Often, getting the treasured hashes is not all that needs to be done before starting brute force. Sometimes it is also useful to understand what we are actually going to brute, determine the hash, or in other words, find out what kind of hash was caught during the pentest.
The easiest way to find out the hash algorithm is an online service. One of the most popular services for determining hashes online is the website onlinehashcrack.com.
Using this service is very simple:
- Go to onlinehashcrack.com
- Enter the found hash
- You get the result
The service can detect over 250 types of hashes.
Determining a hash using hashID
In some cases, going online to determine the type of hash will be difficult. In such situations, you can use special utilities. One of the most popular today is the hashID tool.
This utility replaces the HashTag and Hash-Identifier utilities.
hashID is an extremely useful Python 3 tool that will try to determine what type of hash is in front of it.
The hashID library contains more than two hundred different hash signatures and services that use them.
Determining a hash using the hashID utility The utility is friendly with , and also runs without problems on the second branch of Python.
Setting hashID
$ pip install hashid
$ pip install --upgrade hashid
$ pip uninstall hashid
Download hashID
You can download the utility from Github. There you will also find a complete list of supported hashes in the Excel file.
That's all. These hash detection tools should be enough for you. Good mood and information security to everyone!
A hash is an individual unique code that corresponds to a specific unit of information, a mathematically calculated image of a specific file. When a file undergoes any modification, the hash sum of this file changes accordingly.
After downloading files from the Internet, especially ISO disk images of various products, it is a good idea to compare the hash of these files with the one published by the manufacturer of these products in order to determine whether the files have been subject to any changes (introduction of third-party programs, viruses, etc.). d.).
In most cases, information about the hash sums of a file is provided by the developer to the user on the website after describing its characteristics or system requirements.
By checking the hash code, the file is protected from modification. Its verification is especially relevant when downloading operating system disk images not from the manufacturer’s website, but from so-called file exchangers and torrent trackers.
If a checksum mismatch is detected, it is better to think 100 times before using the disk in this way. You may ask, how can you find out the checksum of a file in the Windows operating system?
HASH SUM
I will answer, there is such a small and at the same time free program called HashTab, which is integrated into Windows Explorer and will help you easily determine the hash sum (checksum) of the file you downloaded in order to verify its authenticity and integrity. The program can be downloaded from the official website at:
Http://implbits.com/products/hashtab/HashTab_v6.0.0.34_Setup.exe
where after going to the site you need to click on the “Download Now!” button.
In the field that appears, enter your email address, to which an email will be sent with a link to download the program, and click the “Send Download Link” button.
We check the mail and see a letter that provides the URL where we can download the program, the size of the program and its checksum.
Download the program, specifying the folder.
Extract the program installer from the archive and launch it by double-clicking the left mouse button. In the installer window that opens, click on the “Next” button.
In the next window, we agree to the license by clicking on the “I Agree” button.
Select the folder to install the program (it’s better to leave it as default) and click the “Install” button.
We complete the installation by clicking the “Finish” button.
CHECK SUM
Upon completion of installation, the program is integrated into the context menu of the operating system Explorer. To display the checksum of a file, we need to right-click on it and click on “Properties”.
In the window that opens, click on the “File hash sums” tab.
For large files, you may need to wait a few seconds for the hash calculation to progress.
Upon completion of the calculation, in the “Hash Value” window we will see the checksum for the file.
In the “Settings” of the program, you can add additional hash sums to be displayed and configure it in more detail (I leave it at default).
In order to compare the checksum of a disk image (in my case), I go to the official website and look for where the hash sum of the image is indicated (on the site I find the posted file “MD5SUMS”).
I open this file and look for the checksum for my disk image (this is ubuntu-12.10-desktop-i386.iso).
I copy it from the site.
Article content:
In some situations, it may be necessary to calculate the MD5 hash for a file that you have downloaded to your computer. For example, to be sure that you downloaded exactly the file you wanted and the attacker did not modify it. In this article we will look at 2 different ways to do this: through an extension for Explorer, and also through the command line.
Option via File Explorer extension
There is a great program for Windows Explorer called Hashtab that is free for non-commercial use. You can download it from . Select the free version and click on the "Download" button.
After installing the program, a new tab “File hashes” will appear in the Explorer context menu. By selecting it, the program will automatically calculate hashes for the selected file depending on which algorithms are selected in its settings. 
Command line option (with program installation)
If we need to calculate the hash amount of a file via the command line, we can use a utility from Microsoft, which is suitable just for such cases. Download it from and install it. To do this, you will need to create a folder on your hard drive and specify it during the installation process. In our example, the program was installed in the C:\Program Files (x86)\FCIV folder. In order to calculate the MD5 hash of a file, we need to launch the command line and type the following command in it:
"C:\Program Files (x86)\FCIV\fciv.exe" -md5 C:\Users\Admin\Downloads\HashTab_v6.0.0.34_Setup.exe
As you can see, the MD5 hash sum is the same for both the first and second options.
