-
Notifications
You must be signed in to change notification settings - Fork 27
Sepero/SearchBin
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
SearchBin is a fast commandline program for searching within binary files. It's a bit like grep for binaries. It has three capabilities for searching. -Search for bytes using hexidecimal -Search for a plain text string -Search for a smaller binary file Syntax: searchbin.py -t PATTERN [FILE [FILE...]] searchbin.py -p PATTERN [FILE [FILE...]] searchbin.py -f FILE [FILE [FILE...]] EXAMPLES Search for the hex bytes "FF14DE" in the file gamefile.db: $ ./searchbin.py -p "FF14DE" gamefile.db Match at offset: 907 38B in gamefile.db Match at offset: 1881 759 in gamefile.db Match at offset: 7284 1C74 in gamefile.db Match at offset: 7420 1CFC in gamefile.db Match at offset: 8096 1FA0 in gamefile.db The printed offsets are listed in decimal and hexidecimal formats. You can also search for unknown patterns with "??". Just insert them where ever you have an unknown byte: $ ./searchbin.py -p "FF??DE" gamefile.db You can search through multiple files at once, and search piped input: $ ./searchbin.py -p "FF??EE" gamefile.db supersecret.idx $ cat gamefile.db | ./searchbin -p "FF??EE" You can also search using regular text strings and other binary files. $ ./searchbin.py -t "hello" gamefile.db $ ./searchbin.py -f binaryfile gamefile.db Options of SearchBin: $ ./searchbin.py --help Optional Arguments: -h, --help show help message and exit -f FILE, --file FILE file to read search pattern from -t PATTERN, --text PATTERN a (non-unicode case-sensitive) text string to search for -p PATTERN, --pattern PATTERN a hexidecimal pattern to search for -b NUM, --buffer-size NUM read buffer size (in bytes). default is 8388608 (8MB) -s NUM, --start NUM starting position in file to begin searching -e NUM, --end NUM end search at this position, measuring from beginning of file -m NUM, --max-count NUM maximum number of matches to find -l FILE, --log FILE write matched offsets to FILE, instead of standard output -v, --verbose verbose, output the number of bytes searched after each buffer read -V, --version print version information Extra Notes: An argument -t or -p or -f is required. The -p argument accepts a hexidecimal pattern string and allows for missing characters, such as 'FF??FF'. When using -f argument, the pattern file will be read as a binary file (not hex strings). If no search files are specified, %prog will read from standard input. The minimum memory required is about 3 times the size of the pattern byte length. Increasing buffer-size will increase program search speed for large search files. All size arguments (-b -s -e) are read in decimal format, for example: '-s 1024' will start searching after 1kilobyte. Pattern files do not allow for wildcard matching. Reported matches are displayed as 0-based offset. Further Examples: Search for the text string "Tom" in myfile.exe. Text is case sensitive. ./searchbin.py -t "Tom" myfile.exe Search for the text string "T?m" in myfile.exe, where ? is a wildcard. This will match "Tom" "Tim" "Twm" and all other variations, including non-printing bytes. ./searchbin.py -t "T?m" myfile.exe Search for the hexidecimal pattern "AABBCCDDEE" in myfile.exe. ./searchbin.py -p "AABBCCDDEE" myfile.exe Searches for the hexidecimal pattern "AA??CC??EE" in myfile.exe, where ?? can be any byte value. ./searchbin.py -p "AA??CC??EE" myfile.exe Takes the binary file pattern.bin, and searches for an exact match within myfile.exe. ./searchbin.py -f pattern.bin myfile.exe Features: +No compiling necessary +Requires Python 2.7 or Python 3 +Less code +Search in files of unlimited size keywords: hex hexidecimal binary like grep search seek find fast Please report bugs & feature requests to sepero 111 @ gmx . com or https://github.com/Sepero/SearchBin/issues or http://seperohacker.blogspot.com/2012/04/binary-grep-program-searchbin.html NOTE: This program is no longer being maintained. I attempted to make the code easily readable and well documented. Please fork it and make something even greater!
About
Search within binary files for a string, hex, or even another binary file
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published