I’m spending the week in San Diego delivering a Security+
class as part of my Annual Training for the United States Navy. It has been a few years since my last
Security+ class that I delivered to the US Air Force. Since then, PowerShell has undergone a few
version updates. I decided to leverage
one of the new cmdlets to help use demonstrate file hashing.
The group that we are working with this week is sharp and
asking some really great questions.
There is a little confusion out there on what a hash is so I’m adding
this to both my military and civilian Security+ classes.
Enjoy!
<#
Demonstration of using a hashing algorithm to verify
file integrity.
ITC J. Yoder
NR SPAWAR 119
Creation Date: March 7, 2017
Slide: Symmetric Algorithms
Notes:
This code is designed to be ran inside of the PowerShell ISE.
Select the code in each step and press F8.
Tested on PowerShell 5.
Execute the command below to determine your
PowerShell version.
#>
$PSVersionTable.PSVersion
# Step 1 : Create a Folder Structure
New-Item -Path
c:\ps\Original -ItemType
Directory
New-Item -Path
c:\ps\Copy -ItemType
Directory
# Step 2 : Create a text file in the original directory.
"This is my text" | Out-File -FilePath
C:\ps\Original\Data1.txt
# Step 3 : Create a hash for this file using SHA256
$HashOriginal = Get-FileHash -Path
C:\ps\Original\Data1.txt
# Step 4 : View the hash.
$HashOriginal.Hash
# Step 5 : Copy the file.
Copy-Item -Path
C:\ps\Original\Data1.txt -Destination C:\ps\Copy\Data1.txt
# Step 6 : Create a hash Of the copy using SHA256
$HashCopy = Get-FileHash
-Path C:\ps\Copy\Data1.txt
# Step 7 : Test the hashes for equality.
$HashOriginal.Hash -eq $HashCopy.Hash
# Step 8 : Rename the copy.
Rename-item -Path
C:\ps\Copy\Data1.txt -NewName C:\ps\Copy\Data2.txt
# Step 9 : Create a hash Of the renamed copy using SHA256
$HashRenamed = Get-FileHash -Path
C:\ps\Copy\Data2.txt
# Step 10 : Test the hashes for equality.
$HashOriginal.Hash -eq $HashRenamed.Hash
# Step 11 : Modify the copy by adding a period to the end.
"This is my text." | Out-File -FilePath
C:\ps\Copy\Data2.txt
# Step 12 : Create a hash Of the Modified copy using SHA256
$HashModified = Get-FileHash -Path
C:\ps\Copy\Data2.txt
# Step 13 : Test the hashes for equality.
$HashOriginal.Hash -eq $HashModified.Hash
# Step 14 : View the hashes
Write-Host "Original
: $($HashOriginal.Hash)" -BackgroundColor
DarkGreen
Write-Host "Copy : $($HashCopy.Hash)" -BackgroundColor
DarkGreen
Write-Host "Renamed : $($HashRenamed.Hash)" -BackgroundColor
DarkGreen
Write-Host "Modified
: $($HashModified.Hash)" -BackgroundColor
DarkRed
# Step 15 : Clean up the disk.
Remove-Item -Path
C:\ps\Original -Confirm:$false -Recurse
Remove-Item -Path
C:\ps\Copy -Confirm:$false -Recurse
Comments