Stefan Esser has written a great article on attacking php PRNG’s.
"PHP comes with two random number generators named rand() and
mt_rand(). The first is just a wrapper around the libc rand() function
and the second one is an implementation of the Mersenne Twister pseudo
random number generator. Both of these algorithms are seeded by a
single 32 bit dword when they are first used in a process or one of the
seeding functions srand() or mt_srand() is called.
Because of such a short seed it should be obvious to everyone that
neither rand() nor mt_rand() are random enough for cryptographic
usages. However web application programmers tend to use rand() or
mt_rand() to create cryptographic secrets like passwords, activation
keys, autologin cookies or session identifiers. In many situations this
seems secure enough, because not only a 32 bit seed needs to be guessed
but also the amount of previously generated random numbers. Therefore
bruteforcing seems impractical.
There are however several situations and conditions that make bruteforcing feasible or not required at all."
Article: http://www.suspekt.org/2008/08/17/mt_srand-and-not-so-random-numbers/
