Ok, I'm just experimenting, making a PHP MD5 Brute Forcer to crack MD5 encoded passwords which were originally dictionary words.
Ok, this is what I have been doing:
<?php
$dictionary = fopen("dictionary.txt", "r");
$filesize = filesize("dictionary.txt");
$scan_dictionary = fread($dictionary, $filesize);
fclose($dictionary);
$getwords = explode("\n", $scan_dictionary);
$word = "test";
for($key = 0; ; $key++)
{
if($getwords[$key] == $word)
{
echo("Match Found! The Password is: $getwords[$key]");
break;
}
elseif($key > 300248)
{
break;
}
}
?>
As far as I know when I "explode" the dictionary file it inserts all the words in to an array ($getwords). I've tested this with "print_r()", and it displays everything as a normal array should appear using "print_r()".
However, when I execute this script, there is no result. And the word "test" is in the dictionary file.
I am certain that my method works, as I have tested it with a prototype:
<?php
$array = array(1, 2, 3, 4);
for($x = 0; ; $x++)
{
if ($array[$x] == 2)
{
echo("Match Found!");
break;
}
elseif ($x > 4)
{
break;
}
A match is found when this script is run.
Is there a limit to how big an array can be, or how many times a loop can run, coz there's no dissimilarities between these two scripts, yet one runs perfectly, and the other returns no result.
The reason why I don't just use if(in_array) is because to match the words against the MD5 hash, the script will first have to encrypt each individual dictionary word, but I am not at that stage yet, and while testing, this problem occurred. However, if someone could tell me a method of encoding every word in the array, and then putting it back into an array, so it can be read with "in_array()", that would be very useful.
I would be grateful if someone could shed some light on this!
Thanks in Advance!
