Solved

Verify MD5 hash value of file using batch script under Microsoft Windows from the command line

Posted on 2010-09-09
3
6,109 Views
Last Modified: 2013-11-05
Hi all,

Here is a batch script snippet I coded this morning which allows you to verify the MD5 hash value of a given file.  I am posting this for prosperity.

The script assumes the md5 hash value is contained in a .md5 file and the naming convention appears as so:

example.zip
example.zip.md5

The .md5 file should contain only the hash value, which may or may not be enclosed in quotation marks.

Requires: Microsoft  File Checksum Integrity Verifier (FCIV)
URL: http://support.microsoft.com/kb/841290


NOTE: This solution could easily be modified to support SHA-1 hash values.
:md5
for /f %%f in ('dir "*.md5" /s/b') do (
	set file=%%f
	for /f %%a in ('type "!file!"') do (
		set md5=%%a
		set md5=!md5:"=!
		set file=!file:~,-4!
		for /f "skip=3" %%b in ('fciv "!file!"') do (
			if [!md5!]==[%%b] (
				echo PASS: !file!
				echo MD5: !md5! vs. %%b
				echo.
			) else (
				echo !!! FAIL: !file!
				echo MD5: !md5! vs. %%b
			)
		)
	)
)

Open in new window

 Also, this requires setlocal enabledelayedexpansion to be previously executed.
0
Comment
Question by:Giovanni Heward
  • 2
3 Comments
 
LVL 40

Expert Comment

by:Richard Quadling
ID: 33644801
Hi.

First of all, great script. I think EE could do some clever work with having a script repository.

A few questions/comments/ideas.

1 - Just in case there is a directory called something.md5, I would add /a-d to the dir line.

for /f %%f in ('dir "*.md5" /s/b/a-d') do (


2 - for /F will open a file without the need to TYPE it first.

for /f %%a in (!file!) do (


3 - When FCIV generates the hash, the output is the hash and the filename.

It may be useful to validate the name also. Whilst this is not always useful, knowing that the filename is different could be an issue.

0
 
LVL 14

Author Comment

by:Giovanni Heward
ID: 33647500
Thank you RQuadling!  Those are excellent suggestions!  I really appreciate the feedback.

I've attached an enlarged snippet and it seems like your the man to ask about a question I have pertaining to it.

The question I have is pertaining to variable variables...  I was trying to set a variable flag to ensure duplicate files weren't processed and couldn't figure it out so I ended up writing a temp file instead.  I'd rather use a variable and save the disk I/O.

Is there a way of doing something like this...

if not [!!file!_flag!]==[true]     (
     echo processing !file!
     set !file!_flag=true
) else (
     echo !file! already processed.
)

@echo off
:	*** this script should not be ran more frequently than 15 minute intervals from a single IP address ***
if not exist %windir%\wget.exe echo %windir%\wget.exe not found.&echo Obtain from http://gnuwin32.sourceforge.net/packages/wget.htm&goto :eof
if not exist %windir%\fciv.exe echo %windir%\fciv.exe not found.&echo Obtain from http://support.microsoft.com/kb/841290&goto :eof
if not exist %windir%\system32\findstr.exe echo %windir%\system32\findstr.exe not found.&goto :eof
if not exist cert-bundle.crt echo cert-bundle.crt not found in current folder.&goto :eof
setlocal enabledelayedexpansion
set url=http://www.snort.org/pub-bin/oinkmaster.cgi/{oink_code}
wget -t 10 http://www.snort.org/snort-rules/ -O snort-rules.html --user-agent="Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; MS-RTC LM 8; Tablet PC 2.0; .NET4.0C)"
for /f "tokens=2 delims=>" %%a in ('findstr /r /c:"\<snortrules-snapshot-....\.tar\.gz\>" snort-rules.html') do 	(
	set rule=%%a
	for /f "tokens=1 delims=<" %%b in ("!rule!") do (
		set file=%%b
		if not exist !file!.tmp (
			wget -t 10 !url!/!file!.md5 -O !file!.md5 --secure-protocol=TLSv1 --ca-certificate=cert-bundle.crt --random-wait --user-agent="Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; MS-RTC LM 8; Tablet PC 2.0; .NET4.0C)"
			for %%r in (!file!.md5) do if not %%~zr gtr 0 del !file!.md5
			wget -t 10 !url!/!file! -O !file! --secure-protocol=TLSv1 --ca-certificate=cert-bundle.crt --random-wait --user-agent="Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; MS-RTC LM 8; Tablet PC 2.0; .NET4.0C)"
			for %%r in (!file!) do if not %%~zr gtr 0 del !file!
			echo !file! processed on %date% at %time% > !file!.tmp
		)
	)
)
if exist *.tmp del *.tmp
:md5
for /f %%f in ('dir "snortrules-snapshot-????.tar.gz.md5" /s/b/a-d') do (
	set file=%%f
	for /f %%a in (!file!) do (
		set md5=%%a
		set md5=!md5:"=!
		set file=!file:~,-4!
		if exist !file! for /f "skip=3" %%b in ('fciv "!file!"') do (
			if [!md5!]==[%%b] (
				echo GOOD: !file!
				echo MD5: !md5! vs. %%b
				echo.
			) else (
				echo !!! FAIL: !file!
				echo MD5: !md5! vs. %%b
			)
		) else (
			echo !file! not found.
		)
	)
)

Open in new window

cert-bundle.crt.txt
0
 
LVL 40

Accepted Solution

by:
Richard Quadling earned 20 total points
ID: 33647608
If you remove the _!flag! bit entirely..

[2010/09/10 16:49:11] [Z:\] [\\richardquadling\scratch$ ] >SET C:\SomeFileFound=True

[2010/09/10 16:49:34] [Z:\] [\\richardquadling\scratch$ ] >SET C:\SomeFileFound
C:\SomeFileFound=True


So you can set any env var.

The chance of collision? As long as the FULL name is used, then none.
0

Featured Post

ScreenConnect 6.0 Free Trial

Want empowering updates? You're in the right place! Discover new features in ScreenConnect 6.0, based on partner feedback, to keep you business operating smoothly and optimally (the way it should be). Explore all of the extras and enhancements for yourself!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Installing trusted root certificate 12 48
copying evtx files while system is running 2 58
Problem to App source 6 40
Unable to Uninstall Visual Studio 2015 7 26
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question