<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  <meta http-equiv="Content-Style-Type" content="text/css" />
  <meta name="generator" content="pandoc" />
  <title></title>
  <style type="text/css">code{white-space: pre;}</style>
  <link rel="stylesheet" href="/en/github.css" type="text/css" />
</head>
<body>
<h1 id="passwords-for-archive-files-experimental">Passwords for archive files [experimental]</h1>
<p>ClamAV 0.99 allows for users to specify password attempts for certain password-compatible archives. Passwords will be attempted in order of appearance in the password signature file which use the extension of <code>.pwdb</code>. If no passwords apply or none are provided, ClamAV will default to the original behavior of parsing the file. Currently, as of ClamAV 0.99 [flevel 81], only <code>.zip</code> archives using the traditional PKWARE encryption are supported. The signature format is</p>
<pre>
    SignatureName;TargetDescriptionBlock;PWStorageType;Password
</pre>
<p>where:</p>
<ul>
<li><p><code>SignatureName</code>: name to be displayed during debug when a password is successful</p></li>
<li><code>TargetDescriptionBlock</code>: provides information about the engine and target file with comma separated Arg:Val pairs</li>
<li><code>Engine:X-Y</code>: Required engine functionality level. See the <a href="../../UserManual/Signatures/FunctionalityLevels.html">FLEVEL reference</a> for details.</li>
<li><p><code>Container:CL_TYPE_*</code>: File type of applicable containers</p></li>
<li><code>PWStorageType</code>: determines how the password field is parsed</li>
<li>0 = cleartext</li>
<li><p>1 = hex</p></li>
<li><p><code>Password</code>: value used in password attempt</p></li>
</ul>
<p>The signatures for password attempts are stored inside <code>.pwdb</code> files.</p>
</body>
</html>