Using strings for static analysis

October 24, 2016
static-analysis

What is `strings`

A quick lookup in the man pages gives us the following short description.

strings - find the printable strings in a object, or other binary, file

What’s inside /bin/ls?

$ strings /bin/ls
...
%s%s %*u %-*s  %-*s
%-*s
%3d, 0x%08x
warn: LSCOLORS should use characters a-h instead of 0-9 (see the manual page)
error: invalid character '%c' in LSCOLORS env var
allow
read
list
...

This is just a snippet of strings for this particular binary. As you can see, we have some format strings, some errors and some other keywords.

Read more