Would you like to see the text in a binary or data file? The Linux
strings Command pulls out these text parts – so-called “strings” – for you.
Linux is full of commands that can look like solutions to solving problems. the
strings Orders definitely fall into this camp. Just what is its purpose? Is there any point in having a command that lists the printable strings from a binary file?
Let’s take a step back. Binary files – like program files – can contain strings of human readable text. But how do you get to see them? When you use
less You will likely have a hanging terminal window. Programs designed to work with text files do not do well when cycling through non-printable characters.
Most of the bytes in a binary file cannot be read and cannot reasonably be output in the terminal window. There are no characters or standard symbols used to represent binary values that match non-alphanumeric characters, punctuation marks, or spaces. Collectively, these are referred to as “printable” characters. The rest are “non-printable” characters.
Therefore, attempting to view or search a binary or data file for text strings is a problem. And that’s where
strings come in. It extracts Strings of printable characters from files so that other commands can use the strings without having to deal with non-printable characters.
Using the string command
There is nothing complicated about that
strings Command, and its basic usage is very simple. We indicate the name of the desired file
strings browse on the command line.
Here we are using strings for a binary file – an executable file – called “Jibber”. We type
strings, a space, “Jibber”, and then press Enter.
The strings are extracted from the file and listed in the terminal window.
Setting the minimum string length
By default, Strings searches for strings that are four or more characters long. To set a longer or shorter minimum length, use the
-n (Minimum length) option.
Note that the shorter the minimum length, the more likely you will see more junk.
Some binary values have the same numeric value as the value that represents a printable character. If two of these numeric values are adjacent in the file and you specify a minimum length of two, these bytes are reported as a string.
strings To use two as the minimum length, use the following command.
strings -n 2 jibber
The results now contain two-letter strings. Note that spaces are counted as printable characters.
Piping strings through less
Because of the length of the output of
strings, we will pass it through
less. We can then scroll through the file and look for text of interest.
strings jibber | less
The ad is now presented to us in
less, with the top of the list displayed first.
Using strings with object files
Typically, program source code files are compiled into object files. These are linked to library files to create a binary executable file. We have the Jibber object file on hand, so let’s take a look at that file. Note the file extension “.o”.
jibber.o | less
The first set of strings are all wrapped in column eight if they are longer than eight characters. If they have been broken, there will be an “H” character in column nine. You may recognize these strings as SQL statements.
Scrolling through the output shows that this formatting is not used throughout the file.
It’s interesting to see the differences in text strings between the object file and the finished executable.
Search in specific areas of the file
Compiled programs have different areas within them that are used to store text. By default,
strings searches the entire file for text. It’s like you’ve used that
-a (all) possibility. Use the
-d (Data) option.
strings -d jibber | less
Unless you have a compelling reason, you can also use the default setting and search the entire file.
Printing the string offset
We can have
strings Print the offset from the beginning of the file where each string is located. Use the
-o (Offset) option.
strings -o parse_phrases | less
The offset is in. specified Octal.
To display the offset in a different numeric base, e.g. For example, decimal or hexadecimal, use the
-t (Radix) option. Must follow the radix option
x (hexadecimal), or
o (Octal). Using
-t o is the same as using
strings -t d parse_phrases | less
The offsets are now printed in decimal.
strings -t x parse_phrases | less
The offsets are now printed in hexadecimal.
strings regards tabs and spaces as part of the found strings. Other spaces, such as line breaks and line breaks, are not treated as if they were part of the strings. the
-w (whitespace) option causes strings to treat all whitespace characters as if they were part of the string.
strings -w add_data | less
In the output we see the blank line created by the (invisible) carriage return and the line break characters at the end of the second line.
We’re not limited to files
We can use
strings with everything that is or can generate a byte stream.
With this command we can go through the random access memory (RAM) of our computer.
We have to use
sudo because we are accessing / dev / mem. This is a drawing device file that contains an image of your computer’s main memory.
sudo strings /dev/mem | less
The listing is not all of the contents of your RAM. It’s only the strings that can be extracted from it.
What does “everything is a file” mean in Linux?
Search many files at the same time
Wildcards can be used to select groups of files to search. the
* Character stands for multiple characters, and the
? Character stands for any single character. You can also specify many filenames on the command line.
We’re going to use a wildcard and search through all executable files in the / bin directory. Since the listing contains results from many files, we will use the
-f (Filename) option. This will print the file name at the beginning of each line. We can then see in which file each string was found.
We pass the results through grepand look for any strings that contain the word copyright.
strings -f /bin/* | grep Copyright
We get a neat listing of the copyright instructions for each file in the / bin directory, with the name of the file at the beginning of each line.
Strings are no secret; it’s a typical Linux command. It does something very specific and it does it very well.
It’s another cog of Linux, and it doesn’t really come to life until it starts working with other commands. When you see it like it between binaries and other tools like
grep, you are beginning to appreciate the functionality of this somewhat obscure command.
|Files||tar · pv · cat · tac · chmod · grep · difference · sed · With · man · pushed · popd · fsck · Test disk · seq · fd · pandoc · CD · $ PATH · awk · join · jq · wrinkles · unique · Journalctl · tail · stat · ls · fstab · echo · fewer · chgrp · chown · rev · look · Strings · Type · rename · Postal code · unzip · assemble · ummount · To install · fdisk · mkfs · rm · rmdir · rsync · df · gpg · weather · Nano · mkdir · from · ln · Patch · Convert · rclon · Scraps · srm|
|Processes||alias · screen · above · kind · renice · progress · strace · system · tmux · chsh · story · at · Batch · for free · which · dmesg · chfn · User mod · ps · chroot · xargs · tty · pinkie finger · lsof · vmstat · Time out · Wall · Yes sir · kill · sleep · sudo · it is · Time · groupadd · User mod · groups · lshw · switch off · start anew · Stop · switch off · passwd · lscpu · crontab · date · bg · fg|
|Networking||netstat · Ring · Trace route · ip · ss · who is · fail2ban · bmon · she · finger · nmap · ftp · curl · wget · who · who am I · w · iptables · ssh-keygen · ufw|
Best Linux Laptops for Developers and Enthusiasts