I’m writing some code (Python, but really isn’t important) that analyzes strings inside PE files. I’m looking for a command line tool I could invoke that will return the complete list of strings inside the PE file.
I know PEDUMP, but it seems to give incomplete strings.
Also, it is very important that this tool would be able to handle with different type of strings, such as C-strings (NULL terminated), Pascal-strings (length prefix), etc.
I found “string extractor” here, but it costs money and I’m not sure if it can handle different type of strings.
Do you know of any tool that answers my requirements?
There’s the classic unix program
stringswhich does exactly this.Although
stringsisn’t specifically designed to handle Pascal-style strings, it will dump them out anyway because they will appear to be textual data.Some implementations of
stringscan handle Unicode (UTF-8 and UTF-16) strings too.