Home

Welcome to AllCheckSumer Wiki!

AllCheckSumer is a handy tool for computer forensics and is helpful for investigators to search throughout a computer’s file system for a bad hash specified by the investigator. The tool will search throughout a location, specified by the investigator. It can be either an entire file system or a specific folder, and create a hash set with the following file signature algorithms: MD5 (Message-Digest Algorithm v. 5), SHA-1 (Secure Hash Algorithm v. 1), and CRC (Cyclic Redundancy Check).

In general, the tool was developed under the CentOS operating system using both Bash and AWK. However, there are four distinct tools that does perform differently for different platforms, and it is of the following:
• AllCheckSumer Basic Analysis for Linux
• AllCheckSumer Basic Analysis for Mac OS X

AllCheckSumer (ACS) does have a feature of comparing and matching between two sets of hashes. The investigator can put in a list of bad hashes in a specific file and run the AllCheckSumer tool (with the specific option of –m) to compare the bad hashes (in a file filled out by the investigator) against the recorded hashes (by the tool). At the end, the investigator will be able to see which file that does contain the bad hash with the file’s absolute path.
In conclusion, we do believe this tool, AllCheckSumer, will be handy for most investigators who want to hash any file in any specific locations and to match the hash set against a bad hash set listed by anybody. There are several tools out there that are similar to AllCheckSumer. We do feel that our tool are slightly different because our tool do have the ability to calculate and record a file with three different hash algorithms, and the ability to search and match a bad hash set against the recorded hash set created by the tool.