0

i want to extract string out of a memory dump. i'm using windows xp,ruby 1.9-mingw

the dump file is generated by a tool -- HiperDrop.exe

Improve this question
2
  • Have you tried anything so far? Commented Jun 7, 2011 at 2:38
  • 1
    If you just want the strings, have you considered the strings(1) tool? Commented Jun 7, 2011 at 2:50

2 Answers 2

Reset to default
2

This should be a good start:

str = IO.read('/path/to/file', :mode => 'rb')
printable_chars = %r{[A-Za-z0-9`~!@#%^&*()-_=+|'";:/?.>,< \t\$\{\}\[\]\\]{10,}}
str.scan(printable_chars).each do |match|
  puts match
end

Of course, change '/path/to/file' to the location of the memory dump. You can also change the 10 at the end of the 2nd line to be some other minimum string length.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

I think sarnold above is right on the money. strings is a utility that's available in all *nix environments, and there are free equivalents available from Microsoft for Windows. Just call the program from Ruby and parse the output as you please.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.