llvm-strings

View documentation for the original command

$ tldr strings

llvm-strings [options] [file(s)]

-a, -all
    Scan the entire file for strings, regardless of section.

-bytes
    Specify the minimum length of strings to extract (default is 4).

-encoding
    Specify the encoding of the strings to extract (e.g., ascii, utf8, utf16). Defaults to autodetect.

-n
    Same as -bytes.

-print-file-name
    Prefix each string with the name of the file it was found in.

-help
    Display help information.

-version
    Display the version number.

The `llvm-strings` command is a utility, primarily part of the LLVM toolchain, designed to extract printable strings from binary or object files. It functions similarly to the standard `strings` command found on Unix-like systems. However, `llvm-strings` leverages LLVM's infrastructure, offering potential improvements in accuracy, handling of different file formats (including object files and executables), and performance. It can identify strings encoded in various formats (e.g., ASCII, UTF-8) within the specified files, making it valuable for reverse engineering, debugging, and security analysis. It can also filter strings based on minimum length and can specify a particular encoding to search for. While it is most useful with ELF and Mach-O files, it can often work with other binary formats as well. It's particularly helpful when inspecting compiled code, shared libraries, or other binary data to understand its functionality or identify embedded information.

The output of `llvm-strings` may include false positives, especially when scanning arbitrary binary data. The effectiveness depends on the encoding used and the structure of the input file. It is important to understand the format of the file being analyzed to interpret the extracted strings accurately.

Basic Usage:
llvm-strings my_program - Extracts strings from the file 'my_program'.

Minimum Length:
llvm-strings -bytes 8 my_library.so - Extracts strings with a minimum length of 8 characters from 'my_library.so'.

Specific Encoding:
llvm-strings -encoding utf16 my_file.dat - Extracts UTF-16 encoded strings from 'my_file.dat'.

Scan Entire File
llvm-strings -all my_file - Searches for string in all areas of the specified file, not just the data or text sections.

strings(1), objdump(1), nm(1)