PowerShell

PowerShell: Checking integrity with Get-FileHash

By on ( 1 Comment )

A hash is a stray value and a one-way function. A string of fixed length is formed from a string of arbitrary length. Sounds mathematical. For administrators and users, a modified hash value of a file is an indication that the file has been modified.

For example, the download link of Windows 10 shows a hash value. This value can be compared to the value of the downloaded file. If the installation medium has a different hash value, it can be assumed that this is not the original and has therefore been changed.

Get-FileHash in Action

To check the file hash, you can use PowerShell. There is no reason for downloading 3rd party tools from the Internet. Avoid the ask toolbar and simply run Get-FileHash. It´s included in PowerShell!

My file looks like this.

Unbenannt.JPG

Pay attention to the hash.

Get-FileHash -Path C:\Patrick\Data.txt | Format-List

Unbenannt.JPG

If i change the content the hash value changes too.

Unbenannt.JPG

Unbenannt.JPG

More about Hashes and encryption in my German Cyber Security series

Cyber Security / Pen Testing (Teil 2): Grundlagen der Kryptographie, and in Technet https://msdn.microsoft.com/en-us/powershell/reference/5.1/microsoft.powershell.utility/get-filehash.

Categories: PowerShell

Tagged as: ,

Published by Patrick Gruenauer

Microsoft MVP on PowerShell [2018-2023], IT-Trainer, IT-Consultant, MCSE: Cloud Platform and Infrastructure, Cisco Certified Academy Instructor.

1 reply »

  1. Pingback: If you have mastered PowerShell, you don’t need these 3rd Party Tools anymore – SID-500.COM

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.