Why are file hashes checked and how to do it?

Published: January 31, 2021 Section(s): Software Views: 11516 Comments: 0

When downloading ISO images and large archives, there is always a chance of getting a “broken” file. In the days of Dial-UP, this happened all the time. And although this happens much less often now, to make sure that the “original” file is in front of you, they came up with checksums that are calculated based on the content and allow you to notice the discrepancy of even one byte.

That is, if you change one byte in the file being checked, then the checksum of such a file will also change.

Why check file integrity?

Full checksum identity ensures that the file has not been tampered with by an unauthorized user, and also confirms that the downloaded files are an exact copy of the original ones.

Carrying out this procedure is necessary to check the integrity of downloaded files in order to protect your device and make sure that attackers have not modified them by infecting them with viruses. The hash function is used for all types of files, including EXE installers and ZIP archives.

Hackers can hack an Internet resource that hosts a downloadable file, then replace it with an infected one and change the checksums specified by the program developer.

What is a checksum

A checksum or hash sum is a value that has been calculated by some algorithm based on existing files or data. The peculiarity of the checksum is that its algorithm, given the same input data, always produces the same value. In this case, the slightest change in the input data radically changes the value of the checksum.

This feature allows you to use a checksum to verify the integrity of files or data. For example, you need to send some file and you want to make sure that it is not damaged or modified on its way to the recipient. To solve this problem, you can use a checksum. Calculate the checksum and send it along with the file. The recipient of the file then recalculates the checksum of the file and compares it with your checksum. If the values ​​match, then the file is original; if not, then it has received some changes.

It should also be mentioned that the checksum cannot be used to obtain the original data. That is, you cannot “decrypt” a hash sum and obtain data that has been hashed; a hash sum can only be compared with another hash sum. This feature opens up additional possibilities. For example, hashes are used to store passwords. When you register on a website and enter your password, it is not stored on the server in clear text. Instead, only its checksum is stored. And when you log into your account using a password, the system receives your password, calculates its hash amount and compares it with the hash amount that is stored on the server. If the hash sums match, then the password is correct and you can log into your account; if the hash sums do not match, then the password is incorrect and you will be redirected to a page to recover your password.

There are many different algorithms or so-called hash functions for calculating the checksum. The most famous and popular algorithms are: CRC32, MD5, SHA-1 and SHA-2. But, there are many other algorithms, some of which have wide applications, and some of which are used only for specific tasks. At the same time, some existing algorithms are considered outdated or vulnerable and are no longer used. Thus, the MD5 algorithm almost completely ceased to be used because it turned out that it could produce the same values ​​for different input values.

As an example, let's demonstrate what a checksum looks like in practice. For example, take the string “Hello, world!” and calculate its checksum using several popular algorithms.

Adler: 32205e048a CRC: 32ebe6c6e6 Haval: 5711dea10d85b988fcb1eed99ce7310c MD2: 8cca0e965edd0e223b744f9cedf8e141 MD4: 0abe9ee1f376caa1bcecad9042f16e73 MD5: 6cd3556deb0da54bca060b4c39479839 RipeMD128: 3cbb446fc20277b2a4e4b8b8b40aa962 RipeMD160: 58262d1fbdbe4530d8865d3518c6d6e41002610f Tiger: b5e5dd73a 5894236937084131bb845189cdc5477579b9f36 SHA-1: 943a702d06f34599aee1f8da8ef9f7296031d699 SHA-256: 315f5bdb76d078c43b8ac0064e4a0164612b1 fce77c869345bfc94c75894edd3 SHA-384: 55bc556b0d2fe0fce582ba5fe07baafff035653638c7ac0d5494c2a64c0bea1cc57331c7c12a45cdbca7f4c34a089eeb SHA-512: c Whirlpool: 238034e71c9f4d712ef02f8fe109bc1f32425530088c1ea13786e1ffdc953a7d567db4aba11ce0226efdd5ed5d55abd087b58122f891e61df996a37e595131b5

As you can see, each algorithm produces a value that has absolutely nothing to do with the original data. And no matter how many times we calculate the checksum of the string “Hello, world!”, we will get the same values ​​every time.

How can you check the integrity of a file?

You can use special programs to check file checksums. You can check the integrity of the file online or use a built-in tool in the Windows command line called CertUtil.

To perform an MD5 check, enter the following into the command line:

certutil -hashfile,

then specify the path to the file that needs to be checked. After this, all that remains is to run the command using the Enter key.

Algorithms (standards) for calculating the hash amount of a file

There are quite a lot of them at the moment...

