PowerShell: Checking integrity with Get-FileHash

A hash is a stray value and a one-way function. A string of fixed length is formed from a string of arbitrary length. Sounds mathematical. For administrators and users, a modified hash value of a file is an indication that the file has been modified.

For example, the download link of Windows 10 shows a hash value. This value can be compared to the value of the downloaded file. If the installation medium has a different hash value, it can be assumed that this is not the original and has therefore been changed.

Get-FileHash in Action

To check the file hash, you can use PowerShell. There is no reason for downloading 3rd party tools from the Internet. Avoid the ask toolbar and simply run Get-FileHash. It´s included in PowerShell!

My file looks like this.


Pay attention to the hash.

Get-FileHash -Path C:\Patrick\Data.txt | Format-List


If i change the content the hash value changes too.



More about Hashes and encryption in my German Cyber Security series

Cyber Security / Pen Testing (Teil 2): Grundlagen der Kryptographie, and in Technet https://msdn.microsoft.com/en-us/powershell/reference/5.1/microsoft.powershell.utility/get-filehash.

Categories: PowerShell

Tagged as: ,

1 reply »

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.