SEC401 - Data Security Technologies
Lab 4.1 - Hashing and Cryptographic Validation
Solo, Lab
Focus: Cryptography
Level: SEC401
Date: Apr 2026
Artifacts: Sanitized terminal screenshots of sha256sum, GPG key generation, detached signatures, signature verification (good and bad), and exiftool metadata review
TL;DR
- •Proved SHA-256 is content-based by renaming a file (hash unchanged) vs. editing one byte (hash diverged)
- •Generated an RSA 3072-bit GPG key, signed a file, imported a third-party public key
- •Caught a tampered Bankruptcy.docx via a BAD signature, then verified a clean backup
Skills demonstrated
Note: Course-provided PCAPs and lab instructions are not shared. Only my own captures and sanitized notes are published.
Why this matters
Hashing and signing are how defenders catch silent tampering, the attacker who changes one byte of a document, contract, or binary. Without integrity checks, you have no way to tell whether a file is the one the author sent or something an intermediate actor modified. This lab is the blue-team equivalent of 'don't trust the file, verify the signature.'
Context
This lab walks through the core building blocks of cryptographic integrity, hashing, key pairs, and digital signatures, using sha256sum and GnuPG. It ends with a realistic scenario: a suspected-tampered document that fails signature verification, forcing a restore from a backup whose signature is valid.
Tools used
Steps taken
1Hash is content-based, not name-based
Created test-file.txt containing 'Hello'. Computed its SHA-256 (66a0...bb35f18), inspected the bytes with xxd (48 65 6c 6c 6f 0a = Hello\n), then renamed the file to renamed-file.txt. Re-hashed: the digest was identical. Hashes are computed over file contents, not metadata.
$ echo "Hello" > test-file.txt && sha256sum test-file.txt && xxd test-file.txt && mv test-file.txt renamed-file.txt && sha256sum renamed-file.txtecho "Hello" > filewrite 6 bytes (Hello\n) to a filesha256sumcompute SHA-256 digestxxdhex + ASCII dumpmvrename without changing contents2One-byte change, completely different hash
Used sed to change every H to h in place (a single-byte change: 0x48 → 0x68). Re-hashed: the digest went from 66a0...bb35f18 to 5891...6be03, no resemblance to the original. This is the avalanche property of SHA-256: small input changes produce massive output changes.
$ sed -i 's/H/h/g' renamed-file.txt && sha256sum renamed-file.txtsed -iedit file in place's/H/h/g'substitute H with h, globally3Generate an RSA 3072 GPG key
Ran the interactive key generation wizard. Chose RSA and RSA (1), 3072-bit keysize, no expiration, identity sec401 <sec401@sans.org>. GPG generated primary signing/certification (SC) key and an encryption (E) subkey. Entropy-gathering prompt appeared twice because two primes needed to be generated.
$ gpg --full-generate-key--full-generate-keyfull interactive key generation (vs. quick-generate)4Inspect the keyring
Listed public and secret keys. pub rsa3072 2026-04-13 [SC] with fingerprint A2B39B421129567517A5ECEA9B00C9116C092134, trust [ultimate] because it's our own key, plus a matching [E] encryption subkey. The secret-keys listing shows the same fingerprint under 'sec' confirming we hold the private half.
$ gpg --list-keys && gpg --list-secret-keys5Sign a file with a detached ASCII-armored signature
Produced an external .asc signature for renamed-file.txt. Detached sigs are the pattern used for release artifacts: ship the file and the .asc alongside each other. Verified locally and GPG reported 'Good signature from sec401' with the full fingerprint.
$ gpg --sign --armor --output renamed-file.txt.asc --detach-sig renamed-file.txt && gpg --verify renamed-file.txt.asc--signsign--armorASCII-armored output (.asc, not binary .sig)--detach-sigsignature in a separate file6Import a third-party public key
Imported Madison Jeffries's public key from the lab backup directory. Post-import, --list-keys shows two pubkeys: our own at [ultimate] trust and Jeffries's (D200...BD90, rsa4096) at [unknown] trust, which is the correct default, GPG doesn't extend trust just because you imported a key.
$ gpg --import /sec401/labs/4.1/backup/backup-jeffries... && gpg --list-keys7BAD signature: tamper detected
Verified a signed Bankruptcy.docx from mounted media. GPG reported 'BAD signature from Madison Jeffries'. Either the document or the signature file has been altered since it was signed. In a real workflow this is the point where you stop reading the file and escalate.
$ gpg --verify /media/sec401/CDROM/Bankruptcy.docx.asc8Surface metadata with exiftool
Pulled metadata off Bankruptcy.docx. ExifTool reported standard DOCX internals plus Application: Microsoft Office Word, Pages: 2, Total Edit Time: 2982555.3 days, an obviously bogus value that on its own is a tampering indicator. Metadata review complements the cryptographic signal: even without a signature, the edit-time field alone warrants investigation.
$ exiftool /media/sec401/CDROM/Bankruptcy.docx9Restore from backup, re-verify
Copied the signature backup to the lab folder. First verify attempt passed the .docx instead of the .asc (GPG rejected with 'no valid OpenPGP data found'). Re-ran against the .asc and GPG confirmed 'Good signature from Madison Jeffries' with a GPG WARNING that the key is not certified with a trusted signature, expected, because we haven't signed Jeffries's key with our own to extend trust.
$ cp /media/sec401/CDROM/Bankruptcy.docx.asc /sec401/labs/4.1/backup/ && gpg --verify /sec401/labs/4.1/backup/Bankruptcy.docx.ascKey findings
Outcome / Lessons learned
Walked the full integrity chain: hash-based validation for fast change detection, asymmetric signing for authenticity, and a realistic scenario where a tampered document is caught by a BAD signature and the incident resolves by restoring from a signed backup.
In production I'd pin critical vendor public keys in configuration (not just the keyring), establish a web-of-trust or use a keyserver with signed keys, automate verification in CI/CD for any artifact download (release binaries, firmware, scripts), and log verification failures to SIEM so a single BAD signature raises an incident ticket rather than getting retried silently.
Security controls relevant
- File integrity monitoring (hash-based)
- Code and document signing (GPG, Sigstore, cosign)
- Artifact verification in CI/CD pipelines
- Key management and rotation (HSMs, hardware keys)
- Trust model enforcement (--trusted-key, --trust-model)
- Metadata-based tamper indicators (exiftool, oletools)
What I took away from this
The rename vs. sed demo is the cleanest way to internalize what a hash actually is. Most junior analysts can recite 'SHA-256 is a digest' without ever seeing that renaming a file preserves the hash while changing a single ASCII character obliterates it. Once you've watched 66a0...bb35f18 become 5891...6be03 because of a one-byte swap, you stop confusing filename with content integrity.
Signing is where most teams fall down operationally. Generating a key is trivial. Distributing the public key, training every consumer to verify before using, and keeping the private key somewhere that survives laptop loss, that's the actual work. In a production rollout I'd pair GPG with a hardware key (YubiKey in OpenPGP mode) so the private key never sits on disk, and I'd automate verification so humans aren't the last line of defense.
The Bankruptcy.docx scenario is a good teaching moment for two reasons. First, the cryptographic signal (BAD signature) is binary and unambiguous, either the file is the one Jeffries signed or it isn't. Second, the exiftool follow-up shows why you don't rely on any single indicator: metadata, signatures, and hashes each catch different things. In a real investigation, you'd combine all three with a chain-of-custody log before you made a call about authenticity.