Convert raw binary file to ascii
I have a memory dump from a machine I am trying to analyze. I can view the file in a hex editor to see text strings in the binary code. I don't see a way to save these ascii representations of the binary, so I went digging into Python to see if there were any modules to help. I found one I think might do what I want it to do - the binascii module. Can anyone describe to me how to convert a raw binary file to an ascii file using this module. I've tried? Boy, I've tried. Am I correct in assuming I can get the converted binary to ascii text I see in a hex editor using this module? I'm new to this forensics thing and it's quite possible I am mixing technical terms. I am not new to Python, however. Thanks for your help. -- http://mail.python.org/mailman/listinfo/python-list
Re: Convert raw binary file to ascii
On Jul 27, 9:06 am, Peter Otten <[email protected]> wrote: > r2 wrote: > > I have a memory dump from a machine I am trying to analyze. I can view > > the file in a hex editor to see text strings in the binary code. I > > don't see a way to save these ascii representations of the binary, so > > I went digging into Python to see if there were any modules to help. > > > I found one I think might do what I want it to do - the binascii > > module. Can anyone describe to me how to convert a raw binary file to > > an ascii file using this module. I've tried? Boy, I've tried. > > That won't work because a text editor doesn't need any help to convert the > bytes into characters. If it expects ascii it just will be puzzled by bytes > that are not valid ascii. Also, it will happily display byte sequences that > are valid ascii, but that you as a user will see as gibberish because they > were meant to be binary data by the program that wrote them. > > > Am I correct in assuming I can get the converted binary to ascii text > > I see in a hex editor using this module? I'm new to this forensics > > thing and it's quite possible I am mixing technical terms. I am not > > new to Python, however. Thanks for your help. > > Unix has the "strings" commandline tool to extract text from a binary. > Get hold of a copy of the MinGW tools if you are on windows. > > Peter Okay. Thanks for the guidance. I have a machine with Linux, so I should be able to do what you describe above. Could Python extract the strings from the binary as well? Just wondering. -- http://mail.python.org/mailman/listinfo/python-list
Re: Convert raw binary file to ascii
On Jul 27, 10:11 am, Grant Edwards wrote: > On 2009-07-27, r2 wrote: > > > I have a memory dump from a machine I am trying to analyze. I can view > > the file in a hex editor to see text strings in the binary code. I > > don't see a way to save these ascii representations of the binary, > > $ strings memdump.binary >memdump.strings > > $ hexdump -C memdump.binary >memdump.hex+ascii > > -- > Grant Edwards grante Yow! I'm ZIPPY the PINHEAD > at and I'm totally committed > visi.com to the festive mode. Grant, Thanks for the commands! -- http://mail.python.org/mailman/listinfo/python-list
Re: Convert raw binary file to ascii
On Jul 27, 2:07 pm, Peter Otten <[email protected]> wrote: > r2 wrote: > > On Jul 27, 9:06 am, Peter Otten <[email protected]> wrote: > >> r2 wrote: > >> > I have a memory dump from a machine I am trying to analyze. I can view > >> > the file in a hex editor to see text strings in the binary code. I > >> > don't see a way to save these ascii representations of the binary, so > >> > I went digging into Python to see if there were any modules to help. > > >> > I found one I think might do what I want it to do - the binascii > >> > module. Can anyone describe to me how to convert a raw binary file to > >> > an ascii file using this module. I've tried? Boy, I've tried. > > >> That won't work because a text editor doesn't need any help to convert > >> the bytes into characters. If it expects ascii it just will be puzzled by > >> bytes that are not valid ascii. Also, it will happily display byte > >> sequences that are valid ascii, but that you as a user will see as > >> gibberish because they were meant to be binary data by the program that > >> wrote them. > > >> > Am I correct in assuming I can get the converted binary to ascii text > >> > I see in a hex editor using this module? I'm new to this forensics > >> > thing and it's quite possible I am mixing technical terms. I am not > >> > new to Python, however. Thanks for your help. > > >> Unix has the "strings" commandline tool to extract text from a binary. > >> Get hold of a copy of the MinGW tools if you are on windows. > > >> Peter > > > Okay. Thanks for the guidance. I have a machine with Linux, so I > > should be able to do what you describe above. Could Python extract the > > strings from the binary as well? Just wondering. > > As a special service for you here is a naive implementation to build upon: > > #!/usr/bin/env python > import sys > > wanted_chars = ["\0"]*256 > for i in range(32, 127): > wanted_chars[i] = chr(i) > wanted_chars[ord("\t")] = "\t" > wanted_chars = "".join(wanted_chars) > > THRESHOLD = 4 > > for s in sys.stdin.read().translate(wanted_chars).split("\0"): > if len(s) >= THRESHOLD: > print s > > Peter- Hide quoted text - > > - Show quoted text - Perfect! Thanks. -- http://mail.python.org/mailman/listinfo/python-list
