309
if(scanf("%as", &pt) == EOF || !pt) {
306
if(scanf("%30s", pass) == EOF || !pt) {
310
307
mprintf("!getdsig: Can't get password\n");
311
308
#ifdef HAVE_TERMIOS_H
312
309
tcsetattr(0, TCSAFLUSH, &old);
316
strncpy(pass, pt, sizeof(pass));
317
pass[sizeof(pass)-1]='\0';
320
314
#ifdef HAVE_TERMIOS_H
321
315
if(tcsetattr(0, TCSAFLUSH, &old)) {
400
394
unsigned int i, bytes;
401
395
unsigned char digest[32], buffer[FILEBUFF];
399
ctx = cl_hash_init("sha256");
407
403
if(!(fh = fopen(file, "rb"))) {
408
404
mprintf("!sha256file: Can't open file %s\n", file);
405
cl_hash_destroy(ctx);
413
410
while((bytes = fread(buffer, 1, sizeof(buffer), fh))) {
414
sha256_update(&ctx, buffer, bytes);
411
cl_update_hash(ctx, buffer, bytes);
418
sha256_final(&ctx, digest);
415
cl_finish_hash(ctx, digest);
419
416
sha = (char *) malloc(65);
435
432
unsigned int i, bytes;
436
433
char file[32], *pt, dbfile[32];
437
434
unsigned char digest[32], buffer[FILEBUFF];
440
437
snprintf(file, sizeof(file), "%s.info", dbname);
441
438
if(!access(file, R_OK)) {
493
490
if(!optget(opts, "unsigned")->enabled) {
492
ctx = cl_hash_init("sha256");
496
498
while((bytes = fread(buffer, 1, sizeof(buffer), fh)))
497
sha256_update(&ctx, buffer, bytes);
498
sha256_final(&ctx, digest);
499
cl_update_hash(ctx, buffer, bytes);
500
cl_finish_hash(ctx, digest);
499
501
if(!(pt = getdsig(optget(opts, "server")->strarg, builder, digest, 32, 3))) {
500
502
mprintf("!writeinfo: Can't get digital signature from remote server\n");
604
ctx = cl_hash_init("sha256");
604
612
while((bytes = fread(buffer, 1, sizeof(buffer), cdiffh)))
605
sha256_update(&ctx, (unsigned char *) buffer, bytes);
613
cl_update_hash(ctx, (unsigned char *) buffer, bytes);
608
sha256_final(&ctx, digest);
616
cl_finish_hash(ctx, digest);
610
618
if(!(pt = getdsig(optget(opts, "server")->strarg, builder, digest, 32, 2))) {
611
619
mprintf("!script2cdiff: Can't get digital signature from remote server\n");
793
802
version = oldcvd->version + 1;
794
803
oldsigs = oldcvd->sigs;
795
804
cl_cvdfree(oldcvd);
805
} else if (optget(opts, "cvd-version")->numarg != 0) {
806
version = optget(opts, "cvd-version")->numarg;
797
808
mprintf("Version number: ");
798
809
if(scanf("%u", &version) == EOF) {
835
846
builder[sizeof(builder)-1]='\0';
837
848
mprintf("Builder name: ");
838
if(scanf("%as", &pt) == EOF || !pt) {
849
if(scanf("%32s", builder) == EOF || !pt) {
839
850
mprintf("!build: Can't get builder name\n");
842
strncpy(builder, pt, sizeof(builder));
843
builder[sizeof(builder)-1]='\0';
847
856
/* add builder */
1116
1125
name[sizeof(name)-1]='\0';
1128
if (cl_cvdverify(name) != CL_SUCCESS) {
1129
mprintf("!unpack: %s is not a valid CVD\n", name);
1119
1133
if(cli_cvdunpack(name, ".") == -1) {
1120
1134
mprintf("!unpack: Can't unpack file %s\n", name);
2871
2894
/* Generate SHA1 */
2873
SHA1Update(&sha1, fmptr, sb.st_size);
2874
SHA1Final(&sha1, shash1);
2895
cl_sha1(fmptr, sb.st_size, shash1, NULL);
2876
ret = cli_checkfp_pe(&ctx, shash1);
2897
ret = cli_checkfp_pe(&ctx, shash1, NULL, CL_CHECKFP_PE_FLAG_AUTHENTICODE);
2903
2924
static void help(void)
2906
mprintf(" Clam AntiVirus: Signature Tool (sigtool) %s\n", get_version());
2907
printf(" By The ClamAV Team: http://www.clamav.net/team\n");
