LitFinder Wiki
LitFinder is a Java utility for locating string literals within files.
Brought to you by:
dcreager
Menu
▾
▴
ManPage
Manual Page
NAME
finder - a command line program that locates string literals in a variety of file types.
DESCRIPTION
LitFinder will search through a single file or completely traverse a directory searching its entire contents for a string literal. All files are searached as binary data allowing LitFinder to search through text files, compiled class files, all forms of archives (e.g. .zip, .jar, .war, and .ear) as well as compiled executables.
SYNOPSIS
Usage
finder [-dhv] [propsFile] [srchPath] [srchArg]
Options
| Option | Name | Description |
|---|---|---|
| -d | Debug Mode | Causes the Search buffer to be displayed in dump format |
| -h | Help | Displays usage and arguments help\n" |
| -v | Verbose | Displays the name of each Directory and File that is searched |
Properties File
A properties file, which by default is named "application.properties", is used to store less frequently modified option. This file is loaded from the Java class path and its name can be overridden by providing the alternate name as a command line argument.
The supported properties include:
| Property Name | Example | Description |
|---|---|---|
| SearchEngine.BUFFER_SIZE | 2048 | The size in bytes of the I/O buffer. Default(256). |
| SearchEngine.DUMP_REPL_CHAR | "." | The character displayed on dump lines in place of unprintable or unsearchable values. |
| SearchEngine.DUMP_FILTER | "[^A-Z^a-z^0-9^@^:^/^.]" | The set of characters that are to be replaced by the DUMP_REPL_CHAR on a dump line. |
| SearchEngine.FINDER_CLASSNAME | com.ko.na.finder.IPAddrFinder com.ko.na.finder.StringFinder |
The Java class file that will provide the file search function. The available classes are listed to the left. |
| StringFinder.SEARCH_REGEX | "jdbc:oracle:thin:@.:[0-9]:.{4}" | The default search criteria used by the StringFinder class. This can be overridden via command line arguments. |
Search Path
This is the location of the container to be searched. This container may be either a Directory or a File. When it specifies a Directory, full recursion is used to search the complete contents of the Directory. When it is a file, only that file will be searched. However, if the file specified is an archive such as a ZIP, JAR, WAR, or EAR, the individual members of the archive will be searched.
Default(".")
Search Argument
This argument is only applicable in conjunction with the com.ko.na.finder.StringFinder class, otherwise it will be ignored. It must contain a valid Java regular expression that specifies the string literal for which to search. Default("jdbc:.:thin:@.:[0-9]*:.{4}")
EXAMPLES
-
Example of executing this program without a script.
This example assumes that Java has been added into the system path.C:\Program Files\LitFinder\lib>java -jar Finder.v1.0.00.jar
Finder 1.0.00
===========================================================================
. . .
Finder: com.ko.na.finder.StringFinder
Find Criteria: jdbc:oracle:thin:@.:[0-9]:.{4}
Buffer Size: 2048 bytes
===========================================================================
Scanned 11 files within 0 directories in 0.011 Secs averaging 1,100 fps.
Found 0 occurences.
Finder Completed.
2. Example of a custom use of the provided finder script that specializes the search to a particular string.
This examples that both Java and the finder script are accessible via the system path.C:>call finder string.props . ".{8}com.ibm.{12}"
Finder 1.0.00
===========================================================================
. . .
Finder: com.ko.na.finder.StringFinder
Find Criteria: .{8}com.ibm.{12}
Buffer Size: 1024 bytes
===========================================================================
Scanned 5 files within 0 directories in 0.021 Secs averaging 250 fps.
Found 0 occurences.
Finder Completed.
3. Example of a custom use of the provided finder script to isolate candiate IP Address strings.
This examples that both Java and the finder script are accessible via the system path.C:>call finder ipAddr.props c:\data
Finder 1.0.00
===========================================================================
. . .
Directory: c:\data
Finder: com.ko.na.finder.IPAddrFinder
Buffer Size: 1024 bytes
===========================================================================
Name: c:\data.history\73\103e4425f810001318d2ca6b38cd521b
Offset(7107) Match(1.2.3.4)
Offset(7149) Match(0.0.0.0)
Offset(7169) Match(255.255.255.255)
Scanned 1,360 files within 356 directories in 30.981 Secs averaging 44 fps.
Found 3 occurences.
Finder Completed.
