1sigtool(1) Clam AntiVirus sigtool(1)
2
3
4
6 sigtool - signature and database management tool
7
9 sigtool [options]
10
12 sigtool can be used to generate MD5 checksums, convert data into hexa‐
13 decimal format, list virus signatures and build/unpack/test/verify CVD
14 databases and update scripts.
15
17 -h, --help
18 Output help information and exit.
19
20 -V, --version
21 Print version number and exit.
22
23 --quiet
24 Be quiet - output only error messages.
25
26 --stdout
27 Write all messages to stdout.
28
29 --hex-dump
30 Read data from stdin and write hex string to stdout.
31
32 --md5 [FILES]
33 Generate MD5 checksum from stdin or MD5 sigs for FILES.
34
35 --sha1 [FILES]
36 Generate SHA1 checksum from stdin or SHA1 sigs for FILES.
37
38 --sha256 [FILES]
39 Generate SHA256 checksum from stdin or SHA256 sigs for FILES.
40
41 --mdb [FILES]
42 Generate .mdb signatures for FILES.
43
44 --html-normalise=FILE
45 Create normalised HTML files comment.html, nocomment.html, and
46 script.html in current working directory.
47
48 --utf16-decode=FILE
49 Decode UTF16 encoded data.
50
51 --vba=FILE
52 Extract VBA/Word6 macros from given MS Office document.
53
54 --vba-hex=FILE
55 Extract Word6 macros from given MS Office document and display
56 the corresponding hex values.
57
58 -i, --info
59 Print a CVD information and verify MD5 and a digital signature.
60
61 --build=FILE, -b FILE
62 Build a CVD file. -s, --server is required for signed virus
63 databases(.cvd), or, --unsigned for unsigned(.cud).
64
65 --max-bad-sigs=NUMBER
66 Maximum number of mismatched signatures when building a CVD. De‐
67 fault: 3000
68
69 --flevel
70 Specify a custom flevel. Default: 77
71
72 --cvd-version
73 Specify the version number to use for the build. Default is to
74 use the value+1 from the current CVD in --datadir. If no
75 datafile is found the default behaviour is to prompt for a ver‐
76 sion number, this switch will prevent the prompt. NOTE: If a
77 CVD is found in the --datadir its version+1 is used and this
78 value is ignored.
79
80 --no-cdiff
81 Don't create a .cdiff file when building a new database file.
82
83 --unsigned
84 Create a database file without digital signatures (.cud).
85
86 --server
87 ClamAV Signing Service address (for virus database maintainers
88 only).
89
90 --datadir=DIR
91 Use DIR as the default database directory for all operations.
92
93 --unpack=FILE, -u FILE
94 Unpack FILE (CVD) to a current directory.
95
96 --unpack-current
97 Unpack a local CVD file (main or daily) to current directory.
98
99 --diff=OLD NEW, -d OLD NEW
100 Create a diff file for OLD and NEW CVDs/INCDIRs.
101
102 --compare=OLD NEW, -c OLD NEW
103 This command will compare two text files and print differences
104 in a cdiff format.
105
106 --run-cdiff=FILE, -r FILE
107 Execute update script FILE in current directory.
108
109 --verify-cdiff=FILE, -r FILE
110 Verify DIFF against CVD/INCDIR.
111
112 -l[FILE], --list-sigs[=FILE]
113 List all signature names from the local database directory (de‐
114 fault) or from FILE.
115
116 -fREGEX, --find-sigs=REGEX
117 Find and display signatures from the local database directory
118 which match the given REGEX. The whole signature body (name, hex
119 string, etc.) is checked.
120
121 --decode-sigs=REGEX
122 Decode signatures read from the standard input (eg. piped from
123 --find-sigs)
124
125 --test-sigs=DATABASE TARGET_FILE
126 Test all signatures from DATABASE against TARGET_FILE. This op‐
127 tion will only give valid results if the target file is the fi‐
128 nal one (after unpacking, normalization, etc.) for which the
129 signatures were created.
130
131 --print-certs=FILE
132 Print Authenticode details from a PE file.
133
135 Generate hex string from testfile and save it to testfile.hex:
136
137 cat testfile | sigtool --hex-dump > testfile.hex
138
140 Please check the full documentation for credits.
141
143 Tomasz Kojm <tkojm@clamav.net>
144
146 freshclam(1), freshclam.conf(5)
147
148
149
150ClamAV 0.103.7 February 12, 2007 sigtool(1)