ForensicsWiki will continue to operate as it has before and will not be shutting down. Thank you for your continued support of ForensicsWiki.

Difference between revisions of "Strings"

From ForensicsWiki
Jump to: navigation, search
m (Reverted edits by AknV5e (Talk); changed back to last version by Jessek)
Line 5: Line 5:
== External Links ==
== External Links ==
* [ Strings for Windows]
* [ Strings for Windows]
* [ Man page for BSD version of strings]
* [ Manual page for BSD version of strings]

Latest revision as of 18:50, 15 January 2008

Strings is a program that prints out any ASCII or Unicode strings in the input file. Forensic examiners can use strings to get a sense of the functionality of an unknown program. User prompts, error messages, and status messages can give hints, but should not be used as proof or lack or any functionality.

Most Linux distributions and other UNIX-like operating systems have a strings program included. There is a Windows version of strings by Microsoft's Mark Russinovich. Note that the Windows version prints an output header and searches for both ASCII and Unicode strings by default.

External Links