Search for ANSI and UNICODE strings in binary files.
Syntax strings [-a] [-f offset] [-b bytes] [-n length] [-o] [-q] [-s] [-u] file_or_directory Key -a Ascii-only search (Unicode and Ascii is default) -b Bytes of file to scan -f File offset at which to start scanning. -o Print offset in file string was located -n Minimum string length (default is 3) -q Quiet (no banner) -s Recurse subdirectories -u Unicode-only search (Unicode and Ascii is default)
Strings just scans the file you pass it for UNICODE (or ASCII) strings of a default length of 3 or more UNICODE (or ASCII) characters.
if you run strings on a .jpg and one of them says 'This program cannot be run in DOS mode' that's no JPEG. Malware authors like to make Portable Executables that end in .gif/.jpg/etc to evade human checks. [source]
Search one or more files for the presence of a particular string:
strings *.dll | findstr /i TextToSearchFor
Search a jpg file for signs of executable code:
strings sample.jpg | findstr /i /c:"This program cannot be run in DOS mode"
“My advice is, don’t spend money on therapy. Spend it in a record store” ~ Wim Wenders
ANSI colors - Use ANSI colors in the terminal.
FINDSTR - Search for strings in files.
TYPE - Display the contents of a text file.