Linux Command to find Strings in Binary or non ascii file

Question

Is there any linux command to extracts all the ascii strings from an executable or other binary file? I suppose I could do it with a grep, but I remember hearing somewhere that such a command existed?

drAlberT · Accepted Answer · 2016-05-06T21:24:03.307

89

The command you are looking for is strings

Its name is quite self-explanatory, it retrieves any printable string from a given file.

man strings gives:

STRINGS(1)

NAME
strings - find the printable strings in a object, or other binary, file

SYNOPSIS
strings [ - ] [ -a ] [ -o ] [ -t format ] [ -number ] [ -n number ] [--] [file ...]

edited May 06 '16 at 21:24

answered Aug 07 '09 at 14:22

drAlberT

10,949
7
39
52

In some use cases, white space, including newlines, is considered "ascii". GNU `strings` option `-w` (`--include-all-whitespace`) might help in those cases. – Rainer Blome Jan 13 '22 at 12:48
1

awesome! I didn't know such command existed. Now I can finally grep files containing a mixture of text and non-printable data. – user1593842 Jan 13 '22 at 17:51

score 17 · Answer 2 · answered Mar 02 '10 at 15:14

17

The strings command is the way to go for this particular type of problems. Sometimes you also have to pipe it out to grep.

For example:

strings somebinaryfile | grep textuwanttofind

answered Mar 02 '10 at 15:14

luis.espinal

459
3
6

score 5 · Answer 3 · answered Aug 07 '09 at 14:22

5

The command does exist, and is called.... strings!

answered Aug 07 '09 at 14:22

Mark

2,856
20
13

score 4 · Answer 4 · answered Jun 28 '16 at 13:19

A problem with using strings is that you don't see surrounding non printables and you have to be careful with the minimum string length.

A problem using

od -c FILE

or

hexdump -C FILE

is that a sequence can be difficult to find if it wraps a line.

Something I like a lot for this is ZTreeWin running in WINE on Linux - you can do a lot with it but the searching in any file or editing binaries can be particularly useful.

The awesome ytree package is available for many Linux and Unix variants and has a good Hex dump view of any file but doesn't have the search that ZTreeWin (and its 16bit predecessor, XTree) have.

score 3 · Answer 5 · answered Aug 07 '09 at 14:22

3

The od command can do this:

od -c *filename*

answered Aug 07 '09 at 14:22

Kyle Brandt

83,619
74
305
448

3

yeah, that does extract the ASCII characters, but it's not really the strings, per se. I think that 'strings' is more useful for the majority of cases. – user5336 Aug 07 '09 at 15:07

Mister_Tom · Answer 6 · 2023-08-29T21:16:11.947

If strings is not available (like with git-bash on Windows) - try something like this:

tr -d -c '[:print:]\n'

Explanation: Delete (-d) all characters other than printable and newline.

Complement (-c): gives the opposite/inverse of the translate character list. In this case all non-printable non-newline characters.

Reference for the tr (translate) command: https://www.gnu.org/software/coreutils/manual/html_node/tr-invocation.html

Similar answer from Stack Overflow: https://stackoverflow.com/a/55360597/226625

Linux Command to find Strings in Binary or non ascii file

6 Answers6

Linked