1

I've tried generating the hash value of a file that is trying to get downloaded and compared it against the list of hash values, and if there is a match then it doesn't get downloaded.Here i have manually given the details of websites url and the file that needs to be downloaded. Now i need this to be happen dynamically i.e whenever a file from any website is trying to get downloaded then its hash value should be generated and if it matches with the list of hash values available then it shouldn't get downloaded otherwise it can download.I also have idea of injecting a plugin on to the browser where this functionality is dynamically executed. But I don't know if the this workout or not.

I hope you understood my problem statement and I request you to help me in solving it.

Snehitha Gaddam
  • 11
  • 2
  • Just to be certain: you want to *blacklist* specific downloads on a file-by-file basis? This seems like an incredibly laborious process. – Johnny Apr 14 '19 at 10:11
  • 15
    You have to download the file first to calculate the hash value. And which attacks will this discourage? Hash verification is fine for verifying that you didn't get a corrupt download, but less fine for verifying attacks, unless the hashes (or file) is signed by a trusted key. – vidarlo Apr 14 '19 at 10:48
  • 3
    The definition of "downloaded" might matter here. If the data is _transferred_ but not _saved_ after checking the hash, then by some definition the download was prevented. – gowenfawr Apr 14 '19 at 14:07

1 Answers1

8

Agreed with vidarlo, this is impossible.

Ultimately, you'll need to download the file, in order to determine its hash. What you're asking is to determine the hash of a file before downloading it!

What is possible is a script that hashes each file in your downloads directory and then perform some action depending on the hash matching. The script could be scheduled to run every 10 minutes or so.

It's hard to make a recommendation, since we have no idea what it is you're trying to accomplish by blacklisting a specific file.

keithRozario
  • 3,571
  • 2
  • 12
  • 24
  • Thank you keithRazario , I totally understood your solution. This is regarding my project named Formgrabbing malware analysis. The hashing technique is one of the prevention techniques I thought of using. Here I need not actually have the file of hash values which is signed by a trusted key. I just have to present my idea for demo purpose. – Snehitha Gaddam Apr 14 '19 at 16:56
  • 2
    Executables on windows supports digital signatures. It's *very* commonly used. What will your scheme add? Who approves or disapproves files? Remember that a compiled executable is a complex beast that can behave differently dependent on the environment. – vidarlo Apr 14 '19 at 17:34
  • I also have another concern with the solution i.e a file can be downloaded in any directory , it is not that it can download in only downloads directory. So how about taking the list latest files downloaded? – Snehitha Gaddam Apr 15 '19 at 07:18