Tuesday, March 13, 2018

Re: Fwd: [NEW] security/floss

Hello,

On freshly updated -current and /usr/ports, on amd64 `make test` fails with:

===> Returning to build of floss-1.5.0
===> floss-1.5.0 depends on: py-plugnplay-* -> py-plugnplay-0.5.3
>> Broken dependency: security/py-viv_utils non existent \
(DEPENDS was security/py-viv_utils) in security/floss
*** Error 1 in . (/usr/ports/infrastructure/mk/bsd.port.mk:2073\
'/usr/ports/pobj/floss-1.5.0/.dep-securit

`port-lib-depends-check` and `package` targets fail as well with the same
complaint about missing dependency.

Is `py-viv_utils` a port that is currently in development?

Cheers

On 12.03, Remi Pointel wrote:
>
>
> -------- Courriel original --------
> Objet: [NEW] security/floss
> Date: 10-03-2018 08:52
> De: Remi Pointel <remi.pointel@xiri.fr>
> À: The OpenBSD ports mailing-list <ports@openbsd.org>
>
> Hi,
>
> attached is the port of floss: FireEye Labs Obfuscated String Solver.
>
> ---------------------------------
> $ pkg_info floss
> Information for inst:floss-1.5.0
>
> Comment:
> FireEye Labs Obfuscated String Solver
>
> Description:
> The FireEye Labs Obfuscated String Solver (FLOSS) uses advanced static
> analysis
> techniques to automatically deobfuscate strings from malware binaries. You
> can
> use it just like strings.exe to enhance basic static analysis of unknown
> binaries.
> Rather than heavily protecting backdoors with hardcore packers, many malware
> authors evade heuristic detections by obfuscating only key portions of an
> executable. Often, these portions are strings and resources used to
> configure
> domains, files, and other artifacts of an infection. These key features will
> not
> show up as plaintext in output of the strings.exe utility that is commonly
> used
> during basic static analysis.
>
> Maintainer: Remi Pointel <rpointel@openbsd.org>
>
> WWW: https://github.com/fireeye/flare-floss
> ---------------------------------
>
> Ok?
>
> Cheers,
>
> Remi.

No comments:

Post a Comment