我一直在尝试添加另一个命令并将其输出以显示 SHA1 和 SHA256。还检查文件是否使用 Get-AuthenticodeSignature 进行签名,但似乎无法弄清楚。
Get-ChildItem C:\ -Recurse -File -Force -ea SilentlyContinue -ev errs | % { Get-FileHash $_.Fullname -Algorithm MD5 } | Select-Object Hash,Path,@{Name='Name';Expression={[System.IO.Path]::GetFileName($_.Path)}} | Out-File C:\$env:COMPUTERNAME.csv -Encoding UTF8 -Force
示例是。
Column1 Column2 Column3 Column4 Column5
MD5 SHA1 SHA256 Sign/Unsigned Path
最佳答案
你想要做的事情将需要大量时间来执行,所以我建议不要在整个C:\驱动器上尝试,而是一步一步来..
为了加快每个文件所需的 3 个不同的文件哈希值,我建议将文件作为字节数组读取,并计算这些字节的哈希值,这将节省一遍又一遍地读取同一文件的时间。
类似这样的事情:
# create the 3 different hasher objects
$md5Hasher = [System.Security.Cryptography.MD5]::Create()
$sha1Hasher = [System.Security.Cryptography.SHA1]::Create()
$sha256Hasher = [System.Security.Cryptography.SHA256]::Create()
# Loop through the files in the root path
Get-ChildItem -Path 'C:\SomePath' -File -Recurse -Force -ErrorAction SilentlyContinue |
ForEach-Object {
# read the content of the file as byte array only once
$bytes = [System.IO.File]::ReadAllBytes($_.FullName)
# output an object with all properties you need
[PsCustomObject]@{
MD5 = ($md5Hasher.ComputeHash($bytes) | ForEach-Object { '{0:X2}' -f $_ }) -join ''
SHA1 = ($sha1Hasher.ComputeHash($bytes) | ForEach-Object { '{0:X2}' -f $_ }) -join ''
SHA256 = ($sha256Hasher.ComputeHash($bytes) | ForEach-Object { '{0:X2}' -f $_ }) -join ''
Signed = (Get-AuthenticodeSignature -Content $bytes -SourcePathorExtension $_.FullName).Status
Path = $_.FullName
}
} | Export-Csv -Path "D:\Test\$env:COMPUTERNAME.csv" -Encoding UTF8 -NoTypeInformation
# clean op the hasher objects when done
$md5Hasher.Dispose()
$sha1Hasher.Dispose()
$sha256Hasher.Dispose()
关于powershell - 将 SHA1 和 SHA256 添加到此命令和输出。此外,如果文件已签名或未签名,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/63534572/