When copying files from the Internet, especially ISO files, it is a best practice to validate the checksum to guarantee that the data was not changed in transit or even at the source. If the match provided by the vendor is the same that you have on your computer, then you are in an excellent place to start deploying software. Let us do a simple example. I will be using my MSDN website to download the Windows Server 2016. We are going to check the checksum of such file and the algorithm being used (sha1) -- and this is a way that you can validate media files.
I’ve created a simple PowerShell script to validate media files downloaded from the Internet. The script requires two parameters, which are filename and checksum, and by default, the script uses the SHA1 algorithm. We can change the algorithm using the -algorithm switch.
Here is an example of Windows Server 2016 where the checksum matches.
Here is an example of the same file when the checksum does not match.
You can download the script I used to validate media files from my GitHub account here.
More PowerShell Basics articles
- Reading text files with PowerShell and Linux bash shell
- How malicious PowerShell scripts evade detection
- Building PowerShell hash tables
- Reading a Windows INI file into PowerShell
- PowerShell errors are easy to suppress — but should you?