When I successfully extract a file system from the firmware of an embedded system, the first thing that I do is run
strings looking for low hanging fruit or even potential command injection vulns.
What I wanted though is something that recursively checked all files of a directory for a specific string.
As we all know
grep has this functionality with the
-r flag but it doesn't handle binaries that well and
strings doesn't have a recursive option.
So I decided to write a quick script that uses
libmagic (the library behind the
file unix utility) to identify the file type and run the appropriate commands.
In one go we can just parse all the things!
I called the script Toby and you can find it here https://github.com/byt3bl33d3r/toby
Here's an example of me using it on a freshly extracted filesystem looking for the string
As you can see it detects the appropriate file type and parses the file. Really awesome and also a timesaver!
If it turns out to be useful for someone I might add a couple of more features to it that I had in mind.Go Top