a39ae468 |
.TH "sigtool" "1" "February 12, 2007" "ClamAV @VERSION@" "Clam AntiVirus" |
28e73e95 |
.SH "NAME"
.LP |
a36e6e5c |
sigtool \- signature and database management tool |
28e73e95 |
.SH "SYNOPSIS"
.LP
sigtool [options]
.SH "DESCRIPTION"
.LP |
f3a638e4 |
sigtool can be used to generate MD5 checksums, convert data into hexadecimal format, list virus signatures and build/unpack/test/verify CVD databases and update scripts. |
28e73e95 |
.SH "OPTIONS"
.LP
.TP
\fB\-h, \-\-help\fR
Output help information and exit.
.TP
\fB\-V, \-\-version\fR |
5def21ff |
Print version number and exit. |
28e73e95 |
.TP
\fB\-\-quiet\fR
Be quiet \- output only error messages.
.TP
\fB\-\-stdout\fR |
f3a638e4 |
Write all messages to stdout. |
28e73e95 |
.TP
\fB\-\-hex\-dump\fR
Read data from stdin and write hex string to stdout.
.TP |
bcf3dc79 |
\fB\-\-md5 [FILES]\fR
Generate MD5 checksum from stdin or MD5 sigs for FILES. |
5def21ff |
.TP |
d5fde2eb |
\fB\-\-sha1 [FILES]\fR
Generate SHA1 checksum from stdin or SHA1 sigs for FILES.
.TP
\fB\-\-sha256 [FILES]\fR
Generate SHA256 checksum from stdin or SHA256 sigs for FILES.
.TP |
60892bc1 |
\fB\-\-mdb [FILES]\fR
Generate .mdb signatures for FILES.
.TP |
08d6b1e3 |
\fB\-\-html\-normalise=FILE\fR
Create normalised HTML files comment.html, nocomment.html, and script.html in current working directory.
.TP |
f3a638e4 |
\fB\-\-utf16\-decode=FILE\fR
Decode UTF16 encoded data.
.TP |
b31ef75c |
\fB\-\-vba=FILE\fR
Extract VBA/Word6 macros from given MS Office document.
.TP
\fB\-\-vba\-hex=FILE\fR |
f3a638e4 |
Extract Word6 macros from given MS Office document and display the corresponding hex values. |
b31ef75c |
.TP |
5def21ff |
\fB\-i, \-\-info\fR
Print a CVD information and verify MD5 and a digital signature.
.TP
\fB\-b, \-\-build\fR
Build a CVD file. \-s, \-\-server is required.
.TP |
fc038f77 |
\fB\-\-max\-bad\-sigs=NUMBER\fR
Maximum number of mismatched signatures when building a CVD. Default: 3000
.TP
\fB\-\-flevel\fR
Specify a custom flevel. Default: 77
.TP
\fB\-\-cvd\-version\fR
Specify the version number to use for the build. Default is to use the value+1
from the current CVD in --datadir. If no datafile is found the default
behaviour is to prompt for a version number, this switch will prevent the
prompt.
NOTE: If a CVD is found in the --datadir its version+1 is used and this value is ignored.
.TP
\fB\-\-no\-cdiff\fR |
cdddd014 |
Don't create a .cdiff file when building a new database file.
.TP |
fc038f77 |
\fB\-\-unsigned\fR |
cdddd014 |
Create a database file without digital signatures (.cua).
.TP |
5def21ff |
\fB\-\-server\fR |
f3a638e4 |
ClamAV Signing Service address (for virus database maintainers only). |
5def21ff |
.TP |
8478b04a |
\fB\-\-datadir=DIR\fR
Use DIR as the default database directory for all operations.
.TP
\fB\-\-unpack=FILE, \-u FILE\fR |
f3a638e4 |
Unpack FILE (CVD) to a current directory. |
5def21ff |
.TP
\fB\-\-unpack\-current\fR |
f3a638e4 |
Unpack a local CVD file (main or daily) to current directory.
.TP
\fB\-\-diff=OLD NEW, \-d OLD NEW\fR
Create a diff file for OLD and NEW CVDs/INCDIRs.
.TP |
44db6b4a |
\fB\-\-compare=OLD NEW, \-c OLD NEW\fR
This command will compare two text files and print differences in a cdiff format.
.TP |
f3a638e4 |
\fB\-\-run\-cdiff=FILE, \-r FILE\fR
Execute update script FILE in current directory.
.TP
\fB\-\-verify\-cdiff=FILE, \-r FILE\fR
Verify DIFF against CVD/INCDIR. |
02b4b0c7 |
.TP |
b4561aa2 |
\fB\-l[FILE], \-\-list\-sigs[=FILE]\fR
List all signature names from the local database directory (default) or from FILE.
.TP
\fB\-fREGEX, \-\-find\-sigs=REGEX\fR
Find and display signatures from the local database directory which match the given REGEX. The whole signature body (name, hex string, etc.) is checked. |
a96eead4 |
.TP |
fc038f77 |
\fB\-\-decode\-sigs=REGEX\fR |
a96eead4 |
Decode signatures read from the standard input (eg. piped from \-\-find\-sigs)
.TP |
fc038f77 |
\fB\-\-test\-sigs=DATABASE TARGET_FILE\fR |
ffa9b060 |
Test all signatures from DATABASE against TARGET_FILE. This option will only give valid results if the target file is the final one (after unpacking, normalization, etc.) for which the signatures were created. |
fc038f77 |
.TP
\fB\-\-print\-certs=FILE\fR
Print Authenticode details from a PE file. |
28e73e95 |
.SH "EXAMPLES"
.LP
.TP |
a36e6e5c |
Generate hex string from testfile and save it to testfile.hex: |
28e73e95 |
\fBcat testfile | sigtool \-\-hex\-dump > testfile.hex\fR
.SH "CREDITS"
Please check the full documentation for credits.
.SH "AUTHOR"
.LP |
5def21ff |
Tomasz Kojm <tkojm@clamav.net> |
28e73e95 |
.SH "SEE ALSO"
.LP |
021b6720 |
freshclam(1), freshclam.conf(5) |