAsciiDrop -__version__ = '0.23.1' +__version__ = '0.23.2' # Logger Class ----------------------------------------------------------------- class LokiLogger(): diff --git a/loki.py b/loki.py index caec138a..d8ac33f1 100644 --- a/loki.py +++ b/loki.py @@ -385,7 +385,7 @@ def scan_path(self, path): # Scan the read data try: for (score, rule, description, matched_strings) in \ - self.scan_data(fileData, fileType, filePathCleaned, + self.scan_data(fileData, fileType, filename, filePathCleaned, extension, md5): # Message message = "Yara Rule MATCH: %s SUBSCORE: %s DESCRIPTION: %s" % (rule, score, description) @@ -428,6 +428,8 @@ def scan_path(self, path): def scan_data(self, fileData, fileType="-", fileName="-", filePath="-", extension="-", md5="-"): + # Scan parameters + #print fileType, fileName, filePath, extension, md5 # Scan with yara try: for rules in self.yara_rules: