Skip to content

How to hash files using EXF hashing tool


Step 1 – download EXF hashing tool

Create an EXF directory


Download the file to the exf directory.


Step 2 – Install EXF

Extract the file in EXF directory (use PeaZip as an opensource zipping tool).

Run the console app

cd exf-exactfile-console-app


exf.exe – this will display command list syntax if you wish to explore further options.

Step 3 – hash a directory

Select a small test directory to hash, here I’ve selected c:\steampunk.

exf -md5sum -d c:\steampunk


Notice that it tells us “10 files are hashed”, alas there’s a typo and “successfully” has been mispelt.

Step 4 – Change directory to the hashed directory

cd c:\steampunk

dir /w

look for “TestFiles.exe”




EXF will then run and test that the file hashes are the same as stored in checksums.md5


So now you have confrmation that all the files in your directory have the same hash.

Remember the EU ENISA advice.

We use RSA 4k as a minimum, and 256 encryption.  Here we see that SHA512 is available.

Therefore go with the strongest hashing algorithm available in the software.

Other hashes are:


Step 5 – Multiple hashes of a single file

The MD5 hash is now consider unsafe.  Therefore we can default to using SHA1, SHA512 or even using MD5 alongside SHA1 and SHA512.  Even if an attack on an MD5 hash were successful, the SHA512 hash would not be affected.

Here we carry out 4 hashes on the readme.txt

exf -crc32 -sha1 -sha512 -md5 readme.txt


Notice how the output of the hashes are much longer for the secure hashes; in particular the SHA512 hash runs over the width of the command prompt.

exf -crc32 – sha1 -sha512 -md5 c:\steampunk\steampunk_1.jpg


All SHA hashes

exf -sha1 -sha256 -sha512 c:\steampunk\steampunk_1.jpg


Notice the increasing length of the hash.


From → Uncategorized

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: