1sigtool(1)                      Clam AntiVirus                      sigtool(1)
2
3
4

NAME

6       sigtool - signature and database management tool
7

SYNOPSIS

9       sigtool [options]
10

DESCRIPTION

12       sigtool  can be used to generate MD5 checksums, convert data into hexa‐
13       decimal format, list virus signatures and build/unpack/test/verify  CVD
14       databases and update scripts.
15

OPTIONS

17       -h, --help
18              Output help information and exit.
19
20       -V, --version
21              Print version number and exit.
22
23       --quiet
24              Be quiet - output only error messages.
25
26       --stdout
27              Write all messages to stdout.
28
29       --hex-dump
30              Read data from stdin and write hex string to stdout.
31
32       --md5 [FILES]
33              Generate MD5 checksum from stdin or MD5 sigs for FILES.
34
35       --sha1 [FILES]
36              Generate SHA1 checksum from stdin or SHA1 sigs for FILES.
37
38       --sha256 [FILES]
39              Generate SHA256 checksum from stdin or SHA256 sigs for FILES.
40
41       --mdb [FILES]
42              Generate .mdb signatures for FILES.
43
44       --html-normalise=FILE
45              Create  normalised  HTML files comment.html, nocomment.html, and
46              script.html in current working directory.
47
48       --utf16-decode=FILE
49              Decode UTF16 encoded data.
50
51       --vba=FILE
52              Extract VBA/Word6 macros from given MS Office document.
53
54       --vba-hex=FILE
55              Extract Word6 macros from given MS Office document  and  display
56              the corresponding hex values.
57
58       -i, --info
59              Print a CVD information and verify MD5 and a digital signature.
60
61       --build=FILE, -b FILE
62              Build  a  CVD  file.  -s,  --server is required for signed virus
63              databases(.cvd), or, --unsigned for unsigned(.cud).
64
65       --max-bad-sigs=NUMBER
66              Maximum number of mismatched signatures  when  building  a  CVD.
67              Default: 3000
68
69       --flevel
70              Specify a custom flevel. Default: 77
71
72       --cvd-version
73              Specify  the  version number to use for the build. Default is to
74              use the value+1  from  the  current  CVD  in  --datadir.  If  no
75              datafile  is found the default behaviour is to prompt for a ver‐
76              sion number, this switch will prevent the prompt.   NOTE:  If  a
77              CVD  is  found  in  the --datadir its version+1 is used and this
78              value is ignored.
79
80       --no-cdiff
81              Don't create a .cdiff file when building a new database file.
82
83       --unsigned
84              Create a database file without digital signatures (.cud).
85
86       --server
87              ClamAV Signing Service address (for virus  database  maintainers
88              only).
89
90       --datadir=DIR
91              Use DIR as the default database directory for all operations.
92
93       --unpack=FILE, -u FILE
94              Unpack FILE (CVD) to a current directory.
95
96       --unpack-current
97              Unpack a local CVD file (main or daily) to current directory.
98
99       --diff=OLD NEW, -d OLD NEW
100              Create a diff file for OLD and NEW CVDs/INCDIRs.
101
102       --compare=OLD NEW, -c OLD NEW
103              This  command  will compare two text files and print differences
104              in a cdiff format.
105
106       --run-cdiff=FILE, -r FILE
107              Execute update script FILE in current directory.
108
109       --verify-cdiff=FILE, -r FILE
110              Verify DIFF against CVD/INCDIR.
111
112       -l[FILE], --list-sigs[=FILE]
113              List all signature  names  from  the  local  database  directory
114              (default) or from FILE.
115
116       -fREGEX, --find-sigs=REGEX
117              Find  and  display  signatures from the local database directory
118              which match the given REGEX. The whole signature body (name, hex
119              string, etc.) is checked.
120
121       --decode-sigs=REGEX
122              Decode  signatures  read from the standard input (eg. piped from
123              --find-sigs)
124
125       --test-sigs=DATABASE TARGET_FILE
126              Test all signatures  from  DATABASE  against  TARGET_FILE.  This
127              option  will  only  give valid results if the target file is the
128              final one (after unpacking, normalization, etc.) for  which  the
129              signatures were created.
130
131       --print-certs=FILE
132              Print Authenticode details from a PE file.
133

EXAMPLES

135       Generate hex string from testfile and save it to testfile.hex:
136
137              cat testfile | sigtool --hex-dump > testfile.hex
138

CREDITS

140       Please check the full documentation for credits.
141

AUTHOR

143       Tomasz Kojm <tkojm@clamav.net>
144

SEE ALSO

146       freshclam(1), freshclam.conf(5)
147
148
149
150ClamAV 0.101.2                 February 12, 2007                    sigtool(1)
Impressum