gpt4 book ai didi

python - 如何从 MZ 可执行文件中提取 Unicode 字符序列?

转载 作者:行者123 更新时间:2023-11-28 16:48:49 25 4
gpt4 key购买 nike

我想从二进制(“.exe”)文件中获取 Unicode 字符串。

当我使用这样的代码时:

    `unicode_str = re.compile( u'[\u0020-\u007e]{1,}',re.UNICODE )`

它有效,但它只返回分隔的符号,所以当我尝试将量词更改为 3 时:

python : unicode_str = re.compile( u'[\u0020-\u007e]{3,}',re.UNICODE )

珀尔: 我的@a = ( $file =~/[\x{0020}-\x{007e}]{3,}/gs );

我只得到 ASCII 符号,所有 Unicode 符号都消失了。

我哪里弄错了,或者我对 Unicode 不了解?


评论中的代码:

python :

File = open( sys.argv[1], "rb" )
FileData = File.read()
File.close()
unicode_str = re.compile( u'[\u0020-\u007e]{3,}',re.UNICODE )
myList = unicode_str.findall(FileData)
for p in myList:
print p

Perl:

$/ = "newline separator";
my $input = shift;
open( File, $input );
my $file = <File>;
close( File );
my @a = ( $file =~ /[\x{0020}-\x{007e}]{3,}/gs );
foreach ( @a ) { print "$_\n"; }

最佳答案

有人已经编写了一个实用程序来执行您想要的操作:

http://technet.microsoft.com/en-us/sysinternals/bb897439.aspx

usage: strings [-a] [-f offset] [-b bytes] [-n length] [-o] [-q] [-s] [-u] <file or directory>

Strings takes wild-card expressions for file names, and additional command line parameters are defined as follows:

-a Ascii-only search (Unicode and Ascii is default)
-b Bytes of file to scan
-f File offset at which to start scanning.
-o Print offset in file string was located
-n Minimum string length (default is 3)
-q Quiet (no banner)
-s Recurse subdirectories
-u Unicode-only search (Unicode and Ascii is default)

To search one or more files for the presence of a particular string using strings use a command like this:

strings * | findstr /i TextToSearchFor

编辑:

如果您想在 Python 中实现它,请尝试此操作,但您必须确定要查找的 Unicode 字符范围,并将其作为 UTF-16LE 进行搜索。许多字符对看起来像有效的可打印 Unicode。我不知道 strings 使用什么算法

import re
data = open('c:/users/metolone/util/windiff.exe','rb').read()

# Search for printable ASCII characters encoded as UTF-16LE.
pat = re.compile(ur'(?:[\x20-\x7E][\x00]){3,}')
words = [w.decode('utf-16le') for w in pat.findall(data)]
for w in words:
print w

关于python - 如何从 MZ 可执行文件中提取 Unicode 字符序列?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/10637055/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com