2908
printf(" (C) 2007-2009 Sourcefire, Inc. et al.\n\n");
2927
mprintf("Clam AntiVirus: Signature Tool (sigtool) %s\n", get_version());
2928
mprintf(" By The ClamAV Team: http://www.clamav.net/team\n");
2929
mprintf(" (C) 2007-2009 Sourcefire, Inc. et al.\n\n");
2910
2931
mprintf(" --help -h show help\n");
2911
2932
mprintf(" --version -V print version number and exit\n");
2925
2946
mprintf(" --utf16-decode=FILE decode UTF16 encoded files\n");
2926
2947
mprintf(" --info=FILE -i FILE print database information\n");
2927
2948
mprintf(" --build=NAME [cvd] -b NAME build a CVD file\n");
2928
mprintf(" --max-bad-sigs=NUMBER Maximum number of mismatched signatures when building a CVD. Default: 3000\n");
2929
mprintf(" --flevel=FLEVEL Specify a custom flevel. Default: %u\n", cl_retflevel());
2949
mprintf(" --max-bad-sigs=NUMBER Maximum number of mismatched signatures\n");
2950
mprintf(" when building a CVD. Default: 3000\n");
2951
mprintf(" --flevel=FLEVEL Specify a custom flevel.\n");
2952
mprintf(" Default: %u\n", cl_retflevel());
2953
mprintf(" --cvd-version=NUMBER Specify the version number to use for\n");
2954
mprintf(" the build. Default is to use the value+1\n");
2955
mprintf(" from the current CVD in --datadir.\n");
2956
mprintf(" If no datafile is found the default\n");
2957
mprintf(" behaviour is to prompt for a version\n");
2958
mprintf(" number, this switch will prevent the\n");
2959
mprintf(" prompt. NOTE: If a CVD is found in the\n");
2960
mprintf(" --datadir its version+1 is used and\n");
2961
mprintf(" this value is ignored.\n");
2930
2962
mprintf(" --no-cdiff Don't generate .cdiff file\n");
2931
2963
mprintf(" --unsigned Create unsigned database file (.cud)\n");
2932
2964
mprintf(" --print-certs=FILE Print Authenticode details from a PE\n");
2933
2965
mprintf(" --server=ADDR ClamAV Signing Service address\n");
2934
mprintf(" --datadir=DIR Use DIR as default database directory\n");
2966
mprintf(" --datadir=DIR Use DIR as default database directory\n");
2935
2967
mprintf(" --unpack=FILE -u FILE Unpack a CVD/CLD file\n");
2936
2968
mprintf(" --unpack-current=SHORTNAME Unpack local CVD/CLD into cwd\n");
2937
2969
mprintf(" --list-sigs[=FILE] -l[FILE] List signature names\n");
2938
2970
mprintf(" --find-sigs=REGEX -fREGEX Find signatures matching REGEX\n");
2939
2971
mprintf(" --decode-sigs Decode signatures from stdin\n");
2940
mprintf(" --test-sigs=DATABASE TARGET_FILE Test signatures from DATABASE against TARGET_FILE\n");
2972
mprintf(" --test-sigs=DATABASE TARGET_FILE Test signatures from DATABASE against \n");
2973
mprintf(" TARGET_FILE\n");
2941
2974
mprintf(" --vba=FILE Extract VBA/Word6 macro code\n");
2942
2975
mprintf(" --vba-hex=FILE Extract Word6 macro code with hex values\n");
2943
2976
mprintf(" --diff=OLD NEW -d OLD NEW Create diff for OLD and NEW CVDs\n");
2944
mprintf(" --compare=OLD NEW -c OLD NEW Show diff between OLD and NEW files in cdiff format\n");
2977
mprintf(" --compare=OLD NEW -c OLD NEW Show diff between OLD and NEW files in\n");
2978
mprintf(" cdiff format\n");
2945
2979
mprintf(" --run-cdiff=FILE -r FILE Execute update script FILE in cwd\n");
2946
2980
mprintf(" --verify-cdiff=DIFF CVD/CLD Verify DIFF against CVD/CLD\n");