Strings: A Neat Hexdump Alternative278 words. Time to Read: About 2 minutes.
I was working through my most recent class, Application Security, and one of the exercises required us to find a secret message hidden in an image. Now, I know you can do this manually with
hexdump -C. That output looks something like this:
This is fine unless your image is huge or your secret message has a bunch of garbage bytes mixed into it for extra secrets. So I was trying to look up a way to get it to just kick out the ASCII output on its own so I could use other tools like
grep to search through it, when I stumbled over a reference to the
strings command. What is the
strings - find the printable strings in a object, or other binary, file
Well, OK then! Granted, when you read through the man page for it, it proclaims itself as a very simple string-finding algorithm, but good as a first easy pass.
Instead of the above
hexdump output, you get something like this:
B*M)M1, a&%5 %PJ) XJ)FO KL\I!D Y}RJ
Which is way more searchable,
Take this image here:
Cute puppy, right? Yes, but it is also a puppy full of secrets.
Give it a try. Download it and then run:
Find anything fun?
This method won’t find every hidden string in every secret image or binary file, but it’s a quick, easy command and much more useful than
hexdump for some things!