A hash is a stray value and a one-way function. A string of fixed length is formed from a string of arbitrary length. Sounds mathematical. For administrators and users, a modified hash value of a file is an indication that the file has been modified.
For example, the download link of Windows 10 shows a hash value. This value can be compared to the value of the downloaded file. If the installation medium has a different hash value, it can be assumed that this is not the original and has therefore been changed.
Get-FileHash in Action
To check the file hash, you can use PowerShell. There is no reason for downloading 3rd party tools from the Internet. Avoid the ask toolbar and simply run Get-FileHash. It´s included in PowerShell!
My file looks like this.
Pay attention to the hash.
Get-FileHash -Path C:\Patrick\Data.txt | Format-List
If i change the content the hash value changes too.
More about Hashes and encryption in my German Cyber Security series
Cyber Security / Pen Testing (Teil 2): Grundlagen der Kryptographie, and in Technet https://msdn.microsoft.com/en-us/powershell/reference/5.1/microsoft.powershell.utility/get-filehash.
1 reply »