On Fri, Dec 31, 2010 at 2:02 AM, Peter Lind peter.e.l...@gmail.com wrote:
On Dec 31, 2010 6:20 AM, Tommy Pham tommy...@gmail.com wrote:
Hi folks,
With the recent thread about password security, I wrote a small quick
script to generate a random or all possible passwords based on certain
parameters for a brute force use. On a very long running execution for a
complex password in length with full use of the keys (94 characters),
including upper case, the script seems to consumes more memory (shown in
Windows task manager) as time progress. Below are snippets from the
script
file that does the workload:
while (!$this-isMax())
{
for ($b = 0; $b = $this-pwdLength; $b++)
{
if ($this-counter[$b] $this-max)
{
$this-pwd[$b] =
$this-charList[$this-counter[$b]];
$this-counter[$b]++;
break;
}
else
{
$this-counter[$b] = 1;
$this-pwd[$b] = $this-charList[0];
}
}
}
private function isMax()
{
for ($a = $this-pwdLength-1; $a=0; $a--)
{
if ($this-counter[$a] $this-max) return false;
}
return true;
}
Could someone please tell me why the above code consumes additional memory
as time progress for the execution of the while loop? Researching PHP GC
on
google didn't shed light on problem. Generating all possible combinations
for 20 length with 94 possibilities each, the script easily consumes more
than 1GB RAM in few minutes. BTW, gc_enabled() reports on.
Thanks,
Tommy
Are you storing or throwing away the passwords? Also, lots of code is
missing from that post, no idea if you've got a memory leak in the rest of
the code
Regards
Peter
Hi Peter,
Thanks for the reply. After I sent the e-mail last night, I did a
little debugging. As it turns out, xdebug was the culprit. I gotta
remember to disable xdebug while coding... Anyway, here's the full
code. Anyone is welcome to use it.
$timeStart = microtime(true);
//set_time_limit(0);
ini_set('max_execution_time', 0);
ini_set('memory_limit', -1);
class PwdGen
{
const ALPHA_LOWER = 'abcdefghijklmnopqrstuvwxyz';
const ALPHA_UPPER = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
const NUMERIC = '0123456789';
const SPECIALS = '!...@#$%^*()`~-_=+[]\{}|;:\',./?';
private $chars;
private $charList;
private $max;
private $pwdLength;
private $pwdList; // array
private $pwd;
private $counter; // array
private $insertDb = false;
public function __construct($pwdLength = 8, $useUpper = true,
$useNumeric = true, $useSpecials = true, $insertDb = true, $specials =
'')
{
$this-insertDb = $insertDb;
$this-pwdLength = intval($pwdLength);
$this-chars = self::ALPHA_LOWER;
if ($useUpper) $this-chars .= self::ALPHA_UPPER;
if ($useNumeric) $this-chars .= self::NUMERIC;
if ($useSpecials) $this-chars .= empty($specials) ?
self::SPECIALS
: $specials;
}
private function init()
{
$this-charList = str_split($this-chars, 1);
$this-max = sizeof($this-charList);
$this-pwd = str_split(str_repeat($this-charList[0],
$this-pwdLength), 1);
$this-pwdList = array(); // array
$this-counter = array();
for ($a = 0; $a $this-pwdLength; $a++)
$this-counter[$a] = 1;
$this-counter[$this-pwdLength-1] = 0;
}
public function setPasswordLength($pwdLength)
{
$this-pwdLength = intval($pwdLength);
}
public function setUseChars($useUpper = true, $useNumeric = true,
$useSpecials = true, $specials = '')
{
$this-chars = self::ALPHA_LOWER;
if ($useUpper) $this-chars .= self::ALPHA_UPPER;
if ($useNumeric) $this-chars .= self::NUMERIC;
if ($useSpecials) $this-chars .= empty($specials) ?
self::SPECIALS
: $specials;
}
public function getRandom()
{
$this-init();
for ($a = 0; $a $this-pwdLength; $a++)
$this-pwd[$a] = $this-charList[rand(0, $this-max -
1)];
$pwd = implode('', $this-pwd);
$output = $this-max.': '.$this-chars.' ('.pow($this-max,
$this-pwdLength).') '.PHP_EOL.$pwd.PHP_EOL;
return $output;
}
public function getAll($continue = true)
{
$this-init();
$sql = 'INSERT INTO `password`(`guid`, `length`, `password`,
`counter`, `date_added`) VALUES (BinUUID(), '.$this-pwdLength.', ?,
?, now())';
$pwd = '';
$counter = '';
