AaronTheRabbit
Reputation: 185
How to find specific file when given md5 Hash
Our server has been flagged as being part of a botnet, and we've been given the md5 hash values of the supposedly bad files.
All the examples and suggestions I've read don't quite match what I need. All I'm looking for is how to find this specific file based on the md5 hash we've been given.
Do I need to generate an md5 hash for each file on the computer and then compare it, or is there some easier way to search for this? If not, how would I go about this?
Upvotes: 3
Views: 7773
Answers (1)
pennywise
Reputation: 149
You can use find
find /var/www -type f -exec md5sum {} + | grep '^md5sum_given'
Replace /var/www with the directory you want to scan, you can also scan root with /,but this might be very time and resource heavy, depending on your system.
Upvotes: 4
Related Questions
- Only get hash value using md5sum (without filename)
- How to find the MD5 hash of a file?
- MD5 check of copied files given their original hash and second directory where they were copied
- md5sum of file in Linux C
- MD5 Hash Brute Force java
- Finding md5 of files recursively in directory in python
- MD5 hash of a file in ABAP
- Comparing the content of a file using MD5 in JAVA
- Checking MD5 of a file
- Generating a MD5 Hash from a file