Hacking 101: Introduction to YARA rules

rule test
{
meta:
description = "Example"
threat_level = x
strings:
$a = {6A 40 68 00 30 00 00 6A 14 8D 91}
$b = {8D 4D B0 2B C1 83 C0 27 99 6A 4E 59 F7 F9}
$c = "PEJXQZAKCBGMTUVODFRYSIHLNW"
condition:
($a or $b) and ($c or $d)
}
rule Example_Rule
{
strings:
$my_text_string = "text"
$my_hex_string = { E2 34 A1 C8 23 FB }
condition:
$my_text_string or $my_hex_string
}

Comments:

/*
This is a multi-line comment.
*/
rule Example // this is a single-line comment
{
condition:
True
}

Strings:

Conditions:

rule condition_Example
{
strings:
$a = "text1"
$b = "text2"
$c = "text3"
$d = "text4"
condition:
($a or $b) and ($c or $d)
}

String counterbalances:

Conclusion:

Wanna connect:

--

--

--

Mr Akuma | cyber security enthusiast |Secuirty Noob

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

3 Free Platforms to Learn Programming

Custom Domain, DDNS, and a Raspberry PI

Ghost CMS Casper RTL Theme supports With Multi-language

Getting Started with Serverless Cloud

Mobile Devices Display Terminology Explained — Resolution, Aspect Ratio, Screen Size, Pixel Ratio…

Learning Management System Project with Source Code -Ruby

Forget Liferay. Use Liferay instead.

How To Deploy Python APIs on GCP GKE using HELM

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Akshay Jain

Akshay Jain

Mr Akuma | cyber security enthusiast |Secuirty Noob

More from Medium

Security as We Know It (or Do We?)

Source: Geekflare blog

Security Concepts — CIA Triad

DNS Over HTTPs and Security concerns

Blockchain for Identity and Access Management