How to hash files using EXF hashing tool
Step 1 – download EXF hashing tool
Create an EXF directory
Download the file to the exf directory.
Step 2 – Install EXF
Extract the file in EXF directory (use PeaZip as an opensource zipping tool).
Run the console app
exf.exe – this will display command list syntax if you wish to explore further options.
Step 3 – hash a directory
Select a small test directory to hash, here I’ve selected c:\steampunk.
exf -md5sum -d c:\steampunk
Notice that it tells us “10 files are hashed”, alas there’s a typo and “successfully” has been mispelt.
Step 4 – Change directory to the hashed directory
look for “TestFiles.exe”
EXF will then run and test that the file hashes are the same as stored in checksums.md5
So now you have confrmation that all the files in your directory have the same hash.
Remember the EU ENISA advice.
We use RSA 4k as a minimum, and 256 encryption. Here we see that SHA512 is available.
Therefore go with the strongest hashing algorithm available in the software.
Other hashes are:
Step 5 – Multiple hashes of a single file
The MD5 hash is now consider unsafe. Therefore we can default to using SHA1, SHA512 or even using MD5 alongside SHA1 and SHA512. Even if an attack on an MD5 hash were successful, the SHA512 hash would not be affected.
Here we carry out 4 hashes on the readme.txt
exf -crc32 -sha1 -sha512 -md5 readme.txt
Notice how the output of the hashes are much longer for the secure hashes; in particular the SHA512 hash runs over the width of the command prompt.
exf -crc32 – sha1 -sha512 -md5 c:\steampunk\steampunk_1.jpg
All SHA hashes
exf -sha1 -sha256 -sha512 c:\steampunk\steampunk_1.jpg
Notice the increasing length of the hash.