[clamav-users] custom signatures wont work :(
krzf83@gmail.com
krzf83 at gmail.com
Thu Mar 13 23:44:57 UTC 2014
I've spend on this about 6 hours without any effect. Please help :(
I had it working some time ago but today I've found out that it
stopped working (maybe after one of the clamav updates)
root at sv1 [/root/test]# echo test > test.exe
root at sv1 [/root/test]# cat test.exe
test
root at sv1 [/root/test]# sigtool --md5 test.exe > test.hdb
root at sv1 [/root/test]# clamscan -d test.hdb test.exe
test.exe: OK
----------- SCAN SUMMARY -----------
Known viruses: 1
Engine version: 0.98.1
Scanned directories: 0
Scanned files: 1
Infected files: 0
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 0.002 sec (0 m 0 s)
--
root at sv1 [/root/test]# echo test > test.exe
root at sv1 [/root/test]# cat test.exe
test
root at sv1 [/root/test]# printf test|sigtool --hex-dump
74657374
root at sv1 [/root/test]# cat test.ndb
test:0:*:74657374
root at sv1 [/root/test]# clamscan -d test.ndb test.exe
test.exe: OK
----------- SCAN SUMMARY -----------
Known viruses: 1
Engine version: 0.98.1
Scanned directories: 0
Scanned files: 1
Infected files: 0
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 0.002 sec (0 m 0 s)
root at sv1 [/root/test]# sigtool --test-sigs=test.ndb test.exe
VIRUS NAME: test
TARGET TYPE: ANY FILE
OFFSET: *
MATCH: ** YES ** (1 match at offset: 0)
More information about the clamav-users
mailing list