Cover Image

Strings: A Neat Hexdump Alternative

278 words. Time to Read: About 2 minutes.

I was working through my most recent class, Application Security, and one of the exercises required us to find a secret message hidden in an image. Now, I know you can do this manually with hexdump -C. That output looks something like this:

A screenshot of the output of hexdump, showing rows of hex data with a sidebar of ASCII text.

This is fine unless your image is huge or your secret message has a bunch of garbage bytes mixed into it for extra secrets. So I was trying to look up a way to get it to just kick out the ASCII output on its own so I could use other tools like grep to search through it, when I stumbled over a reference to the strings command. What is the strings command?

strings - find the printable strings in a object, or other binary, file

Well, OK then! Granted, when you read through the man page for it, it proclaims itself as a very simple string-finding algorithm, but good as a first easy pass.

Instead of the above hexdump output, you get something like this:

B*M)M1,
a&%5
%PJ)
XJ)FO
KL\I!D
Y}RJ

Which is way more searchable, awkable, etc.!

Take this image here:

A cute picture of a puppy.

Cute puppy, right? Yes, but it is also a puppy full of secrets.

Give it a try. Download it and then run:

strings secret_puppy.png

Find anything fun?

This method won’t find every hidden string in every secret image or binary file, but it’s a quick, easy command and much more useful than hexdump for some things!

Author: Ryan Palo | Tags: bash cli steganography | Buy me a coffee Buy me a coffee

Like my stuff? Have questions or feedback for me? Want to mentor me or get my help with something? Get in touch! To stay updated, subscribe via RSS