Hashing Files Using Python and A Linux Terminal
Why hash a file?
Hashing can help authenticate the integrity of a file. This is done by using the hash value of the file before it was sent and comparing it to the value of the file when its reached its destination. The goal is to see if it was modified during the time it was being transferred or ever. Hashing should not be confused with encryption, a hash can not be reversed or “decrypted” as seen in encryption algorithms such as DES, AES, and RSA.
Python IDE Used — PyCharm https://www.jetbrains.com/pycharm/
Using the “print_function” from “__future__” made my code compatible with python3 and 2 allowing me the print function of python3 with python2 code. Then I imported argparse, hashlib, and os. Which can all be found in the python documentation.
Python3 Documentation — https://docs.python.org/3/
Specifying the variables Editor, When, and Brief gives the python script a description and information for a user when the -h(help) command is ran. The successful output of what that looks like is below.(Figure 1.1)
Using hashlib I enabled the following hash functions: Md5, sha1, sha224, sha256, sha384, sha512.
Python Doc. hashlib — https://docs.python.org/3/library/hashlib.html
Now to set up arguments in the command line. Description and epilog outputting what was written in line 6–8.
2 arguments added: 1 specifies the file and the other the hashing algorithm used.
Open the file as binary content using “rb”. Hash the files with a buff size of 1024 and print the hash value of the file name and the file content.
The following image(figure 4.1) is the output of a test file being used to test the Python Script against all hash functions specified in the code. It ran successfully with zero errors.
Source Code: Github — https://github.com/chrisyh001/Py-DigitalForensics
Special Thanks To The Python Digital Forensics Cookbook by Preston Miller , Chapin Bryce for the code examples.