1. Adler-32
2. BTIH (BitTorrent Info Hash)
3. CRC32
4. eDonkey2000
5. GOST (GOST R 34.11-94)
6. MD5, MD4, MD2
7. RIPEMD-128, RIPEMD-256, RIPEMD-320
8. SHA-1
9. SHA-2 (SHA-256, SHA-384, SHA-512)
10. SHA-3 (SHA3-224, SHA3-256, SHA3-384, SHA3-512)
11. TTH (Tiger Tree Hash)
12. Tiger
13. Whirlpool
14. …

...but the most common and popular are...

• SHA-1
• MD5
• CRC

Hash sums of one file created according to different standards will differ from each other very noticeably (not compatible for verification)…

• CRC: 02668A079

• SHA-1: F77EB9AA67CE63EDC87B77BF35DFEB9AA63E9B4C

• MD5: 00EF4D6A8122DDE85BDBC7ED3A1362

Today we will not discuss or study how to create (set) the hash amount of a file - this will be the topic of the next article.

How to check MD5 hash using Solid Explorer?

This program is designed for convenient file management. This file manager has advanced functionality that allows you to perform various actions with files. With it, you can provide file protection based on strong encryption using a password and fingerprint.

How to find out the IP address and why it is needed

This application supports basic network protocols and connection to cloud storage. You can also get Root rights to access the root directory. There are functions for grouping files into folders and indexed search.

The installation process on Android is as follows:

1. Go to Play Market and enter the name of the application in the search.
2. Start the download by clicking on the “Install” button.
3. Start setting up the application and managing storage.

How to find out the checksum of a file in Windows

It makes more sense to calculate the checksum locally on your computer. It's fast and confidential. In this article I will describe several ways to obtain checksums, both using third-party programs and directly using the Windows operating system itself.

File manager Total Commander

Total Commander is a popular file manager that runs on Microsoft Windows and Android platforms. It has a built-in function for calculating checksums.

After which you can choose one of the algorithms for calculating checksums.

By default, Total Commander creates a file with the name of the one being checked and with the extension by the name of the selected checksum calculation algorithm.

File archiver 7-Zip

7-Zip is a free, free file archiver with a high degree of data compression. It supports multiple compression algorithms and a variety of data formats, including the proprietary 7z format with the highly efficient LZMA compression algorithm.

This archiver has a built-in function for calculating checksums. You can launch it directly from the Windows context menu:

If you select “asterisk”, the program will calculate several checksums at once:

The resulting data can be selected and copied into a text document.

Are there other similar solutions

If you need to quickly check the integrity of a file, but do not have access to specialized software, you can open the “Properties” tab of the two files being compared and compare their size in bytes. If the values ​​match, then the file most likely has not been modified.

You can also install the free Hashtab program from the official website of the developer. To do this you need to do the following:

1. Follow the link and click on the Download button to begin the installation process.
2. A new tab called “File Hash Sums” will appear in the Windows Explorer context menu.
3. By opening it, you can calculate checksums for the selected file.
4. In the settings you can specify the required algorithms for checking the integrity of the file.

How to delete mail forever and what is it for?

Another way to check the hash sum is to use a web programming language to write a custom script.

What is the hash sum of a file

Everything is very, very simple with this very hash - let's take two files that, at first glance, are exactly the same...

Let's say that I downloaded them from different sites. As you can see, they have exactly the same name and extension, but besides this similarity, these installers may have a similar size down to the last byte.

Ordinary ordinary users do not even realize that such “exe files” are practically simple archives.

So, it’s very easy to slip some kind of malware (virus) into this file (archive) - they almost always disguise themselves as the “correct” file, copying not only the name and extension, but even the size.

Such a modified file can be distributed on the Internet under the guise of being official, white and fluffy.

By the way, there is no perfect antivirus and your Defender can fail at any time, if you didn’t know.

Another situation - have you chosen and started downloading any program, file or archive via torrent? In this case, it’s even easier to slip in a little stray virus, because the file is downloaded into the computer in tiny parts, from a huge number of people, and is collected into a pile only by the end user.

Tips and conclusions

To summarize, we can say that checking hash sums allows you to most reliably determine the absence of modifications in the files being checked. To carry it out, you can resort to using standard tools in the Windows operating system or install a third-party specialized program.

Let me know what you think about this topic of material in the comments. Thank you so much for your comments, dislikes, responses, likes, subscriptions!

Please leave your opinions on the current topic of the material. Thank you so much for your comments, dislikes, responses, likes, subscriptions!

AMANton Malakhovaauthor

Checking checksums online

If you need to check the checksum of a string (for example, a password), then the easiest way is to use online services. You can find such online services in any search engine using the query “hash online”.

For example, consider the site https://www.sha1-online.com. This site has a line where you need to enter the initial data, and a drop-down list where you need to select which algorithm you want to use to obtain the hash sum.

To check the table above, enter the string “Hello, world!”, select the MD5 algorithm and click on the “hash” button.

