Aim

Complete this hashing practical to determine if the data has been modified or the data integrity is still intact.
At each stage, minimize the application between hashes, but do not close it fully.
To Start. Google and download WinMD5Free. Then install it.

Hash Exercise – (Please note your hash values may differ from those shown below.)

Ensure you have completed the following tasks:
a. Install WinMD5 software
b. Create a folder on your desktop called “Move data to here folder”
c. Create a text file called Data.txt, insert the text ‘Today is Monday’, then save it.

Please carry out the following instructions:

  • Launch WinMD5.exe.
  • Press the ‘Browse’ button and then find the Data.txt file. It should provide a hash value that is similar to that shown below:

    Right-click and copy the value from “Current file MD5 checksum value” to the line to the right of the verify button that states “paste its original md5 value to verify”.
    Paste a copy into Notepad as a backup. See the diagram below:
  • Drag the Data.txt file to the “Move data to here” folder, then go to the MD5 hash software and browse to the Data.txt file in the new location. Press “Verify”.
    The values should be the same as shown below:

    The values should match as you have not tampered with the data.
  • Open the Data.txt file and change one of the characters. Press “Save”.
    Next, press the “Browse” button and take a new hash of the data.
  • Note that the hash value has changed. This is because you altered the data and it lost its integrity. This means that the file has been tampered with since the hash was taken.

Lab Review

An administrator downloads a file and then discovers that it contains a virus. The hash values are as follows:
Prior to download: 60cbbcb9a3bbdd4532bbf41c467eb2f5
After download: 60cbbcb9a3bbdd4532bbf41c467eb2f5
Q: What can be concluded from this?
A: The data has got integrity as the hash values match. This is known as a collision.

Exam Tip

The exam has many questions relating to hashes. Just look at the last three digits from the right-hand side to determine whether they match. In this lab review question, the last three digits are 2f5. Focussing on just these final three digits saves time in the exam.

Check out the book CompTIA Security+: SY0-601 Certification Guide to help you pass on the first attempt.