It would save the time to create a hash, but the more passwords you created the more often your algorithm will end up creating useless passwords over and over until it finds one that isn't already used. Also: the memory that you need to hold the already generated passwords will increase a lot.

There is no benefit of having randomly generated passwords compared to generate in order.
The amount of steps or time that it takes will be the same. In both cases you need luck to get the answer early.

I think the idea has been born...so I will generate a lot of passwords during this process.


Passwords that I will store in list are useless trash but why not make wordlist from that passwords!


Most wordlists I saw are well ...made of words but the wordlist I would made from this would be made totally random characters!
Maybe I could make more advanced cracker that would have different modes:
1.regular bruteforce
2.dictionary attack
3.random bruteforce with extra options(checking if passwords are already tried&wordlist generator)


Of course I wouldn't store passwords during process but on exit.


Am I overcomplicating?Is this good idea?


   

My suggestion is that you get basic skills in mathematics (stochastic to be more specific), because then you would realize instantly that this approach is worse than bruteforcing.

Let's just assume the hash was made off of an 8 char password.
And let's assume you are randomly creating 8 char strings for cracking (which is an optimal case for you, because you usually don't know the length) using a range of 94 different characters (what is the default of your script if I am not mistaken).

The probability to get the password right for one try is:
(1 / 94)^8 = 1.6405.. × 10^-16

The expected number of trials until you solve the hash is:
1 / ((1 / 94)^8) = 94^8
= 6095689385410816

Doing the same by bruteforcing will take a maximum of 94^8 trials until you have it for sure.
Whereas the same value is just the number of expected trials for random passwords and it is not sure that you ever get the password this way.

well as d4rkcat sais it's really more usefull for learning than everything else
.I was frustrated that I can't crack one hash(I tried bruteforcing and online databases).
So I was thinking like this:


it's not in online databases so why bothering downloading  15 gb wordlist that contain same words as the database(correct me if i'm wrong).
with bruteforce attack i am going to get password but it will take a lot of time I tried that aniway.
Then I started bruteforce attack with Cain.After few days hash still wasn't cracked.


If password was like 20 characters everything will be useless as it will take thousands of years to crack it.


My original idea was not totally random bruteforce like this but to bruteforce different ranges instead of going in order(like if you choose minimum 10 and maximum 15 one part of the time it will bruteforce one range and other part of time different range).


Main problem of this script is that same password will be tried multiple time


Will checking if password is tried(let's say check from the list) save some time in cracking or it will do the opposite?


So is :
     time to check if password is tried<time to hash the string and compare it to the inputed hash
     or
     time to check if password is tried>time to hash the string and compare it to the inputed hash
     ?


I know this is pretty useless script(except for learning) that's why I said in comments that you should use it as your last option.

Hi !
I already posted this on other forum but I thought it would be good to share it here to.

So think about this scenario:
    You really need to crack one hash but it's not in online databases.
    Dictionary attack was unsuccessful.
    You tried bruteforce attack but after you bruteforce range 1-8 it could take years to crack it so you gave up from bruteforcing.

So I made this random bruteforcer in python:http://pastebin.com/0KQtFLVu
It tries random passwords in given range.
At this moment it supports only md5 but I may add supports for other algorithams.

If you find any bug or you have advice about making it faster/better please post.