Previous Post: Hash a directory with md5deep.
On a previous post I discussed how md5deep can be used to hash an entire directory recursively and output the results to a single file for later verification. Now I will demonstrate how to verify the integrity of an entire directory using the output file, md5deep will only output those file(s) that failed the integrity check/hash matching process.
Explain…
In this example I have a directory by the name of Pictures with 40 items and a list containing hashes for all 40 items(list.txt).
I have deliberately modified three of the items in the directory(img_0597.jpg, img_0605.jpg, img_0616.jpg), this will cause the hashes to change and no longer match against the list. In the real world this would be a reason to be alert.
The Command
This is the command I will run against the directory to check for any changes.
md5deep -X list.txt -r Pictures/
- -X Display failed hashes
- -r Recursive operation
After the command is issued md5deep outputs the name,hash, and location of the files that failed to match the list.
C:\Users\Luis\Desktop>md5deep -X list.txt -r Pictures/ 51cc62f3df770577e5a3029c3e4fed69 C:\Users\Luis\Desktop\Pictures\img_0597.jpg 8cca8037d8584535e28a6b9c82eac8d8 C:\Users\Luis\Desktop\Pictures\img_0605.jpg dad7ddfb6fc0d7ab9a73e0937b8fb290 C:\Users\Luis\Desktop\Pictures\img_0616.jpg
You can output the failed results to a text file for later review by adding > failed_hashes.txt to the command.
md5deep -X list.txt -r Pictures/ > failed_hashes.txt
Md5deep is a powerful tool that administrators can take advantage of to ensure data integrity, hopefully this tutorial highlighted its value.
Loading ...
Hi. I'm Luis Ventura, IT student and author of this blog.
Thanks for your post. This was exactly the right information I was looking for, and “just enough” for me to do what I needed.