我想从二进制(“.exe”)文件中获取 Unicode 字符串。
当我使用这样的代码时:
`unicode_str = re.compile( u'[\u0020-\u007e]{1,}',re.UNICODE )`
它有效,但它只返回分隔的符号, 所以当我尝试将量词更改为 3 时:
python :
unicode_str = re.compile( u'[\u0020-\u007e]{3,}',re.UNICODE )
珀尔:
我的@a = ( $file =~/[\x{0020}-\x{007e}]{3,}/gs );
我只得到 ASCII 符号,所有 Unicode 符号都消失了。
我哪里弄错了,或者我对 Unicode 不了解?
评论中的代码:
python :
File = open( sys.argv[1], "rb" )
FileData = File.read()
File.close()
unicode_str = re.compile( u'[\u0020-\u007e]{3,}',re.UNICODE )
myList = unicode_str.findall(FileData)
for p in myList:
print p
Perl:
$/ = "newline separator";
my $input = shift;
open( File, $input );
my $file = <File>;
close( File );
my @a = ( $file =~ /[\x{0020}-\x{007e}]{3,}/gs );
foreach ( @a ) { print "$_\n"; }
最佳答案
有人已经编写了一个实用程序来执行您想要的操作:
http://technet.microsoft.com/en-us/sysinternals/bb897439.aspx
usage: strings [-a] [-f offset] [-b bytes] [-n length] [-o] [-q] [-s] [-u] <file or directory>
Strings takes wild-card expressions for file names, and additional command line parameters are defined as follows:
-a Ascii-only search (Unicode and Ascii is default)
-b Bytes of file to scan
-f File offset at which to start scanning.
-o Print offset in file string was located
-n Minimum string length (default is 3)
-q Quiet (no banner)
-s Recurse subdirectories
-u Unicode-only search (Unicode and Ascii is default)
To search one or more files for the presence of a particular string using strings use a command like this:
strings * | findstr /i TextToSearchFor
编辑:
如果您想在 Python 中实现它,请尝试此操作,但您必须确定要查找的 Unicode 字符范围,并将其作为 UTF-16LE 进行搜索。许多字符对看起来像有效的可打印 Unicode。我不知道 strings 使用什么算法
import re
data = open('c:/users/metolone/util/windiff.exe','rb').read()
# Search for printable ASCII characters encoded as UTF-16LE.
pat = re.compile(ur'(?:[\x20-\x7E][\x00]){3,}')
words = [w.decode('utf-16le') for w in pat.findall(data)]
for w in words:
print w
关于python - 如何从 MZ 可执行文件中提取 Unicode 字符序列?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/10637055/