Many exploited systems have effectively done this. A random number generator is seeded with something like "PID + timestamp + milliseconds since system startup." But all these numbers cluster in a small range, so it's practical to test all of them and figure out the seed.