1sigtool(1)                      Clam AntiVirus                      sigtool(1)
2
3
4

NAME

6       sigtool - signature and database management tool
7

SYNOPSIS

9       sigtool [options]
10

DESCRIPTION

12       sigtool  can be used to generate MD5 checksums, convert data into hexa‐
13       decimal format, list virus signatures and build/unpack/test/verify  CVD
14       databases and update scripts.
15

OPTIONS

17       -h, --help
18              Output help information and exit.
19
20       -V, --version
21              Print version number and exit.
22
23       --quiet
24              Be quiet - output only error messages.
25
26       --stdout
27              Write all messages to stdout.
28
29       --hex-dump
30              Read data from stdin and write hex string to stdout.
31
32       --md5 [FILES]
33              Generate MD5 checksum from stdin or MD5 sigs for FILES.
34
35       --sha1 [FILES]
36              Generate SHA1 checksum from stdin or SHA1 sigs for FILES.
37
38       --sha256 [FILES]
39              Generate SHA256 checksum from stdin or SHA256 sigs for FILES.
40
41       --mdb [FILES]
42              Generate .mdb signatures for FILES.
43
44       --html-normalise=FILE
45              Create  normalised  HTML files comment.html, nocomment.html, and
46              script.html in current working directory.
47
48       --utf16-decode=FILE
49              Decode UTF16 encoded data.
50
51       --vba=FILE
52              Extract VBA/Word6 macros from given MS Office document.
53
54       --vba-hex=FILE
55              Extract Word6 macros from given MS Office document  and  display
56              the corresponding hex values.
57
58       -i, --info
59              Print a CVD information and verify MD5 and a digital signature.
60
61       --build=FILE, -b FILE
62              Build  a  CVD  file.  -s,  --server is required for signed virus
63              databases(.cvd), or, --unsigned for unsigned(.cud).
64
65       --max-bad-sigs=NUMBER
66              Maximum number of mismatched signatures when building a CVD. De‐
67              fault: 3000
68
69       --flevel
70              Specify a custom flevel. Default: 77
71
72       --cvd-version
73              Specify  the  version number to use for the build. Default is to
74              use the value+1  from  the  current  CVD  in  --datadir.  If  no
75              datafile  is found the default behaviour is to prompt for a ver‐
76              sion number, this switch will prevent the prompt.   NOTE:  If  a
77              CVD  is  found  in  the --datadir its version+1 is used and this
78              value is ignored.
79
80       --no-cdiff
81              Don't create a .cdiff file when building a new database file.
82
83       --unsigned
84              Create a database file without digital signatures (.cud).
85
86       --server
87              ClamAV Signing Service address (for virus  database  maintainers
88              only).
89
90       --datadir=DIR
91              Use DIR as the default database directory for all operations.
92
93       --unpack=FILE, -u FILE
94              Unpack FILE (CVD) to a current directory.
95
96       --unpack-current
97              Unpack a local CVD file (main or daily) to current directory.
98
99       --diff=OLD NEW, -d OLD NEW
100              Create a diff file for OLD and NEW CVDs/INCDIRs.
101
102       --compare=OLD NEW, -c OLD NEW
103              This  command  will compare two text files and print differences
104              in a cdiff format.
105
106       --run-cdiff=FILE, -r FILE
107              Execute update script FILE in current directory.
108
109       --verify-cdiff=FILE, -r FILE
110              Verify DIFF against CVD/INCDIR.
111
112       -l[FILE], --list-sigs[=FILE]
113              List all signature names from the local database directory  (de‐
114              fault) or from FILE.
115
116       -fREGEX, --find-sigs=REGEX
117              Find  and  display  signatures from the local database directory
118              which match the given REGEX. The whole signature body (name, hex
119              string, etc.) is checked.
120
121       --decode-sigs=REGEX
122              Decode  signatures  read from the standard input (eg. piped from
123              --find-sigs)
124
125       --test-sigs=DATABASE TARGET_FILE
126              Test all signatures from DATABASE against TARGET_FILE. This  op‐
127              tion  will only give valid results if the target file is the fi‐
128              nal one (after unpacking, normalization,  etc.)  for  which  the
129              signatures were created.
130
131       --print-certs=FILE
132              Print Authenticode details from a PE file.
133

EXAMPLES

135       Generate hex string from testfile and save it to testfile.hex:
136
137              cat testfile | sigtool --hex-dump > testfile.hex
138

CREDITS

140       Please check the full documentation for credits.
141

AUTHOR

143       Tomasz Kojm <tkojm@clamav.net>
144

SEE ALSO

146       freshclam(1), freshclam.conf(5)
147
148
149
150ClamAV 0.103.7                 February 12, 2007                    sigtool(1)
Impressum