Most of the times when you download a file from internet, you will see a checksum or MD5 hash tag beside the download link so you can compare the checksum of the downloaded file with the original file. There are several security reasons for that, but the most common one is to eliminate the possibility of a special type of hacking called “Man in the middle”. In this type of hacking, the hacker usually sniffs and listens to the requests goes from your computer and tries to compromise the packets, but the best thing you can do to help the hacker is to request a very popular application that he has already prepared an infected version, so when you want to download the file, he will send his own infected version toward your computer and you will install that application, thinking that it is the original malware-free application !! so after installing the application, the hacker can do variety of dangerous things to your computer such as creating a backdoor, key-logging, screen capturing, infecting the entire trusted network and etc.
The only way you can avoid this type of hack is by checking the checksums. there are few awesome, useful and easy commands that can do this checking for you and I’m going to describe them in this article:
Basically these commands generate MD5 or SHA1 hashes and compare them against the provided checksum hash. So at first, I will explain how to generate MD5 and SHA1 :
1. Generate MD5, SHA1 for files and strings
For the commands below I’m going to use a file and a string. The file name will be “myfile.zip” and for the string I will use “myString”, but you should change them with the string or file you want.
generate MD5 from string:
md5 -q -s "myString"
or you can use:
echo -n "myString" | md5
for bot of the command above the result will be:
The following lines will generate MD5 for a given file:
and the result will be shown as below (note that the result of your will not be the same as mine due to the fact that our files are different)
MD5 (myfile.zip) = e9157ac8de60656b0c0e6cdf4ef524a2
in the command above, if you use -q before your filename, you will get only the MD5 checksum.
To generate SH1 hash, from a string, you can use the command below:
echo -n "myString" | openssl sha1
and the result will be:
2. Compare MD5, SHA1 for files
So far I could not find a proper command that do the comparison for us, so the only way left is to either use your eyes and check every single character, or copy and paste the template checksum in a text editor and use FIND functionality (which is usually built in in all text editors) to find the generated checksum in the template.
I may write a python file to facilitate this process later and I will post it in this article. 😀