Ubuntu strings 实用技巧
一、核心用法速览
strings /usr/bin/ls | headstrings -n 8 /usr/bin/ls | headstrings -t x /usr/bin/ls | head(十六进制偏移)、strings -t d 为十进制strings -e l(小端)、strings -e b(大端)、strings -e S(UTF-16/32)strings -Vstrings -a /path/to/binary | lessstrings /usr/bin/ls | grep -i "usage"、strings /usr/bin/ls | grep -E "error|fail|warn"二、高效筛选与定位
strings -t x /usr/bin/ls | awk '$1 ~ /^0x[78]/ {print $2}' | sort -ustrings /usr/bin/ls | grep -E "cannot|denied|invalid" | sort -ustrings /usr/bin/ls | grep -Eo 'https?://[^"]+'file /usr/bin/ls;objdump -s /usr/bin/ls | grep -i "string";readelf -p .rodata /usr/bin/ls | lessstrings /usr/bin/ls | sort | uniq -c | sort -nr | headstrings -a big.bin | less -Sstrings /usr/bin/ls | grep -A2 -B2 "segmentation"三、实战场景与命令组合
strings core | grep -i "exception\|abort\|segfault" | headstrings /usr/bin/curl | grep -E "HTTP/|libcurl|TLS" | sort -ustrings /usr/bin/app | grep -Ei "password|secret|token|key" | sort -ustrings /usr/bin/app | grep -E "v[0-9]+\.[0-9]+\.[0-9]+" | sort -ustrings /usr/bin/ls | head 与 strings /usr/bin/ls | head(在不同架构环境下执行)diff <(strings v1/app) <(strings v2/app) | grep -E "^\+|^-"四、排错与最佳实践
sudo 或切换到 root,确保可读
sudo strings /usr/sbin/sshd | head-e 指定编码(如 UTF-16/32)
strings -e S /path/to/binary | grep "关键字"-a
strings -a suspicious.bin | lessless -S 分页,或用 head/tail 限制输出
strings -a huge.bin | less -Sgrep/awk/sort -u 精炼结果
