How to Get the Hash (MD5, SHA1, SHA256, SHA512) of a File on Windows Without Installing Anything

How to Get a Checksum of a File using Windows' Built-in Programs


How to Get the Hash (MD5, SHA1, SHA256, SHA512) of a File on Windows Without Installing Anything

Sometimes, when you go to a website to download a program or some other file, the page lists a series of letters and numbers, known as a hash, for that file. For example, the site may say that the file has an MD5 hash of "d597850f62c02287cd5a6869544b3e06", an SHA1 hash of "21531996203e83575d5e61e861c147d687c57ed6" and so on. This sequence of cryptic letters and numbers, along with the file size (which should also be listed), is given so that you have the means to check that the file you downloaded is most likely the same as the one the website offered. This article shows you how you can generate the hash of a file on a Windows system using the programs already preinstalled, so that you can compare it with the official hashes listed.

What is a Hash?

You can skip to the next section if you already know what a hash is, or can't be bothered to find out more (eg, you are thinking, "Who cares what a hash is? Just give me the practical steps to take."). Note also that this is a rough explanation, intended for the layperson. If you are a programmer, and need a precise and technically accurate description, please read a programming reference instead.

For our purposes here, a hash is something like a checksum. Let's say you work at a bank, and your job is to enter a list of account numbers, together with some data about each account, into the computer system. How do you know that at the end of a long session of entering data, you have typed in everything accurately? This is especially so for things like account numbers, which have no inherent meaning (unlike normal words), and therefore are easy to get wrong.

One possible way is to use a checksum. Let's say that the account numbers use the format of "123-456-789-5", where the last digit is a checksum. The fictitious bank in this illustration uses a checksum that is calculated by adding all the earlier digits in the account number (1 to 9), resulting in a total of 45, and discarding everything in the answer except the last digit (ie, 5). If you make a mistake and enter "124-456-789-5" instead (where the third digit should be 3 instead of 4), the computer system instantly knows that you have made a mistake somewhere, since an account number beginning with the digits "124-456-789" should have a checksum of "6", but you entered "5".

Notice though that it is still possible to have an account number that is entered wrongly, but where the checksum is unable to show that error, since, in this example, we only have 10 possible checksums, 0 to 9, for the 1 billion possible account numbers. In general, checksums are often not intended to be a 100% accurate method of making sure its data is correct. They are usually meant only to be a quick and dirty way of detecting certain errors. That said, the algorithm used in this example, where we only preserve the last digit of the sum, is particularly flawed.

Hashes are similar to checksums, except that they were originally created for other purposes besides error checking. However, by design, hashes are often unique for a wide range of data (though not all possible data), unlike my lousy checksum method mentioned in the above example, so they can be useful as a quick and dirty way for us to check if the file we downloaded is most likely the same one that the author (or distributor) intended us to have.

Before You Get Overconfident about the Results

When you check a file you downloaded to see if it is genuine, that is, that it has not been tampered with nor has it been corrupted in transit, you should note the following:

How to Hash a File in Windows

Windows 7, 8, 8.1 and 10 (I'm not sure about earlier versions) have a command-line program called certutil that can generate MD2, MD4, MD5, SHA1, SHA256, SHA384 and SHA512 hashes for a file.

Note that if you are intimidated by the thought of using a command-line program, and prefer to use a program sporting a graphical user interface, where you can just click buttons and the like, you will have to install a third party (ie, non-Microsoft) program. There are a few such tools listed on the Free MD5 Checksum or Hashing Utilities page. Although the latter is focused on MD5, some of the free tools it links to also support multiple types of hashes. I will not deal with such programs here, though, since it's outside the scope of this tutorial.

  1. Copy or move your file to somewhere where you can easily access it, such as your desktop. If you are not familiar with working on the command line, copy or move the file to your desktop. This will help you with one of the steps below, since you can just use my instructions verbatim.

  2. Open a command line prompt. To do this, click the Start menu button and type "cmd" (without the quotation marks). The words "Command Prompt" should appear at the top of the menu. Click it to run it.

  3. You will see a black window with a title bar that says "Command Prompt". You will see a blinking text cursor just after words that say something like "c:\Users\christopherheng>" somewhere in the window. (The exact words will not be the same, since your Windows account name will probably be different from mine.)

  4. Now navigate to the directory or folder where you have placed your file. If you have copied the file to your desktop as I suggested, type "cd desktop" and hit the ENTER key. Otherwise, change directory by typing "cd" followed by the full path. If the previous sentence does not make sense to you (because it is filled with technical lingo), type "cd desktop" to go to your desktop, and copy your file to your desktop as I mentioned in the first step.

    You can verify that your file is indeed in your new location by typing "dir" (without the quotation marks), followed by the ENTER key. This will list all the files and folders in that directory.

  5. To get the MD5 hash for the file, type the following, followed by the ENTER key. Note that you should change "filename.exe" to your file's actual name. This must be the full filename, including the suffix (or extension). Note that you may not be able to see the real full filename in Windows Explorer or your desktop, since Windows hides it by default. If so, either force Windows to show the full name, complete with file extension, or find out the name from the "dir" listing you did above. Enclose the name inside double quotation marks, especially if your filename contains spaces. (If you are not sure, just enclose it inside double quotation marks anyway. It will do no harm.)

    certutil -hashfile "filename.exe" MD5

    The command line for the other types of hashes are:

    certutil -hashfile "filename.exe" SHA1
    certutil -hashfile "filename.exe" SHA256
    certutil -hashfile "filename.exe" SHA512

    The same pattern follows for the MD2, MD4 and SHA384 hashes, although you are unlikely to have to use those.

  6. The program certutil will print the results on the screen when it has finished processing the file. If your file is very big, and your hard disk is slow, it may take some time to run, since it has to read every single byte of the file.

  7. Compare the results with your source. Remember to compare the file size too. You can quickly get the file size from the command line (since you are already there), by typing the following (after substituting your actual file name in place of "filename.exe", of course), and hitting the ENTER key.

    dir "filename.exe"

    This gives you the actual file size in bytes, instead of the rounded up number you see in a typical Windows Explorer window.

Copyright © 2020 by Christopher Heng. All rights reserved. Get more "How To" guides and tutorials from https://www.howtohaven.com/.

This article can be found at https://www.howtohaven.com/system/how-to-hash-file-on-windows.shtml

howtohaven™ RSS Site Feed

Do you find this article useful? You can learn of new articles and scripts that are published on howtohaven.com by subscribing to the RSS feed. Simply point your RSS feed reader or a browser that supports RSS feeds at https://www.howtohaven.com/howtohaven.xml.

Please Do Not Reprint This Article

This article is copyrighted. Please do not reproduce this article in whole or part, in any form, without obtaining my written permission.

Related Pages

Newest Pages

How to Link to This Page

It will appear on your page as:

How to Get the Hash (MD5, SHA1, SHA256, SHA512) of a File on Windows Without Installing Anything


thesitewizard.com: Free Webmaster Tutorials, Scripts and Articles

thefreecountry.com: Free Programmers' Resources, Free Webmasters' Resources, Free Security Resources, Free Software

HowToHaven.com: Free How-To Guides
If you find this site useful, please link to us.