[명령어] strings

strings는 바이너리 파일에서 문자열을 추출하기 위한 툴입니다.

grep을 이용하여 원하는 문자열을 빠르게 확인할 수 있습니다.

ex)

 SSo@ubuntu: ~ $ stirngs [파일명] | grep [검색할 문자열]

1. 문자열의 위치 출력

-tx, -td, to 옵션을 사용하면 각각 16진수, 10진수, 8진수로 문자열의 위치를 출력함

-t 옵션 예

SSo@ubuntu: ~ $ stirngs -tx [파일명] | head -5

SSo@ubuntu: ~ $ stirngs -td [파일명] | head -5

SSo@ubuntu: ~ $ stirngs -to [파일명] | head -5

$man strings

NAME

       strings - find the printable strings in a object, or other binary, file

SYNOPSIS

       strings [ - ] [ -a ] [ -o ] [ -t format ] [ -number ] [ -n number ] [--] [file ...]

DESCRIPTION

       Strings  looks  for  ASCII  strings  in  a binary file or standard input.  Strings is useful for identifying random

       object files and many other things.  A string is any sequence of 4 (the default) or more printing characters ending

       with a newline or a null.  Unless the - flag is given, strings looks in all sections of the object files except the

       (__TEXT,__text) section.  If no files are specified standard input is read.

       The file arguments may be of the form libx.a(foo.o), to request information about only that object file and not the

       entire library.   (Typically this argument must be quoted, ``libx.a(foo.o)'', to get it past the shell.)

       The options to strings(1) are:

       -a     This  option  causes  strings  to  look  for  strings  in  all  sections  of  the object file (including the

              (__TEXT,__text) section.

       -      This option causes strings to look for strings in all bytes of the files (the default for non-object files).

       --     This option causes strings to treat all the following arguments as files.

       -o     Preceded each string by its offset in the file (in decimal).

       -t format

              Write  each string preceded by its byte offset from the start of the file.  The format shall be dependent on

              the single character used as the format option-argument:

       d      The offset shall be written in decimal.

       o      The offset shall be written in octal.

       x      The offset shall be written in hexadecimal.

       -number

              The decimal number is used as the minimum string length rather than the default of 4.

       -n number

              Specify the minimum string length, where the number argument is a  positive  decimal  integer.  The  default

              shall be 4.

       -arch arch_type

              Specifies the architecture, arch_type, of the file for strings(1) to operate on when the file is a universal

              file.  (See arch(3) for the currently know arch_types.)  The arch_type can be "all" to operate on all archi-

              tectures in the file.

SEE ALSO

       od(1)

BUGS

       The algorithm for identifying strings is extremely primitive.