2007-03-21 02:12:51 +00:00
.TH "sigtool" "1" "February 12, 2007" "ClamAV @VERSION@" "Clam AntiVirus"
2003-07-29 15:37:11 +00:00
.SH "NAME"
.LP
2004-08-18 15:22:48 +00:00
sigtool \- signature and database management tool
2003-07-29 15:37:11 +00:00
.SH "SYNOPSIS"
.LP
sigtool [options]
.SH "DESCRIPTION"
.LP
2007-02-12 18:38:32 +00:00
sigtool can be used to generate MD5 checksums, convert data into hexadecimal format, list virus signatures and build/unpack/test/verify CVD databases and update scripts.
2003-07-29 15:37:11 +00:00
.SH "OPTIONS"
.LP
.TP
\fB \- h, \- \- help\fR
Output help information and exit.
.TP
\fB \- V, \- \- version\fR
2003-11-11 22:10:27 +00:00
Print version number and exit.
2003-07-29 15:37:11 +00:00
.TP
\fB \- \- quiet\fR
Be quiet \- output only error messages.
.TP
\fB \- \- stdout\fR
2007-02-12 18:38:32 +00:00
Write all messages to stdout.
2003-07-29 15:37:11 +00:00
.TP
\fB \- \- hex\- dump\fR
Read data from stdin and write hex string to stdout.
.TP
2004-08-31 11:44:51 +00:00
\fB \- \- md5 [FILES]\fR
Generate MD5 checksum from stdin or MD5 sigs for FILES.
2003-11-11 22:10:27 +00:00
.TP
2011-01-18 15:00:37 +01:00
\fB \- \- sha1 [FILES]\fR
Generate SHA1 checksum from stdin or SHA1 sigs for FILES.
.TP
\fB \- \- sha256 [FILES]\fR
Generate SHA256 checksum from stdin or SHA256 sigs for FILES.
.TP
2007-02-12 19:30:22 +00:00
\fB \- \- mdb [FILES]\fR
Generate .mdb signatures for FILES.
.TP
2004-09-18 19:26:08 +00:00
\fB \- \- html\- normalise=FILE\fR
Create normalised HTML files comment.html, nocomment.html, and script.html in current working directory.
.TP
2007-02-12 18:38:32 +00:00
\fB \- \- utf16\- decode=FILE\fR
Decode UTF16 encoded data.
.TP
2004-12-19 01:11:59 +00:00
\fB \- \- vba=FILE\fR
Extract VBA/Word6 macros from given MS Office document.
.TP
\fB \- \- vba\- hex=FILE\fR
2007-02-12 18:38:32 +00:00
Extract Word6 macros from given MS Office document and display the corresponding hex values.
2004-12-19 01:11:59 +00:00
.TP
2003-11-11 22:10:27 +00:00
\fB \- i, \- \- info\fR
Print a CVD information and verify MD5 and a digital signature.
.TP
2016-10-18 15:47:42 -04:00
\fB \- \- build=FILE, \- b FILE\fR
Build a CVD file. \- s, \- \- server is required for signed virus databases(.cvd), or, \- \- unsigned for unsigned(.cud).
2003-11-11 22:10:27 +00:00
.TP
2014-03-14 17:20:45 -04:00
\fB \- \- max\- bad\- sigs=NUMBER\fR
Maximum number of mismatched signatures when building a CVD. Default: 3000
.TP
\fB \- \- flevel\fR
Specify a custom flevel. Default: 77
.TP
\fB \- \- cvd\- version\fR
Specify the version number to use for the build. Default is to use the value+1
2014-09-17 21:44:31 -04:00
from the current CVD in \- \- datadir. If no datafile is found the default
2014-03-14 17:20:45 -04:00
behaviour is to prompt for a version number, this switch will prevent the
prompt.
2014-09-17 21:44:31 -04:00
NOTE: If a CVD is found in the \- \- datadir its version+1 is used and this value is ignored.
2014-03-14 17:20:45 -04:00
.TP
\fB \- \- no\- cdiff\fR
2011-05-10 21:29:49 +02:00
Don't create a .cdiff file when building a new database file.
.TP
2014-03-14 17:20:45 -04:00
\fB \- \- unsigned\fR
2016-10-18 15:47:42 -04:00
Create a database file without digital signatures (.cud).
2011-05-10 21:29:49 +02:00
.TP
2003-11-11 22:10:27 +00:00
\fB \- \- server\fR
2007-02-12 18:38:32 +00:00
ClamAV Signing Service address (for virus database maintainers only).
2003-11-11 22:10:27 +00:00
.TP
2010-06-08 16:34:59 +02:00
\fB \- \- datadir=DIR\fR
Use DIR as the default database directory for all operations.
.TP
\fB \- \- unpack=FILE, \- u FILE\fR
2007-02-12 18:38:32 +00:00
Unpack FILE (CVD) to a current directory.
2003-11-11 22:10:27 +00:00
.TP
\fB \- \- unpack\- current\fR
2007-02-12 18:38:32 +00:00
Unpack a local CVD file (main or daily) to current directory.
.TP
\fB \- \- diff=OLD NEW, \- d OLD NEW\fR
Create a diff file for OLD and NEW CVDs/INCDIRs.
.TP
2011-12-07 14:53:33 +01:00
\fB \- \- compare=OLD NEW, \- c OLD NEW\fR
This command will compare two text files and print differences in a cdiff format.
.TP
2007-02-12 18:38:32 +00:00
\fB \- \- run\- cdiff=FILE, \- r FILE\fR
Execute update script FILE in current directory.
.TP
\fB \- \- verify\- cdiff=FILE, \- r FILE\fR
Verify DIFF against CVD/INCDIR.
2004-10-01 00:31:18 +00:00
.TP
2009-10-16 10:12:17 +02:00
\fB \- l[FILE], \- \- list\- sigs[=FILE]\fR
List all signature names from the local database directory (default) or from FILE.
.TP
\fB \- fREGEX, \- \- find\- sigs=REGEX\fR
Find and display signatures from the local database directory which match the given REGEX. The whole signature body (name, hex string, etc.) is checked.
2009-12-09 23:32:34 +01:00
.TP
2014-03-14 17:20:45 -04:00
\fB \- \- decode\- sigs=REGEX\fR
2009-12-09 23:32:34 +01:00
Decode signatures read from the standard input (eg. piped from \- \- find\- sigs)
.TP
2014-03-14 17:20:45 -04:00
\fB \- \- test\- sigs=DATABASE TARGET_FILE\fR
2010-06-10 12:24:26 +02:00
Test all signatures from DATABASE against TARGET_FILE. This option will only give valid results if the target file is the final one (after unpacking, normalization, etc.) for which the signatures were created.
2014-03-14 17:20:45 -04:00
.TP
\fB \- \- print\- certs=FILE\fR
Print Authenticode details from a PE file.
2003-07-29 15:37:11 +00:00
.SH "EXAMPLES"
.LP
.TP
2004-08-18 15:22:48 +00:00
Generate hex string from testfile and save it to testfile.hex:
2003-07-29 15:37:11 +00:00
\fB cat testfile | sigtool \- \- hex\- dump > testfile.hex\fR
.SH "CREDITS"
Please check the full documentation for credits.
.SH "AUTHOR"
.LP
2003-11-11 22:10:27 +00:00
Tomasz Kojm <tkojm@clamav.net>
2003-07-29 15:37:11 +00:00
.SH "SEE ALSO"
.LP
2010-05-06 17:02:53 +02:00
freshclam(1), freshclam.conf(5)
