What is it?
Hashing is a method of determining the equivalence of two chunks of data. A cryptographic hash function is an irreversible function that generates a unique string for any set of data. Examples of these data could be files, strings, streams, and any other items that can be represented in binary format.
You’ve probably seen a hash string on the downloads page of some of your favorite tools, packages, or libraries. For example, Kali Linux has one for each of its releases. But why is that?
This is to ensure that the original file on their server is the same as the one that you’ve downloaded. For example, the SHA-256 hash of the Kali ISO is below.
If you download the file, you should hash your local copy. If the resulting hash is equivalent to the one found on their website, you can rest assured that the file has not been tampered with during the download and that you have the same, correct file.
Wait…but how do you hash stuff?
Excellent question. Let’s get technical! I’m assuming you have Python 2 installed, by the way.
1- Let’s import the library we need.
import hashlib as hash
2- Now let’s choose our hashing algorithm. For more information on their differences, check this out.
sha = hash.sha256()
3- We’re basically set up, now we’ll go ahead test the function on a string.
# Insert the string we want to hash
# Print the hexadecimal format of the binary hash we just created
Awesome, there’s a SHA-256 hash of the string “Hello World!”. Now we’ll prove that the hash is different for similar data.
# Note the missing '!'
It’s totally different.
4- Now that we know that our function works, let’s try it on a file
# WARNING: Do NOT do this with large files.
# For large files, see the snippet here -> https://gist.github.com/aunyks/042c2798383f016939c40aa1be4f4aaf
with open('kali.iso', 'rb') as kali_file:
file_buffer = kali_file.read()
There we go. You’ve got some pretty good knowledge of hashing now. So, go. Go on! Secure the integrity of your data and hash all the things!