Stowage/clamav
2
0
Fork 0
mirror of https://github.com/Cisco-Talos/clamav.git synced 2025-11-01 16:40:54 +00:00
Code Issues Projects Releases Packages Wiki Activity
clamav/docs/UserManual/Signatures/EncryptedArchives.md

24 lines
1.2 KiB
Markdown
Raw Normal View History

Restructured the signature writing documentation, and supplemented it with dconf documentation, file type magic documentation, and references for ClamAV functionality levels.
2018-11-07 16:24:28 -05:00
# Passwords for archive files \[experimental\]
ClamAV 0.99 allows for users to specify password attempts for certain password-compatible archives. Passwords will be attempted in order of appearance in the password signature file which use the extension of `.pwdb`. If no passwords apply or none are provided, ClamAV will default to the original behavior of parsing the file. Currently, as of ClamAV 0.99 \[flevel 81\], only `.zip` archives using the traditional PKWARE encryption are supported. The signature format is
```
SignatureName;TargetDescriptionBlock;PWStorageType;Password
```
where:
- `SignatureName`: name to be displayed during debug when a password is successful
- `TargetDescriptionBlock`: provides information about the engine and target file with comma separated Arg:Val pairs
- `Engine:X-Y`: Required engine functionality level. See the [FLEVEL reference](FunctionalityLevels.md) for details.
- `Container:CL_TYPE_*`: File type of applicable containers
- `PWStorageType`: determines how the password field is parsed
- 0 = cleartext
- 1 = hex
- `Password`: value used in password attempt
The signatures for password attempts are stored inside `.pwdb` files.
Reference in a new issue Copy permalink