Exploring the contents of a binary or executable file to extract human-readable strings might not be a frequent task for everyone, but when you’re faced with such a challenge, opening the file in an editor and manually searching for information can be inefficient. Thankfully, there’s a command line utility designed just for this task.
The tool we’re discussing today is called Strings. In this guide, we’ll cover the basics of using this command with simple, illustrative examples. Note that all the examples in this article have been tested on an Ubuntu 16.04 LTS system.
Understanding the Linux Strings Command
The Strings command is used to print the sequences of printable characters found in files. Its syntax is as follows:
strings [OPTIONS] FILENAME
The man page provides a detailed description:
The GNU strings utility identifies sequences of printable characters in files... sequences must be at least 4 characters long unless another number is defined with options... strings is useful for inspecting the contents of non-text files.
Getting Started with Strings: Use Cases and Examples
Q1. How to utilize the strings command?
Using Strings is straightforward: simply supply the file name as input and execute the command. Since Strings is generally used for extracting information from binary/executable files, we’ll use one such file in our examples.
strings test
Here’s the output this command yielded on my system:
Q2. How to set a custom character limit with strings?
By default, Strings outputs sequences of at least 4 characters. To change this limit, use the -n option followed by your desired limit.
strings -n 2 test
The output now includes two and three-character strings.
Q3. How to display the offset of character sequences?
To have Strings display the offsets of the sequences in the output, use the -t option with an input character specifying the radix: ‘o’ for octal, ‘x’ for hexadecimal, or ‘d’ for decimal.
strings -t d test
The command output on my system:
Observe that the strings in the output are prefixed by their respective offsets.
Q4. How to command Strings to scan the entire file?
Strings might not always scan the entire file based on its configuration. However, to ensure that the tool reads the complete file, use the -a option.
strings -a test
To restrict Strings to only displaying strings from the initialized, loaded data sections, use the -d option.
strings -d test
Q5. How to modify the output separator?
By default, Strings uses a newline as a separator. If you wish to customize this separator, use the -s option followed by your preferred separator string.
strings -s [[[]]] test
Conclusion
The Strings command is a valuable tool for anyone who needs to extract and inspect the contents of binary or executable files. We’ve discussed several key command line options; practice these, and afterward, explore more on the tool’s man page for further knowledge.
Frequently Asked Questions (FAQ)
What types of files can Strings analyze?
Strings is primarily used for binary and executable files but can work with any file that might contain sequences of printable characters.
Can I use Strings on non-Linux systems?
Strings is a part of GNU Binutils and is available on various Unix-like systems. Its availability on non-Linux systems might vary and may require additional installation.
Is there a graphical interface for Strings?
Strings is primarily a command-line utility, and there is no native graphical interface. However, some text editors and IDEs might have similar functionality built-in or available as plugins.
How secure is it to use the Strings command?
Running Strings on a file doesn’t execute the file; it only reads and extracts text. However, always ensure you have permission to inspect the file contents legally and ethically.