I am doing some kindof research on string match right now and I was trying to
use ClamAV-signatures(daily.ndb and main.ndb, obtained by sigtool) as a simulation source.
but I do not know how to retrieve the original signatures which are
encrypted with MD5 in a file format: ndb, right? so if I wanna turn
those encrypted sigs back,or say decrypt them, what exactly can I do?
thank you very much~
Really really appreciate your help~
some examples of .ndb rule: