Linux binary read file

5 Commands to View the Content of a File in Linux Command Line

If you are new to Linux and you are confined to a terminal, you might wonder how to view a file in the command line.

Reading a file in Linux terminal is not the same as opening file in Notepad. Since you are in the command line mode, you should use commands to read file in Linux.

Don’t worry. It’s not at all complicated to display a file in Linux. It’s easy as well essential that you learn how to read files in the line.

Here are five commands that let you view the content of a file in Linux terminal.

5 commands to view files in Linux

Before you how to view a file in Unix like systems, let me clarify that when I am referring to text files here. There are different tools and commands if you want to read binary files.

1. Cat

This is the simplest and perhaps the most popular command to view a file in Linux.

Cat simply prints the content of the file to standard display i.e. your screen. It cannot be simpler than this, can it?

cat displays the content of the file on the screen

Cat becomes a powerful command when used with its options. I recommend reading this detailed tutorial on using cat command.

The problem with cat command is that it displays the text on the screen. Imagine if you use cat command with a file that has 2000 lines. Your entire screen will be flooded with the 200 lines and that’s not the ideal situation.

So, what do you do in such a case? Use less command in Linux (explained later).

The nl command is almost like the cat command. The only difference is that it prepends line numbers while displaying the text in the terminal.

nl command displays text with line numbers

There are a few options with nl command that allows you to control the numbering. You can check its man page for more details.

3. Less

Less command views the file one page at a time. The best thing is that you exit less (by pressing q), there are no lines displayed on the screen. Your terminal remains clean and pristine.

I strongly recommend learning a few options of the Less command so that you can use it more effectively.

There is also more command which was used in olden days but less command has more friendly features. This is why you might come across the humorous term ‘less is more’.

4. Head

Head command is another way of viewing text file but with a slight difference. The head command displays the first 10 lines of a text file by default.

You can change this behavior by using options with head command but the fundamental principle remains the same: head command starts operating from the head (beginning) of the file.

5. Tail

Tail command in Linux is similar and yet opposite to the head command. While head command displays file from the beginning, the tail command displays file from the end.

By default, tail command displays the last 10 lines of a file.

Head and Tail commands can be combined to display selected lines from a file. You can also use tail command to see the changes made to a file in real time.

Bonus: Strings command

Okay! I promised to show only the commands for viewing text file. And this one deals with both text and binary files.

Strings command displays the readable text from a binary file.

No, it doesn’t convert binary files into text files. If the binary file consists of actual readable text, strings command displays those text on your screen. You can use the file command to find the type of a file in Linux.

Conclusion

Some Linux users use Vim to view the text file but I think that’s overkill. My favorite command to open a file in Linux is the less command. It leaves the screen clear and has several options that makes viewing text file a lot easier.

Since you now know ways to view files, maybe you would be interested in knowing how to edit text files in Linux. Cut and Paste are two such commands that you can use for editing text in Linux terminal. You may also read about creating files in Linux command line.

Источник

10 ways to analyze binary files on Linux | Opensource.com

These simple commands and tools can help you sail through the task of analyzing binary files.

Tux by lewing@isc.tamu.edu Larry Ewing and The GIMP; binary image by geralt via Pixabay; modified by Jen Wike Huger

Subscribe now

Get the highlights in your inbox every week.

«There are 10 types of people in this world: those who understand binary and those who don’t.»

Linux provides a rich set of tools that makes analyzing binaries a breeze! Whatever might be your job role, if you are working on Linux, knowing the basics about these tools will help you understand your system better.

In this article, we will cover some of the most popular of these Linux tools and commands, most of which will be available natively as part of your Linux distribution. If not, you can always use your package manager to install and explore them. Remember: learning to use the right tool at the right occasion requires plenty of patience and practice.

What it does: Help to determine the file type.

This will be your starting point for binary analysis. We work with files daily. Not everything is an executable type; there is a whole wide range of file types out there. Before you start, you need to understand the type of file that is being analyzed. Is it a binary file, a library file, an ASCII text file, a video file, a picture file, a PDF, a data file, etc.?

The file command will help you identify the exact file type that you are dealing with.

What it does: Print shared object dependencies.

If you have already used the file command above on an executable binary, you can’t miss the «dynamically linked» message in the output. What does it mean?

When software is being developed, we try not to reinvent the wheel. There are a set of common tasks that most software programs require, like printing output or reading from standard in, or opening files, etc. All of these common tasks are abstracted away in a set of common functions that everybody can then use instead of writing their own variants. These common functions are put in a library called libc or glibc.

How does one find which libraries the executable is dependent on? That’s where ldd command comes into the picture. Running it against a dynamically linked binary shows all its dependent libraries and their paths.

ltrace

What it does: A library call tracer.

We now know how to find the libraries an executable program is dependent on using the ldd command. However, a library can contain hundreds of functions. Out of those hundreds, which are the actual functions being used by our binary?

The ltrace command displays all the functions that are being called at run time from the library. In the below example, you can see the function names being called, along with the arguments being passed to that function. You can also see what was returned by those functions on the far right side of the output.

