DEV Community

Cover image for Strings: A Neat Hexdump Alternative
Ryan Palo
Ryan Palo

Posted on • Originally published at assertnotmagic.com

9

Strings: A Neat Hexdump Alternative

I was working through my most recent class, Application Security, and one of the exercises required us to find a secret message hidden in an image. Now, I know you can do this manually with hexdump -C. That output looks something like this:

A screenshot of the output of hexdump, showing rows of hex data with a sidebar of ASCII text.

This is fine unless your image is huge or your secret message has a bunch of garbage bytes mixed into it for extra secrets. So I was trying to look up a way to get it to just kick out the ASCII output on its own so I could use other tools like grep to search through it, when I stumbled over a reference to the strings command. What is the strings command?

strings - find the printable strings in a object, or other binary, file

Well, OK then! Granted, when you read through the man page for it, it proclaims itself as a very simple string-finding algorithm, but good as a first easy pass.

Instead of the above hexdump output, you get something like this:



B*M)M1,
a&%5
%PJ)
XJ)FO
KL\I!D
Y}RJ


Enter fullscreen mode Exit fullscreen mode

Which is way more searchable, awkable, etc.!

Take this image here:

A cute picture of a puppy.

Cute puppy, right? Yes, but it is also a puppy full of secrets.

Give it a try. Download it and then run:



strings secret_puppy.png


Enter fullscreen mode Exit fullscreen mode

Find anything fun?

This method won’t find every hidden string in every secret image or binary file, but it’s a quick, easy command and much more useful than hexdump for some things!

Speedy emails, satisfied customers

Postmark Image

Are delayed transactional emails costing you user satisfaction? Postmark delivers your emails almost instantly, keeping your customers happy and connected.

Sign up

Top comments (3)

Collapse
 
skhmt profile image
Mike 🐈‍⬛

Huh, I've never seen text just appended to an image or binary to hide it.
They usually just modify the least significant bit of each color channel in each pixel and use those to construct a new binary, so 2 pixels per byte/character (r, g, b, a).

Collapse
 
rpalo profile image
Ryan Palo

Yeah, I was looking for a quick and dirty way to do an example, but you're right. There are a lot more common and better ways to hide text in images. I knew they were out there, but I appreciate you explaining it here. Thanks!

Collapse
 
jessrud profile image
Jesse Rudolph

Unfortunately for future readers, cloud foundry converted it to a jpeg and destroyed your message!

I was able to download it from the original link embedded in the cloud foundry link though. Thats the kind of hacker I am, reverse engineering CDN stego clobbering.

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more

👋 Kindness is contagious

Immerse yourself in a wealth of knowledge with this piece, supported by the inclusive DEV Community—every developer, no matter where they are in their journey, is invited to contribute to our collective wisdom.

A simple “thank you” goes a long way—express your gratitude below in the comments!

Gathering insights enriches our journey on DEV and fortifies our community ties. Did you find this article valuable? Taking a moment to thank the author can have a significant impact.

Okay