Greetings The first topic of me in this ancient Forum Here's a better password checker that tries to guess the password in a certain order. I found that the random guess ones would never do anything more than 3-4 characters because random guesses are never guaranteed to touch all the guesses. This is a sequential password guesser, it needs to know the length of the target password. Maybe someone can add on variable length passwords. All you have to do is adjust the fingerprint size and reset it to all zeros. it can guess "foo" as the password in 6 seconds on 1.7Ghz athlon (bogomips: 3504) <?php set_time_limit(0); $_GET['password'] = $argv[1]; $_GET['length'] = @$argv[2]; function randomkeys($length) { $pattern = "1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ"; $pattern .= "abcdefghijklmnopqrstuvwxyz"; $key = $pattern{rand(0,61)}; for($i=1;$i<$length;$i++) { $key .= $pattern{rand(0,61)}; } return $key; } function getpwguess($length, &$fingerprint) { static $allchars = array( '1','2','3','4','5','6','7','8','9','0', 'a','b','c','d', 'e','f','g','h','i','j', 'k','l','m','n', 'o','p','q','r','s','t','u','v', 'w','x','y','z','A','B','C', 'D','E','F','G','H','I','J','K','L', 'M','N','O','P','Q','R','S','T', 'U','V','W','X','Y','Z'); $guess = array(); $next = false; foreach ($fingerprint as $index => $fing) { if ($next == true) { $fingerprint[$index]++; $fing++; $next = false; } if ($fing == 62) { $fingerprint[$index] = 0; $fing = 0; $next = true; $guess[] = $allchars[$fing]; continue; } $guess[] = $allchars[$fing]; } $fingerprint[0]++; return implode('',$guess); } if (isset($_GET['password'])){ $password = $_GET['password']; $password_length = strlen($password); } else { $password_length = 3; if (isset($_GET['length'])){ $password_length = $_GET['length'];} $password = randomkeys($password_length); } echo "Password is: $password \n"; $password = md5($password); $attempts = 0; $start = microtime(true); $guess = ''; $fingerprint = array(); for ($x=0; $x < $password_length; $x++) { $fingerprint[$x] = 0; } while ($password != $guess){ $rndm = getpwguess($password_length,$fingerprint); $guess = md5($rndm); $attempts++; //echo "tried $rndm... (skipping 100)\r\n"; if ($attempts % 1000 ==0 ) { echo "tried $rndm... (skipping 1000)\r\n"; } //if the last bucket is 62, then we've tried them all if ($fingerprint[ ($password_length-1)] == 62) { echo "Tried every combination, maybe password isn't ".$password_length." chars long?\n"; //here is where you would increase password length, re-init fingerprint array // if you didn't know the target length. } } $end = microtime(true); $time = $end-$start; echo "Password guessed ('".$rndm."') correctly after $attempts attempts and $time seconds"; ?> PHP: This code was modified from other people work. I'm not certain what kind of license it's under, I would vote for BSD.