I tried installing Yara 3.8.1 with androguard module. During the installation, I faced this issue, so I applied the patch given by #reox to the androguard.c file and it solved the problem. After that I tried a simple Yara rule with import "androguard" using command-line and it worked perfectly. Then I tried to use Yara rules inside my python app so I installed yara-python and used it in this way:
import yara
dex_path = './classes.dex'
my_rule = './rule.yar'
json_data = load_json_data()
rule = yara.compile(my_rule)
matches = rule.match(filepath=dex_path, modules_data={'androguard': json_data})
print(matches)
The match function works good when using Yara rules without import "androguard" module but when I want to apply a rule which imports androguard, the match function gives an error :
yara.Error: could not map file "./classes.dex" into memory
I'm applying a simple rule to an small file, in order of KB. I think that the problem is with the androguard module since when I remove the import "androguard", it works correctly. Any idea?
I had the same mistake with androguard, I solve the problem installing yara-python in the version 3.8.0
https://github.com/VirusTotal/yara-python/releases/tag/v3.8.0
Related
I've been helping some students with a Python class this fall, and I've noticed that several students using Mac OS to complete a particular assignment involving validating XML against XSD's are running into OS Errors ("Error reading file: failed to load eternal entity [the xml file]"). Their code works perfectly fine on my end (Windows) but on Mac OS it refuses to.
Here is the code that is causing the problem:
from lxml import etree
xmlschema_doc = etree.parse("the_xsd.xsd")
xmlschema = etree.XMLSchema(xmlschema_doc)
doc = etree.parse("the_xml.xml")
print(xmlschema.validate(doc))
In particular, the line doc = etree.parse("the_xml.xml") is where the error occurs.
I've made sure the students 1) have all their files (XML, Python, XSD) in the same folder, 2) I've suggested they use the full filepaths and 3) I found this bit of code and suggested they try it (to no avail):
prog_dir = os.path.abspath(os.path.dirname(__file__))
os.chdir(prog_dir)
Again: the XML validates against the XSD on Windows just fine, but on their Macs they get the error.
Any insights would be much appreciated.
I am having an issue with running the module "translate" using a script.
from translate import Translator
import requests
translator = Translator(from_lang = "zh", to_lang="en")
translation = translator.translate("""猗與那與、置我鞉鼓。
奏鼓簡簡、衎我烈祖。
湯孫奏假、綏我思成。
鞉鼓淵淵、嘒嘒管聲。
既和且平、依我磬聲。
於赫湯孫、穆穆厥聲。
庸鼓有斁、萬舞有奕。
我有嘉客、亦不夷懌。
自古在昔、先民有作。
溫恭朝夕、執事有恪。
顧予烝嘗、湯孫之將""")
print(translation)
The strange thing is that the script runs if I copy the code line by line into IDLE. However, if I were to run the script, I get the following message
ImportError: cannot import name 'Translator'
Am I missing something?
Thanks in advance.
What's the name of the file that contains your code? If it's the same as the library you're trying to import (i.e. translate) then python will throw this error since python cannot differentiate between the file and the library names.
I created a script that analyzes files based on yara rules ( the yara are the ones from this repository https://github.com/Yara-Rules/rules). My script import a yara file that include all other rules.When i try to compile it, i receive a syntax error: "can't open include file: rules_for_files\Antidebug_AntiVM_index.yar", pointing me to one of the rules. I tried to exclude it but it continue points to others.
I tried to use different versions of python: 1.i used python2.7 and i received the mentioned error in both case when i use a binary string/raw string. About python 3.5 when i mentioned a binary string like the one from my code sample, the interpreter broke/reset(in case i use a GUI). How can i resolve this? Thank you.
rules = yara.compile(filepaths={
"malware_set1 rules": b'C:/Users/g_bondrila/Desktop/phishme/functionalitati/yararules/importyara.yar'})
def yara_match(file_path, rules=rules):
try:
matches = rules.match(file_path, timeout=60)
return matches
#except TimeoutError:
# print("the time is running out")
except:
print("something")
Try giving the directory path as below:
"C:\\Users\\g_bondrila\\Desktop\\phishme\\functionalitati\\yararules\\importyara.yar"
Since Python doesn't reads single slash for a path in windows.
I have some problem with lxml and python.
I have this code:
import lxml.etree as ET
xml_dom = ET.parse(xml_path)
xslt_dom = ET.parse(xslt_path)
print('transforming...')
transform = ET.XSLT(xslt_dom)
print('transformed: ', transform)
parsed_xml = transform(xml_dom)
print('all good!')
On my local environment, all works good (python 3.6.5 on a virtualenv with lxml 3.6.0).
The problem is, i have this code on a Centos 7 server, with the exact same specs (Python 3.6.5 and lxml 3.6.0), if i execute it from command line, all is good, when i put this code inside a Django (2.0) project, it "freeze" on this part:
transform = ET.XSLT(xslt_dom)
No exceptions, no errors, nothing. The print below that line never executes.
I changed permissions of the files, to apache group, set read permissions, and nothig works.
The weird thing is, from console works nice, from "apache + Django", don't.
Any suggestion?
Thanks.
I am new to Python development and Python requests.
I have this code:
import requests
from pattern import web
import re
import pandas as pd
def list_of_prices(url):
html = requests.get(url).text
dom = web.DOM(html)
list = []
for person in dom('.freelancer-list-item .medium.price-tag'):
currency = person('sup')
amount = person('span')
list.append([currency[0].content if currency else 'na',
amount[0].content if amount else 'na'])
return list
list_of_prices('http://www.peopleperhour.com/freelance/data+analyst#page=2')
When I run this code i get an error like module pattern not found, but that's not what I'm asking for help with.
Where does .content come from? Is it used only with Python requests?
You need to install the module pattern:
pip install pattern
requests has a content property and so does pattern.
If you don't have pip installed, download the zip here, run run the setup.py file in the directory with python setup.py install.
Note Pattern is written for Python 2.5+ (no support for Python 3 yet).