Checking to make sure that a very important file you’ve downloaded from the internet is the original one. In some cases, files going between the server and the user can be manipulated, especially if the connection is HTTP and not HTTPS. Here’s how you can check a file’s hash with Windows Powershell.
By checking a file’s hash, you will know that the one you’ve downloaded is the right one and not from a malicious attacker. While there are many programs out there that can check file hashes, it’s best that you use a tool provided directly from a known company. Microsoft being one of those companies makes the perfect use case.
Windows Powershell contains a vast array of tools and functions that make administration on Windows easy and efficient. In this article, we are going to execute a very simple script that checks the hash of a particular file. For this demonstration we are going to use an ISO for CentOS 8 from Leaseweb:
As you can see, we have a list of CentOS 8 installation ISOs that we can download. We are going to download CentOS-8.2.2004-x86_64-minimal.iso so that we can check its hash using Powershell.
Where can we find these files’ hashes for us to check against? Usually you would find a file in the directory with the word hash or checksum like the one on top:
The checksum file contains all of the original hashes for the files listed below it. We are going to download this one and open it using Notepad on Windows.
You can now see a list of each file and to the right their hash. It looks like each file is using SHA256 to encrypt the hash which is considered to be very strong. We will be needing to specify this when we run our Powershell command.
Open Windows Powershell by going to Start->Search and type in Powershell to bring up the program. You will then right-click on it and select Run as Administrator.
We are then going to run the following command to check our file’s hash:
Get-FileHash "C:\Users\USER\Downloads\CentOS-8.2.2004-x86_64-minimal.iso" -Algorithm SHA256
Here the path to the file that we want to check it’s hash will be specified first. We want the SHA256 hash this time around so it will be used for the -Algorithm argument. Press enter, and you should see the hash being output with the file’s path and algorithm used. Compare it to the checksum file that was downloaded earlier to see if they match.
If they do, then your file is considered safe and hasn’t been modified during transport. You can also make the command output more organized by doing this:
Get-FileHash "C:\Users\USER\Downloads\CentOS-8.2.2004-x86_64-minimal.iso" -Algorithm SHA256 | Format-List
We are taking the output produced by Get-FileHash and sorting it to fit the screen(or window if it is too small).
You now know how to easily check a file’s hash through Windows.