Manual Reference Pages - sigtool (1)

NAME

sigtool - signature and database management tool

SYNOPSIS

sigtool [options]

DESCRIPTION

sigtool can be used to generate MD5 checksums, convert data into hexadecimal format, list virus signatures and build/unpack/test/verify CVD databases and update scripts.

OPTIONS

-h, --help Output help information and exit.

-V, --version
Print version number and exit.

--quiet Be quiet - output only error messages.

--stdout
Write all messages to stdout.

--hex-dump
Read data from stdin and write hex string to stdout.

--md5 [FILES]
Generate MD5 checksum from stdin or MD5 sigs for FILES.

--sha1 [FILES]
Generate SHA1 checksum from stdin or SHA1 sigs for FILES.

--sha256 [FILES]
Generate SHA256 checksum from stdin or SHA256 sigs for FILES.

--mdb [FILES]
Generate .mdb signatures for FILES.

--html-normalise=FILE
Create normalised HTML files comment.html, nocomment.html, and script.html in current working directory.

--utf16-decode=FILE
Decode UTF16 encoded data.

--vba=FILE
Extract VBA/Word6 macros from given MS Office document.

--vba-hex=FILE
Extract Word6 macros from given MS Office document and display the corresponding hex values.

-i, --info Print a CVD information and verify MD5 and a digital signature.

-b, --build
Build a CVD file. -s, --server is required.

--server
ClamAV Signing Service address (for virus database maintainers only).

--datadir=DIR
Use DIR as the default database directory for all operations.

--unpack=FILE, -u FILE
Unpack FILE (CVD) to a current directory.

--unpack-current
Unpack a local CVD file (main or daily) to current directory.

--diff=OLD NEW, -d OLD NEW
Create a diff file for OLD and NEW CVDs/INCDIRs.

--run-cdiff=FILE, -r FILE
Execute update script FILE in current directory.

--verify-cdiff=FILE, -r FILE
Verify DIFF against CVD/INCDIR.

-l[FILE], --list-sigs[=FILE]
List all signature names from the local database directory (default) or from FILE.

-fREGEX, --find-sigs=REGEX
Find and display signatures from the local database directory which match the given REGEX. The whole signature body (name, hex string, etc.) is checked.

-fREGEX, --decode-sigs=REGEX
Decode signatures read from the standard input (eg. piped from --find-sigs)

-fREGEX, --test-sigs=DATABASE TARGET_FILE
Test all signatures from DATABASE against TARGET_FILE. This option will only give valid results if the target file is the final one (after unpacking, normalization, etc.) for which the signatures were created.

EXAMPLES

Generate hex string from testfile and save it to testfile.hex:

cat testfile | sigtool --hex-dump > testfile.hex

CREDITS

Please check the full documentation for credits.

AUTHOR

Tomasz Kojm <tkojm@clamav.net>

Manual Reference Pages - sigtool (1)

NAME

CONTENTS

SYNOPSIS

DESCRIPTION

OPTIONS

EXAMPLES

CREDITS

AUTHOR

SEE ALSO

-h, --help	Output help information and exit.
-V, --version
	Print version number and exit.
--quiet	Be quiet - output only error messages.
--stdout
	Write all messages to stdout.
--hex-dump
	Read data from stdin and write hex string to stdout.
--md5 [FILES]
	Generate MD5 checksum from stdin or MD5 sigs for FILES.
--sha1 [FILES]
	Generate SHA1 checksum from stdin or SHA1 sigs for FILES.
--sha256 [FILES]
	Generate SHA256 checksum from stdin or SHA256 sigs for FILES.
--mdb [FILES]
	Generate .mdb signatures for FILES.
--html-normalise=FILE
	Create normalised HTML files comment.html, nocomment.html, and script.html in current working directory.
--utf16-decode=FILE
	Decode UTF16 encoded data.
--vba=FILE
	Extract VBA/Word6 macros from given MS Office document.
--vba-hex=FILE
	Extract Word6 macros from given MS Office document and display the corresponding hex values.
-i, --info	Print a CVD information and verify MD5 and a digital signature.
-b, --build
	Build a CVD file. -s, --server is required.
--server
	ClamAV Signing Service address (for virus database maintainers only).
--datadir=DIR
	Use DIR as the default database directory for all operations.
--unpack=FILE, -u FILE
	Unpack FILE (CVD) to a current directory.
--unpack-current
	Unpack a local CVD file (main or daily) to current directory.
--diff=OLD NEW, -d OLD NEW
	Create a diff file for OLD and NEW CVDs/INCDIRs.
--run-cdiff=FILE, -r FILE
	Execute update script FILE in current directory.
--verify-cdiff=FILE, -r FILE
	Verify DIFF against CVD/INCDIR.
-l[FILE], --list-sigs[=FILE]
	List all signature names from the local database directory (default) or from FILE.
-fREGEX, --find-sigs=REGEX
	Find and display signatures from the local database directory which match the given REGEX. The whole signature body (name, hex string, etc.) is checked.
-fREGEX, --decode-sigs=REGEX
	Decode signatures read from the standard input (eg. piped from --find-sigs)
-fREGEX, --test-sigs=DATABASE TARGET_FILE
	Test all signatures from DATABASE against TARGET_FILE. This option will only give valid results if the target file is the final one (after unpacking, normalization, etc.) for which the signatures were created.

Generate hex string from testfile and save it to testfile.hex:
	cat testfile \| sigtool --hex-dump > testfile.hex