hi, everyone, I am doing some kindof research on string match right now and I was trying to use ClamAV-signatures(daily.ndb and main.ndb, obtained by sigtool) as a simulation source. but I do not know how to retrieve the original signatures which are encrypted with MD5 in a file format: ndb, right? so if I wanna turn those encrypted sigs back,or say decrypt them, what exactly can I do?
thank you very much~ Really really appreciate your help~ P.S., some examples of .ndb rule: Trojan.Packed-6:1:EP+0:807c2408015690eb Email.Phishing.RB-1738:4:*:687474703a2f2f7777772e706f737465696e632e636f6d2f -- View this message in context: http://www.nabble.com/how-to-get-rid-of-the-MD5-in-.ndb-sig-files-tp24282870p24282870.html Sent from the clamav-users mailing list archive at Nabble.com. _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
