NAME
sigtool - signature and database management tool
SYNOPSIS
sigtool [options]
DESCRIPTION
sigtool can be used to generate MD5 checksums, convert data into hexadecimal format, list virus signatures and build/unpack/test/verify CVD databases and update scripts.
OPTIONS
| -h, --help | Output help information and exit. |
| -V, --version | |
| Print version number and exit. | |
| --quiet | Be quiet - output only error messages. |
| --stdout | |
| Write all messages to stdout. | |
| --hex-dump | |
| Read data from stdin and write hex string to stdout. | |
| --md5 [FILES] | |
| Generate MD5 checksum from stdin or MD5 sigs for FILES. | |
| --mdb [FILES] | |
| Generate .mdb signatures for FILES. | |
| --html-normalise=FILE | |
| Create normalised HTML files comment.html, nocomment.html, and script.html in current working directory. | |
| --utf16-decode=FILE | |
| Decode UTF16 encoded data. | |
| --vba=FILE | |
| Extract VBA/Word6 macros from given MS Office document. | |
| --vba-hex=FILE | |
| Extract Word6 macros from given MS Office document and display the corresponding hex values. | |
| -i, --info | Print a CVD information and verify MD5 and a digital signature. |
| -b, --build | |
| Build a CVD file. -s, --server is required. | |
| --server | |
| ClamAV Signing Service address (for virus database maintainers only). | |
| --datadir=DIR | |
| Use DIR as the default database directory for all operations. | |
| --unpack=FILE, -u FILE | |
| Unpack FILE (CVD) to a current directory. | |
| --unpack-current | |
| Unpack a local CVD file (main or daily) to current directory. | |
| --diff=OLD NEW, -d OLD NEW | |
| Create a diff file for OLD and NEW CVDs/INCDIRs. | |
| --run-cdiff=FILE, -r FILE | |
| Execute update script FILE in current directory. | |
| --verify-cdiff=FILE, -r FILE | |
| Verify DIFF against CVD/INCDIR. | |
| -l[FILE], --list-sigs[=FILE] | |
| List all signature names from the local database directory (default) or from FILE. | |
| -fREGEX, --find-sigs=REGEX | |
| Find and display signatures from the local database directory which match the given REGEX. The whole signature body (name, hex string, etc.) is checked. | |
| -fREGEX, --decode-sigs=REGEX | |
| Decode signatures read from the standard input (eg. piped from --find-sigs) | |
| -fREGEX, --test-sigs=DATABASE TARGET_FILE | |
| Test all signatures from DATABASE against TARGET_FILE. This option will only give valid results if the target file is the final one (after unpacking, normalization, etc.) for which the signatures were created. | |
EXAMPLES
| Generate hex string from testfile and save it to testfile.hex: | |
cat testfile | sigtool --hex-dump > testfile.hex | |
CREDITS
Please check the full documentation for credits.
AUTHOR
Tomasz Kojm <tkojm@clamav.net>
SEE ALSO
