[Vol-users] Re: yarascan failing to find libyara, I think

David Kovar dkovar at gmail.com
Sat Oct 12 16:56:43 CDT 2013


Greetings,

Dropping back to yara V1.6 solved the problem.

-David

On Oct 12, 2013, at 12:37 PM, David Kovar <dkovar at gmail.com> wrote:

> Greetings,
> 
> Vol 2.3 built from svn. Yara built from yara-project. OS is OS X 10.8.5. I tore out all the old copies of volatility while trying to get this to work.
> 
> praha:mem kovar$ vol.py -f xp-base-44f9a302.vmem --profile WinXPSP3x86 yarascan -Y 'foo'
> Volatility Foundation Volatility Framework 2.3
> ERROR   : volatility.plugins.malware.malfind: Please install Yara from code.google.com/p/yara-project
> 
> praha:mem kovar$ yara -v
> yara 2.0 (rev:223)
> 
> bash-3.2# ls -l /usr/local/lib/libyara*
> lrwxr-xr-x  1 root  admin      15 Oct 12 12:36 /usr/local/lib/libyara.0.0.0.dylib -> libyara.0.dylib
> -rwxr-xr-x  1 root  admin  113736 Oct 12 12:36 /usr/local/lib/libyara.0.dylib
> -rw-r--r--  1 root  admin  393560 Oct 12 12:36 /usr/local/lib/libyara.a
> lrwxr-xr-x  1 root  admin      15 Oct 12 12:36 /usr/local/lib/libyara.dylib -> libyara.0.dylib
> -rwxr-xr-x  1 root  admin     938 Oct 12 12:36 /usr/local/lib/libyara.la
> 
> -David
> 
> 



More information about the Vol-users mailing list