In my previous question (Hexadecimal virus signatures database), I asked where I can get a hex virus signature database, and the answer was: ClamAV. So I downloaded the "main.cvd" databas开发者_StackOverflow社区e and was told that it was a compressed tar file. I have two questions to ask:
- are the signatures in hex format (of course when uncompressed)?
- how do I uncompress the "main.cvd" file to view its contents, do i just rename it to main.tar and then uncompress it?
I was able to do It by using a text editor and removing the first 512 bytes. Then renamed the file extension to .tar.gz and opened it using winrar
Run:
dd if=main.cvd of=clamav_main.tar.gz skip=1 bs=512
tar zxvf clamav_main.tar.gz
chmod 700 *
I have found this one-line set of commands to work nicely:
xxd -ps -s 512 <CVD-FILE> | xxd -r -ps | tar -zx
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论