Google Code Exporter
Google Code Exporter
``` I solved this problem. Simply select the folder in which oSpy is installed. Right click and select Properties > Security Tab > Edit > Add > Advanced > Find...
``` If I disable Protected Mode, I can inject without a crash. ``` Original comment by `[email protected]` on 18 Mar 2009 at 12:39
``` Fixed in 1.9.8 just released. Thanks for the bug report! ``` Original comment by `[email protected]` on 5 Apr 2009 at 3:56 - Changed state: **Fixed**
``` I'm about to release 1.10.0 with lots of fixes and improvements; planning to look into protected mode support in one of the upcoming releases. ``` Original comment by `[email protected]`...
``` Here is an example. ./ClamAV-to-Yara/clamav-full.yara:9287: invalid skip in string "$a1" rule Trojan_Crypted_78 { strings: $a0 = { 35??0000008b4df8[16]eb02eb02ebb28b } $a1 = { 83????6a00682900000068290000006821000000686b0000006877000000687600000068290000006820000000682b00000068370000006820000000680e00000068[4-4]e8 } $a2 = { 83????6a00683c0000006837000000682a0000006828000000682000000068080000006836000000683600000068200000006826000000682a0000006837000000681500000068200000006831000000682c0000006837000000681200000068[4-4]e8 }...
``` I think it might be taking an exception to the [4-4] portion. ``` Original comment by `[email protected]` on 11 Feb 2014 at 3:01
``` Check out the following issue, someone posted a patch for this I believe: https://code.google.com/p/malwarecookbook/issues/detail?id=35 ``` Original comment by `[email protected]` on 11 Feb 2014 at 3:05
``` [deleted comment] ```
``` Thank you Michael for pointing me to that thread. By the way how do I apply that patch to the existing script? ``` Original comment by `[email protected]` on 11...
``` change into the directory contains your clamav_to_yara.py script and type: $ patch -p0 < /path/to/the.patch ``` Original comment by `[email protected]` on 11 Feb 2014 at 3:14