As a result, a line with the MD5 hash value will appear on the screen.

It is not difficult to notice that the resulting value completely coincides with that indicated in the table above, although the data from the table was obtained in a different way.

QuickHash

QuickHash is an open source hash generator for Windows, macOS and Linux. It is also one of the most fully featured hash generation and verification options on this list.

While the number of hashes you can use is small—just MD5, SHA1, SHA256, SHA512, and xxHash64—Quick Hash has a ton of additional features.

QuickHash can hash an entire folder, compare two separate files, compare entire directories, or compare an entire disk. Of course, the latter takes a significant amount of time due to the size, but it's a nice option to see. You can also work through a text document line by line, hashing each one as you go.

Download : QuickHash for Windows | macOS | Linux (Debian) (free)

Option 1: Built-in operating system tools

You can find out the checksum of an ISO image without third-party programs and services - using the built-in tools of the operating system.

Method 1: "Command Line"

Every version of Windows comes with a pre-installed console utility called CertUtil, which allows you to view the hash of any file. To use it, follow these steps:

1. Press the Win + R hotkey combination and enter cmd in the window that appears, then click OK.
2. In the console that opens, enter the command with the following syntax and press Enter:
   certutil -hashfile “<path to file>”
3. Wait until the data analysis is completed, and then review the information you are looking for.

Method 2: "PowerShell"

The “PowerShell” shell, which is preinstalled in the operating system starting from the eighth version, also allows you to extract the necessary information from the ISO file. To use this method you will need to do the following:

1. Expand the system search menu and enter the query “PowerShell”, then launch the application of the same name.
2. In the window that appears, enter the following command and confirm its execution by pressing the Enter key:
   Get-FileHash “<path to file>” -Algorithm <checksum calculation algorithm>
3. Wait for the operation to complete and then review the result.

The following values ​​can be used as an algorithm for calculating the checksum, which correspond to the data type of the information received at the output:

• SHA1;
• SHA256;
• SHA384;
• SHA512;
• MD5.

Ultimately, the command might look like this: Get-FileHash “D:\Windows.iso” -Algorithm SHA1.

Command line option (without installing programs)

If you are more comfortable using the command line or if you configure a script to automatically check SHA-256 in Windows, then you can use the CertUtil utility.

To check the SHA-256 hash, just enter the following command:

certutil -hashfile C:\Users\Admin\Downloads\HashTab_v6.0.0.34_Setup.exe SHA256

C:\Users\Admin\Downloads\HashTab_v6.0.0.34_Setup.exe is the path to the file whose hash we want to calculate.

As you can see in the screenshot, the hash of our file 85caa9ea0b ... is completely identical to the one we obtained using the first method.

HashTab

HashTab is a different approach to generating file hashes. Instead of using a separate interface to generate file hashes, HashTab adds a tab to the Properties menu. Then, instead of dragging the file into the program, you right-click the file, select Properties, and open the File Hashes .

HashTab generates hashes for MD5, CRC32 and SHA1 by default. HashTab options allow you to add hashes for over 25 additional hashes, including the SHA family, RIPEMD, TIGER and WHIRLPOOL.

You can add more hashes to the File Hashes tab by opening the Properties menu, selecting the File Hashes tab, and selecting Settings . Review the hashes you want to add and click OK.

Another nice feature of HashTab is its built-in file checker. You can cross-reference any file in the File Hashes tab using the Compare File .

Download: HashTab for Windows (Free personal license)

Option using 7-Zip archiver

The free 7-Zip archiver can also calculate the SHA256 sum of files. To do this, just either in the program window (including the portable version), or simply right-click on the file and select “CRC SHA - SHA256” in the context menu (only when the 7-Zip archiver is installed on the system).

You can download 7-Zip from its official website - https://www.7-zip.org

Option 3: Online services

If necessary, you can find out the checksum of a file using a special online service, which does not require the installation of third-party software on your computer. As an example, we will consider the File Checksum resource.

Go to the File Checksum online service

Instructions for use:

1. Go to the service using the link above, and in the File Hash column, select the type of data you want to get from the file.
2. Click on the Drop File Here area and in the file manager that appears, go to the ISO image, then click on the “Open” button.
Read also:  Flat on Forex – what is it? How to trade in a narrow price channel and ways to predict a flat area
3. Please review the required information in the box below.

Important! File Checksum is not recommended to be used if you need to find out the checksum of large files larger than 2 GB, since the process of uploading data to the service and subsequent processing will take a lot of time.

We are glad that we were able to help you solve the problem. In addition to this article, there are 12,578 more instructions on the site. Add the Lumpics.ru website to your bookmarks (CTRL+D) and we will definitely be useful to you. Thank the author and share the article on social networks.

Describe what didn't work for you. Our specialists will try to answer as quickly as possible.