Hexdump

What it does: Display file contents in ASCII, decimal, hexadecimal, or octal.

Often, it happens that you open a file with an application that doesn’t know what to do with that file. Try opening an executable file or a video file using vim; all you will see is gibberish thrown on the screen.

Opening unknown files in Hexdump helps you see what exactly the file contains. You can also choose to see the ASCII representation of the data present in the file using some command-line options. This might help give you some clues to what kind of file it is.

strings

What it does: Print the strings of printable characters in files.

If Hexdump seems a bit like overkill for your use case and you are simply looking for printable characters within a binary, you can use the strings command.

When software is being developed, a variety of text/ASCII messages are added to it, like printing info messages, debugging info, help messages, errors, and so on. Provided all this information is present in the binary, it will be dumped to screen using strings.

readelf

What it does: Display information about ELF files.

ELF (Executable and Linkable File Format) is the dominant file format for executable or binaries, not just on Linux but a variety of UNIX systems as well. If you have utilized tools like file command, which tells you that the file is in ELF format, the next logical step will be to use the readelf command and its various options to analyze the file further.

Having a reference of the actual ELF specification handy when using readelf can be very useful. You can find the specification here.

objdump

What it does: Display information from an object file.

Binaries are created when you write source code which gets compiled using a tool called, unsurprisingly, a compiler. This compiler generates machine language instructions equivalent to the source code, which can then be executed by the CPU to perform a given task. This machine language code can be interpreted via mnemonics called an assembly language. An assembly language is a set of instructions that help you understand the operations being performed by the program and ultimately being executed on the CPU.

objdump utility reads the binary or executable file and dumps the assembly language instructions on the screen. Knowledge of assembly is critical to understand the output of the objdump command.

Remember: assembly language is architecture-specific.

strace

What it does: Trace system calls and signals.

If you have used ltrace, mentioned earlier, think of strace being similar. The only difference is that, instead of calling a library, the strace utility traces system calls. System calls are how you interface with the kernel to get work done.

To give an example, if you want to print something to the screen, you will use the printf or puts function from the standard library libc; however, under the hood, ultimately, a system call named write will be made to actually print something to the screen.

What it does: List symbols from object files.

If you are working with a binary that is not stripped, the nm command will provide you with the valuable information that was embedded in the binary during compilation. nm can help you identify variables and functions from the binary. You can imagine how useful this would be if you don’t have access to the source code of the binary being analyzed.

To showcase nm, we will quickly write a small program and compile it with the -g option, and we will also see that the binary is not stripped by using the file command.

What it does: The GNU debugger.

Well, not everything in the binary can be statically analyzed. We did execute some commands which ran the binary, like ltrace and strace; however, software consists of a variety of conditions that could lead to various alternate paths being executed.

The only way to analyze these paths is at run time by having the ability to stop or pause the program at any given location and being able to analyze information and then move further down.
That is where debuggers come into the picture, and on Linux, gdb is the defacto debugger. It helps you load a program, set breakpoints at specific places, analyze memory and CPU register, and do much more. It complements the other tools mentioned above and allows you to do much more runtime analysis.

One thing to notice is, once you load a program using gdb, you will be presented with its own (gdb) prompt. All further commands will be run in this gdb command prompt until you exit.

We will use the «hello» program that we compiled earlier and use gdb to see how it works.

Conclusion

Once you are comfortable with using these native Linux binary analysis tools and understanding the output they provide, you can then move onto more advanced and professional open source binary analysis tools like radare2.

Источник

Execute Binary Files In Linux

Linux has many format options for running applications from deb to rpm and the new formats snap and flatpak. Binary files can be in .bin or .run formats and although this can be easy to install it can be hard to remove and need an extra trick and a little experience to complete the removal.

Some of the .bin and .run files need root privileges to install or run the applications. For being able to install the applications you need to run it with sudo command.

‘sudo’ Command

Sudo permits the user to execute a command as a superuser (with higher privileges or root permissions).​

On the example below, you can notice that trying to update using the terminal without root privileges gives you a permission error message.

Running Binary Types (.bin and .run)

There are two ways to run binary applications, one is through the user interface and the other is going to the terminal.

User Interface Option

To Install using the user interface, first, you need to make the file executable. To make the file executable first, right-click on the binary file and then properties and go to permissions. On Permissions thick the checkbox with the option allows executing the file as program close the program and double click on the binary. If the file doesn’t run, just right-click on it and select run on the terminal to execute it.

Sometimes when you run the binary it takes a while to execute it if the file size is big. So be patient and wait for it. If it doesn’t try running it from terminal.

Terminal Option

To run it through terminal it’s not a hard task either. For being able to run it just make the file executable using chmod +x app-name.bin command and then execute it with ./app-name.bin.
​
Note that if the application doesn’t run with an error message permission denied with normal privileges you may need to use sudo ./app-name.bin​

Conclusion

Linux has many options for running or installing applications which is one of the good things of Open Source, binary files are just one out there. There are snap packages, Flatpak, deb and many more, some applications are available on these formats so it’s up to choose which one you prefer.

Источник