"C:\Program Files (x86)\FCIV\fciv.exe" is the path to the fciv.exe file
-md5 - specifying the algorithm by which fciv.exe will calculate the hash sum
C:\Users\Admin\Downloads\HashTab_v6.0.0.34_Setup.exe - path to the file for which we calculate the hash sum.
Command line option (without installing programs)
If you do not want to install any programs, you can get by with the built-in Windows tools; for this you can use the CertUtil utility.
When downloading programs or games from the Internet to your computer, you may have noticed more than once that in the description of the files of some installation images an item such as “Checksums” or “Hash sums” is indicated. What is a hash amount, why is it indicated on websites and how can it be checked?
The hash sum is the result of processing the file data with a hash function. Essentially, a hash is a personal digital identifier that can be used to verify the integrity of a copied or downloaded image by comparing it with the hash value of the original file.
But why do you need to check the integrity of the downloaded image if you can already see in the download manager or torrent client whether the file has been downloaded or not? The fact is that, unlike most multimedia files, such as photographs, audio recordings or films, installation files are much more sensitive to the slightest damage. Therefore, if even small errors occurred during the image loading process, during which only a few bytes of information were lost, you may well have problems installing a system or application from this image.
To avoid such problems, it is best to immediately check the hash value of the downloaded file, comparing it with the value that was indicated in the description on the site from which the file was downloaded. However, unfortunately, you won’t be able to find out the hash value of a file using standard tools in the Windows operating system, so you will have to resort to using a third-party program. For example, to check a hash, you can install a specialized utility called HashTab.
HashTab is a very simple, convenient and lightweight program, and it is completely free. You can download the HashTab program from the official website of the developer using this link: hashtab.ru/.
After installing the HashTab program, it will automatically be built into standard Windows Explorer and you can easily find out the hashes of absolutely any file on your computer.
In order for you to quickly understand how to work with this program, we will conduct one small experiment. Let's go to the official website of Microsoft, to the Windows Technical Preview download section, which is located at windows.microsoft.com/ru-ru/windows/preview-download and download from there a trial version of the freshly baked Windows 10 operating system. Before downloading, we must Let's copy the hash value of the image file, which is indicated on the site.
After the Windows Technical Preview image is downloaded to your computer's hard drive, we will perform a check to ensure that the checksums of the file posted on the site and the image file we downloaded match.
In order to find out the hash amount of a file, right-click on it and select the item in the context menu Properties. In the file properties window, go to the tab File hashes. Here you can read the value of all three hash sums of the selected file (though you will have to wait while the program calculates the hash value). However, few people will be willing to manually compare the value of hash sums when it is possible to do this automatically. Just copy the hash value of the original (downloaded from the site) file and paste it into the line Hash comparison.
If the values of both hash sums match, it means that no errors occurred during the file download process, and you can safely install this operating system or application from the image. If the hash does not match, then it is better to download this file again, since this is better than then reinstalling the system or application a second time due to problems that may arise both during the installation process and during subsequent work.
You can also use the HashTab program to compare the hash values of two identical files. To do this, you just need both of them to be on the computer or at least on a removable drive connected to it. To compare the hash sums of two supposedly identical files for identity, open the properties of one of the files in the tab File hashes, click on the button Compare file and specify the path to the second file. After this, the program will automatically calculate and compare the hash sums of both files.
Still have questions? - We will answer them for FREE
When exchanging information over computer networks or via portable media, the question arises of how to verify the integrity of the transmitted information. After all, if several bits are incorrectly saved in the resulting multi-megabyte file, this can lead to problems when using this file. Especially if this file is an application. Therefore, when distributing various installation files and other information, it is customary to indicate a checksum (hash) - so that users, having downloaded the data, can independently check the checksums of the files for a match with the hash of the downloaded information.
Principles of using checksums
To use the technology intelligently, it is useful to understand what a hash is. In general, a hash is a set of bits obtained as a result of calculations on information using a specific algorithm. A distinctive feature of this algorithm is that if at least one bit in the original information changes, the hash sum also changes. And at the same time, there is an extremely low probability that a random change in a few bits of incoming information will leave the hash unchanged. Thus, it turns out that the checksum is like a data passport, after checking which you can conclude that the data is genuine.
Therefore, the principle of using hashes is quite simple, and consists of two stages:
1. Calculate, store and publish the checksum of the original data.
2. Calculation of its value for a copy of the data and comparison with the value for the originals.
There are many different hashing algorithms. And accordingly, there are many types of hash sums. The most popular among them are CRC32, MD5, SHA-1 etc.
