strings
Extract and analyze printable strings from files for malware analysis. Specify minimum length, encoding, and additional options to customize the output.
Instructions
Extract printable strings from a file
Example usage:
Basic strings extraction: { "target": "suspicious.exe" }
With minimum length: { "target": "suspicious.exe", "minLength": 10 }
With encoding: { "target": "suspicious.exe", "encoding": "l" }
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| encoding | No | String encoding (s=7-bit, S=8-bit, b=16-bit big-endian, l=16-bit little-endian, etc.) | |
| minLength | No | Minimum string length to display | |
| options | No | Additional command-line options | |
| target | Yes | Target file or data to analyze |
Implementation Reference
- serverMCP.js:129-163 (handler)Generic handler for executing specialized MCP tools like 'strings': parses arguments with schema, builds shell command using tool config, executes via terminalManager, and returns execution result including PID.// Check if this is a specialized command if (commands[name]) { try { const cmdConfig = commands[name]; // Validate arguments against schema const validationResult = cmdConfig.schema.safeParse(args); if (!validationResult.success) { return { content: [{ type: "text", text: `Error: Invalid parameters for ${name} command.\n${JSON.stringify(validationResult.error.format())}` }], isError: true, }; } // Build the command string const commandStr = cmdConfig.buildCommand(validationResult.data); console.error(`Executing specialized command: ${commandStr}`); // Execute the command via the terminal manager const result = await terminalManager.shellCommand(commandStr); console.error(`${name} command executed with PID: ${result.pid}, blocked: ${result.isBlocked}`); return { content: [{ type: "text", text: JSON.stringify(result) }], }; } catch (error) { console.error(`Error executing ${name} command:`, error); return { content: [{ type: "text", text: `Error: ${error instanceof Error ? error.message : String(error)}` }], isError: true, }; }
- commands.js:44-47 (schema)Zod input schema for the 'strings' tool, extending base schema with minLength and encoding parameters.schema: baseCommandSchema.extend({ minLength: z.number().optional().describe("Minimum string length to display"), encoding: z.enum(['s', 'S', 'b', 'l', 'B', 'L']).optional().describe("String encoding (s=7-bit, S=8-bit, b=16-bit big-endian, l=16-bit little-endian, etc.)") }),
- serverMCP.js:112-117 (registration)Dynamically registers all specialized tools from commands config (including 'strings') in the MCP listTools response by mapping to tool metadata.// Generate tools from commands configuration const specializedTools = Object.values(commands).map(cmd => ({ name: cmd.name, description: cmd.description + (cmd.helpText ? '\n' + cmd.helpText : ''), inputSchema: zodToJsonSchema(cmd.schema), }));
- commands.js:48-60 (helper)Helper function specific to 'strings' tool that constructs the shell command ('strings [options] target') based on validated input arguments.buildCommand: (args) => { let options = args.options ? args.options : ''; if (args.minLength) { options += ` -n ${args.minLength}`; } if (args.encoding) { options += ` -e ${args.encoding}`; } return `strings ${options} ${args.target}`; },