From 08214fc5242df1616355c8bdb16ab367be970f42 Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Fri, 3 Apr 2020 17:45:28 +0200
Subject: Fix php-malware-finder for yara > 4.0.0

---
 php-malware-finder/php.yar | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/php-malware-finder/php.yar b/php-malware-finder/php.yar
index 029aaf9..de5b1f7 100644
--- a/php-malware-finder/php.yar
+++ b/php-malware-finder/php.yar
@@ -206,7 +206,7 @@ private rule IRC
         5 of them
 }
 
-private rule base64
+private rule b64
 {
     strings:
         $user_agent = "SFRUUF9VU0VSX0FHRU5UCg"
@@ -268,7 +268,7 @@ private rule strrev
 rule SuspiciousEncoding
 {
     condition:
-        (base64 or hex or strrev or Hpack) and not IsWhitelisted
+        (b64 or hex or strrev or Hpack) and not IsWhitelisted
 }
 
 rule DodgyStrings
-- 
cgit v1.3