Where are hashes used?
Even those users who do not know what hash sums are still quite often benefit from their use - for example, when opening packed files. The fact is that modern archivers add their hashes to packed files. They can be seen by opening the archive using an archiver program.
And accordingly, when unzipping, these hashes are automatically verified. If the archive is damaged, the archiving program will generate an error with a message that the checksums of the files do not match. Therefore, the easiest way to ensure control over the correct transfer of files is to pack them into an archive.
Another area where checksums can be used is to use them instead of passwords. When a visitor registers on a website by entering a secret password, it is not the password itself that is stored on the server, but its hash. Accordingly, if attackers gain access to the server, they will not be able to find out the saved passwords - they simply are not there.
Also, hash sums are an integral part of the work of torrent trackers. Thanks to this, when downloading files via torrents, 100% integrity of information transfer is guaranteed. In this case, the user does not need to control this process in any way. All necessary operations during downloading are carried out by the program (). Of course, if the files have been downloaded for a long time, and you need to make sure that they have not become damaged over time, you can run a manual re-scan. For example, in the uTorrent program there is a special item for this in the context menu (appearing when you right-click on the selected torrent).
When using archives and torrents, hashing is carried out without user intervention. But since not all files are convenient to archive, much less use torrents when sending information, there is a widespread practice of calculating checksums for an arbitrary set of files. Most often, a hash in MD5 format is used for this, for which many different programs have been created.
How to create MD5 hash of files using MD5Checker?
Despite the fact that the MD5 algorithm is available in many file managers and utilities, not all of them are convenient to use. Some programs cannot check hashes for a group of files. Another part of the programs, although it does this, does not display a report on the scan results in a convenient form - you have to manually scroll through the entire list of files to identify error messages.
The only most convenient program for working with MD5 is the MD5Checker application. You can download the program from official website. Despite the fact that the program has an English-language interface, it is quite simple to use.
The program is configured by default to hash program files, archives and ISO images. Therefore, if you want to use this application for music and video, you must first change one single setting - specify a mask for the files with which the program will work. To do this, go to the “Tools / Options” menu item and specify the * symbol (which means “all files”) in the “Include” field.
After this, you can use the program as usual - now every single file in all subfolders will be scanned.
To create an MD5 hash, you need to drag selected files from a folder into the program window - and the program will automatically begin to calculate MD5 sums for all selected files and all files in subfolders (that meet the mask we specified). The calculated amounts will be displayed in the “Current MD5” column. Now all that remains is to save the obtained values to a file by clicking the “S To” button (“Save to”).
It is important to note that if you save the MD5 file in the folder in which all the files and subfolders we selected are located, the relative paths to them will be saved. This will allow you to check the checksum in the future even if you move files to another location. Therefore, before saving the file, it makes sense to go to the root of the folder by clicking the corresponding button.
If you open the resulting file in Notepad, you will see that the information is stored in it in plain text.
In this case, you can make sure that the paths to the files are relative, i.e. do not contain the drive letter on which they are located. Such an MD5 file can be stored in a folder along with files, and in the future the integrity of the files in this folder can be checked on any computer.
How to check file checksums?
To check the checksums of files, you need to restart the program or click the “Clear” button to clear the list of files.
After this, you should drag the MD5 file into the program window and make sure that a green checkmark appears next to each file. This means that the files are kept safe and secure. If there are quite a lot of files, then it is more convenient to control using the “Failed” and “Passed” counters in the table header.
You can conduct an experiment: rename one of the files, and edit another one, making a couple of minor changes. After running the re-check, the program discovered that one of the files had become inaccessible under its original name (marked with a yellow icon), and the checksum of the second file did not match (marked with a red icon). A checksum mismatch indicates that the file has either been modified or is damaged.
It is worth noting that if you have several folders, each of which contains one or more MD5 files (including in subfolders), then by dragging all these folders into the program window, you can check all the files for integrity in one fell swoop. MD5Checker automatically extracts hash values from files with the md5 extension encountered during scanning. This can be extremely convenient if large amounts of information are copied or transmitted over the Internet.
Also, if you have renamed or moved some files to another location, you can edit the MD5 file in Notepad, specifying new values for their paths there - and then you can use it further to check the files.
Results
Hashing technology provides a unique opportunity to control the safety of information. In modern times, when the number of user files is in the thousands and tens of thousands, convenience in processing hash sums for large amounts of data is necessary. The MD5Checker program successfully copes with this task, with which you can both check checksums and create them for many files, regardless of the depth of their nesting in the folder tree.
