PowerShell Get-FileHash

PowerShell – Get File Hash

Two years ago I wrote a blog post how you can get the MD5 File Hash per Windows command line by downloading the File Checksum Integrity Verifier. With the latest release of PowerShell, PowerShell v4, Microsoft included a new cmdlet. Get-FileHash allows you to get file hashes and different algorithms.

Get-FileHash computes the hash value for a file by using a specified hash algorithm. A hash value is a unique
value that corresponds to the content of the file. Rather than identifying the contents of a file by its file
name, extension, or other designation, a hash assigns a unique value to the contents of a file. File names and
extensions can be changed without altering the content of the file, and without changing the hash value.
Similarly, the file’s content can be changed without changing the name or extension. However, changing even a
single character in the contents of a file changes the hash value of the file.

The purpose of hash values is to provide a cryptographically-secure way to verify that the contents of a file have
not been changed. While some hash algorithms, including MD5 and SHA1, are no longer considered secure against
attack, the goal of a secure hash algorithm is to render it impossible to change the contents of a file—either by
accident, or by malicious or unauthorized attempt—and maintain the same hash value. You can also use hash values
to determine if two different files have exactly the same content. If the hash values of two files are identical,
the contents of the files are also identical.

By default, the Get-FileHash cmdlet uses the SHA256 algorithm, although any hash algorithm that is supported by
the target operating system can be used.