SHARE

6 Year Lifecycle linux kernel lts cycle

We all have to search through text files for strings from time to time. But what about when you need to search through a binary file for bits of text? Most of us don’t have to do that often, if ever. For those of you that haven’t tried it before, it’s not the easiest thing to do, but we’ll take a look at a program that makes it much simpler.

There are tonnes of tools (metric tonnes, not those little imperial ones) for search, parsing, dissecting, and manipulating text file, too many to count. We have the whole grep family (egrep, fgrep, mgrep, etc), then there’s awk, sed, tr, sort, and so many more. But they’re all made specifically for text files.

Have you ever try running a binary file through something like cat? It doesn’t come out like you might expect. You get a bunch of artifacts, some of which can make your terminal session go really wonky. If you’ve never done it before, you should. Just open a new terminal session and run the below command.

cat `which cat`

NOTE: Here we’re running which cat and passing the output to cat as an argument and effectively cat-ing cat. The which command simply helps us find where in our $PATH environmental variable the binary file is, in this case cat. On my OpenSUSE system that’s /usr/bin/cat, but that might be a little differently for you, which is what makes the which command so awesome.

As you can see, there’s a bunch of oddities and whatnot that the terminal looks like it’s having a hard time with. That’s completely normal and to be expected. If your terminal is acting weird now, just close it and reopen it, it will revert your session back to the default.

If you scrolled back at all, you will have undoubtedly found some text from inside the cat command. If you look far enough you’ll actually see the same output as running cat –help.

Now we’ll try using the strings program. It generally doesn’t require flag or arguments other than the file(s) you want to parse for text.

strings `which cat`

Trying this again with cat as the input file; we can see an immediate difference. The strings program omits everything that isn’t deemed text. There can be some bits that seep through because binary instructions can coincidently be the same as text, but they’re typically not difficult to spot.

It’s pretty nifty because now we can use it in conjunction with grep to find text much more efficiently.

strings `which cat` | grep license

Most programs in Linux will include a reference to their licensing somewhere, especially since many open source licenses dictate that the license should be provided with the program itself. You might be thinking that this program is mildly useful, and for most, it might not even be useful at all, but it doesn’t do just files.

To demonstrate how neat this program is, let’s try something more daring. We’re going to read some information out of the UEFI/BIOS of your computer. For this trick, you’ll need to be running Linux on a computer that was sold with Windows 8 or higher (and sudo access). We’re going to read the Windows key right out of your motherboard’s firmware.

sudo strings /sys/firmware/acpi/tables/MSDM | tail -1

That’s one to keep up your sleeve to impress your friends.

Let us know what other interesting bits of information you find with strings in the comments below.

Also Read: The Ultimate A To Z List of Linux Commands