1sigtool(1) Clam AntiVirus sigtool(1)
2
3
4
6 sigtool - signature and database management tool
7
9 sigtool [options]
10
12 sigtool can be used to generate MD5 checksums, convert data into hexa‐
13 decimal format, list virus signatures and build/unpack/test/verify CVD
14 databases and update scripts.
15
17 -h, --help
18 Output help information and exit.
19
20 -V, --version
21 Print version number and exit.
22
23 --quiet
24 Be quiet - output only error messages.
25
26 --stdout
27 Write all messages to stdout.
28
29 --hex-dump
30 Read data from stdin and write hex string to stdout.
31
32 --md5 [FILES]
33 Generate MD5 checksum from stdin or MD5 sigs for FILES.
34
35 --sha1 [FILES]
36 Generate SHA1 checksum from stdin or SHA1 sigs for FILES.
37
38 --sha256 [FILES]
39 Generate SHA256 checksum from stdin or SHA256 sigs for FILES.
40
41 --mdb [FILES]
42 Generate .mdb signatures for FILES.
43
44 --html-normalise=FILE
45 Create normalised HTML files comment.html, nocomment.html, and
46 script.html in current working directory.
47
48 --utf16-decode=FILE
49 Decode UTF16 encoded data.
50
51 --vba=FILE
52 Extract VBA/Word6 macros from given MS Office document.
53
54 --vba-hex=FILE
55 Extract Word6 macros from given MS Office document and display
56 the corresponding hex values.
57
58 -i, --info
59 Print a CVD information and verify MD5 and a digital signature.
60
61 --build=FILE, -b FILE
62 Build a CVD file. -s, --server is required for signed virus
63 databases(.cvd), or, --unsigned for unsigned(.cud).
64
65 --max-bad-sigs=NUMBER
66 Maximum number of mismatched signatures when building a CVD.
67 Default: 3000
68
69 --flevel
70 Specify a custom flevel. Default: 77
71
72 --cvd-version
73 Specify the version number to use for the build. Default is to
74 use the value+1 from the current CVD in --datadir. If no
75 datafile is found the default behaviour is to prompt for a ver‐
76 sion number, this switch will prevent the prompt. NOTE: If a
77 CVD is found in the --datadir its version+1 is used and this
78 value is ignored.
79
80 --no-cdiff
81 Don't create a .cdiff file when building a new database file.
82
83 --unsigned
84 Create a database file without digital signatures (.cud).
85
86 --server
87 ClamAV Signing Service address (for virus database maintainers
88 only).
89
90 --datadir=DIR
91 Use DIR as the default database directory for all operations.
92
93 --unpack=FILE, -u FILE
94 Unpack FILE (CVD) to a current directory.
95
96 --unpack-current
97 Unpack a local CVD file (main or daily) to current directory.
98
99 --diff=OLD NEW, -d OLD NEW
100 Create a diff file for OLD and NEW CVDs/INCDIRs.
101
102 --compare=OLD NEW, -c OLD NEW
103 This command will compare two text files and print differences
104 in a cdiff format.
105
106 --run-cdiff=FILE, -r FILE
107 Execute update script FILE in current directory.
108
109 --verify-cdiff=FILE, -r FILE
110 Verify DIFF against CVD/INCDIR.
111
112 -l[FILE], --list-sigs[=FILE]
113 List all signature names from the local database directory
114 (default) or from FILE.
115
116 -fREGEX, --find-sigs=REGEX
117 Find and display signatures from the local database directory
118 which match the given REGEX. The whole signature body (name, hex
119 string, etc.) is checked.
120
121 --decode-sigs=REGEX
122 Decode signatures read from the standard input (eg. piped from
123 --find-sigs)
124
125 --test-sigs=DATABASE TARGET_FILE
126 Test all signatures from DATABASE against TARGET_FILE. This
127 option will only give valid results if the target file is the
128 final one (after unpacking, normalization, etc.) for which the
129 signatures were created.
130
131 --print-certs=FILE
132 Print Authenticode details from a PE file.
133
135 Generate hex string from testfile and save it to testfile.hex:
136
137 cat testfile | sigtool --hex-dump > testfile.hex
138
140 Please check the full documentation for credits.
141
143 Tomasz Kojm <tkojm@clamav.net>
144
146 freshclam(1), freshclam.conf(5)
147
148
149
150ClamAV 0.103.2 February 12, 2007 sigtool(1)