page_brute icon indicating copy to clipboard operation
page_brute copied to clipboard

Published 20 hours ago verified publisher icon matonis

Errors on Ubuntu 13.10

Open adamziaja opened this issue 10 years ago • 4 comments 

$ python page_brute-BETA.py -r cmd_optimistic_blanks.yar -f pagefile.sys
[+] - PAGE_BRUTE processing file: pagefile.sys
Traceback (most recent call last):
  File "page_brute-BETA.py", line 227, in <module>
    main()
  File "page_brute-BETA.py", line 176, in main
    authoritative_rules=build_ruleset()
  File "page_brute-BETA.py", line 33, in build_ruleset
    if RULETYPE == "FILE":
NameError: global name 'RULETYPE' is not defined

$ python page_brute-BETA.py -r default_signatures.yar -f pagefile.sys
[+] - PAGE_BRUTE processing file: pagefile.sys
[+] - YARA rule of File type provided for compilation: default_signatures.yar
..... Ruleset Compilation Successful.
[+] - PAGE_BRUTE running with the following options:
    [-] - FILE: pagefile.sys
    [-] - PAGE_SIZE: 4096
    [-] - RULES TYPE: FILE
    [-] - RULE LOCATION: default_signatures.yar
    [-] - INVERSION SCAN: False
    [-] - WORKING DIR: PAGE_BRUTE-2014-04-05-01-31-47-RESULTS
    =================

Traceback (most recent call last):
  File "page_brute-BETA.py", line 227, in <module>
    main()
  File "page_brute-BETA.py", line 200, in main
    CHUNK_OUTPUT_DIR=os.path.join(WORKING_DIR,matches.rule)
AttributeError: 'str' object has no attribute 'rule'

Ubuntu 13.10

adamziaja avatar Apr 04 '14 23:04 adamziaja

Looking in to it. Thanks!

matonis avatar Apr 15 '14 18:04 matonis

thanks, not sure if this helps, but also getting the error on SIFT 3.0. Ubuntu 12.04 uname -a Linux siftworkstation 3.11.0-15-generic #25~precise1-Ubuntu SMP Thu Jan 30 17:39:31 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

I have tried using the full path for everything instead of just relative paths

mattulm avatar Aug 08 '14 00:08 mattulm

:+1:

2xyo avatar Dec 04 '14 18:12 2xyo

Has this been resolved? I am getting the similar error as below (reported by adamziaja). I am trying this on the latest distribution of SIFT workstation.

root@siftworkstation:/home/sansforensics/Desktop/page_brute-master# ./page_brute-BETA.py -r default_signatures.yar -f /home/sansforensics/Desktop/cases/pagefile.sys [+] - PAGE_BRUTE processing file: /home/sansforensics/Desktop/cases/pagefile.sys [+] - YARA rule of File type provided for compilation: default_signatures.yar ..... Ruleset Compilation Successful. [+] - PAGE_BRUTE running with the following options: [-] - FILE: /home/sansforensics/Desktop/cases/pagefile.sys [-] - PAGE_SIZE: 4096 [-] - RULES TYPE: FILE [-] - RULE LOCATION: default_signatures.yar [-] - INVERSION SCAN: False [-] - WORKING DIR: PAGE_BRUTE-2015-01-02-20-41-57-RESULTS =================

Traceback (most recent call last): File "./page_brute-BETA.py", line 227, in main() File "./page_brute-BETA.py", line 200, in main CHUNK_OUTPUT_DIR=os.path.join(WORKING_DIR,matches.rule) AttributeError: 'str' object has no attribute 'rule'

aniketbhardwaj02 avatar Jan 02 '15 20:01 aniketbhardwaj02