Live Chat!

pcregrep, grep based on perl compatible regular expressions

          0 votos

November 20th, 2007 mysurface Posted in Regular Expression, Text Manipulation, pcregrep, printf | Hits: 36415 |

grep supposedly support perl regex by specified -P option, but somehow my grep do not support that, it complains this when I trigger with -P

grep: The -P option is not supported

But when you check the manpage of grep, you will see this

-P, --perl-regexp
              Interpret PATTERN as a Perl regular expression.

I found pcregrep in my repo, that supports grep based on Perl compatible regex.

Why do I need PCRE grep?
PCRE is much richer than classic regular expression, and it outperforms POSIX regex. We have PCRE library in c/c++, PHP, python etc. Check out more details information at http://www.pcre.org/ and also wikipedia.

Any examples that pcregrep outperforms grep?

Thanks to geek00l that raise the question, “How to grep for hex characters?”
The question may sounds vague, let me put it into a simple scenario. I have a line of binary strings, that may contain non-ascii characters. For examples ANSI codes for color text.

Try to do execute the line below:

printf '\x1b\x5b1;31;40m\tI am in Red\n'

Text will be print in red, but color is not reset after that. For more examples on how to print color text, refers to this post.

Trigger reset and try the line below again:

reset && printf '\x1b\x5b1;31;40m\tI am in Red\n\x1b\x5b0;40;40m'

Lets inject the ANSI code to a variable, after that echo it.

a=`printf '\x1b\x5b1;31;40m\tI am in Red\n\x1b\x5b0;40;40m'`
echo $a

Okay, it seems working!

So now I want to echo the color text only if I found 0×1b 0×5b … after the word “Red”. Grep can’t perform that because 0×1b, 0×5b and so on does not visible to user, with pcregrep, I can do this

echo $a | pcregrep "Red.*\x1b\x5b0;40;40m"

The example above may seems stupid, detects “hidden” characters may be very useful for security filtering. Network hackers may inject “hidden” binary codes by sending “hello world” across the networks, pcregrep may help to filter that. This is only my guess, I might be wrong, pcregrep may not useful to security analyst, I am not in depth into security stuff. Anyway, it just seems cool to use pcregrep instead of normal grep, so I can tried out more PCRE patterns.

Where can I obtain the details of what pattern pcre supports?

man pcrepattern
Related Posts
grep based on multiple keywords
grep with multiple keywords need some knowledge of regular expression. But that is not difficult, use (OR). Let say y...

Substitute a Keyword In a File
Sometime I need to replace a keyword with another, I can't just open a file and substitute 1 by 1. It is faster to using...

convert perl scripts into binaries
You can covert perl script into ELF binary files, c source code, bytecode etc. You do this my using perlcc. You can h...

Leave a Reply

Security Code: