2

Is there a Linux tool out there that locates a bit sequence given in hexadecimal representation in a binary file no matter how those bits are aligned in the file?

Example: I want to locate the two byte long sequence f2 40 in a binary file. The perfectly aligned representation f2 40 can easily be found using hd and grep. But I also want to find 01 e4 80, d3 e4 81 or ff e4 80 (which all include f2 40 shifted by one bit to the left).

Improve this question

1 Answer 1

Reset to default
3

Interesting task!

Here is a simple 1-line C++ filter that you can use:

#include <bitset>
#include <iostream>

int main()
{
    for (char ch; std::cin.get(ch); std::cout << std::bitset<8>(ch));
}

Use it like this:

cat file.bin | binfilter | grep '1111001001000000'

You might want to improve the filter to print address identifications (like xxd or od do for octal/dex dumps). Alternatively, you can do the matching in C++.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Thanks for your answer. I thought of writing a simple script/tool myself. However, my question was if there already exists a tool for that purpose.
@MBober: I guess you have my answer :)
Let's keep this unanswered for a bit and see if anyone mentions an already existing tool. If not, I will accept your answer.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.