Linux Command to find Strings in Binary or non ascii file

linux grep binary strings

116,095

Solution 1

The command you are looking for is strings

Its name is quite self-explanatory, it retrieves any printable string from a given file.

man strings gives:

STRINGS(1)

NAME
strings - find the printable strings in a object, or other binary, file

SYNOPSIS
strings [ - ] [ -a ] [ -o ] [ -t format ] [ -number ] [ -n number ] [--] [file ...]

Solution 2

The strings command is the way to go for this particular type of problems. Sometimes you also have to pipe it out to grep.

For example:

strings somebinaryfile | grep textuwanttofind

Solution 3

The command does exist, and is called.... strings!

Solution 4

A problem with using strings is that you don't see surrounding non printables and you have to be careful with the minimum string length.

A problem using

od -c FILE

hexdump -C FILE

is that a sequence can be difficult to find if it wraps a line.

Something I like a lot for this is ZTreeWin running in WINE on Linux - you can do a lot with it but the searching in any file or editing binaries can be particularly useful.

The awesome ytree package is available for many Linux and Unix variants and has a good Hex dump view of any file but doesn't have the search that ZTreeWin (and its 16bit predecessor, XTree) have.

Solution 5

The od command can do this:

od -c *filename*

View more solutions

116,095

Ethan Heilman

Security Hobbyist, Cryptography Researcher, Software Engineer Github: https://github.com/EthanHeilman Hackernews: http://news.ycombinator.com/user?id=EthanHeilman Twitter: https://twitter.com/Ethan_Heilman Tumblr: http://ethanheilman.tumblr.com/ ResearchGate: http://www.researchgate.net/profile/Ethan_Heilman/ Want jobbers? http://pubget.com/jobs Bored? Play FlipIt: http://ethanheilman.github.com/flipIt/playable_with_instructions.html Blog entries: A Look at Security Through Obesity. Castle meet Cannon: What to do after you lose? FlipIt: An Interesting Game.

Updated on September 17, 2022

Comments

Ethan Heilman over 1 year

Is there any linux command to extracts all the ascii strings from an executable or other binary file? I suppose I could do it with a grep, but I remember hearing somewhere that such a command existed?
user5336 almost 15 years

yeah, that does extract the ASCII characters, but it's not really the strings, per se. I think that 'strings' is more useful for the majority of cases.
Kyle Brandt almost 15 years

Ya, didn't know about that command, but I do now! AlberT got my '+1' :-)
Rainer Blome over 2 years

In some use cases, white space, including newlines, is considered "ascii". GNU strings option -w (--include-all-whitespace) might help in those cases.
user1593842 over 2 years

awesome! I didn't know such command existed. Now I can finally grep files containing a mixture of text and non-printable data.