NEW: We have a Discord server now. Click here to go there now!

NOTE: Why not use our List Manager to crack your lists? Its easy and enables better management.

NOTE: When cracking WPA/WPA2 passwords, make sure you check first incase it's already been processed.

Home - Wireless Cracking - wpaclean filters 2 of 4 messages

2 Results - Page 1 of 1 -
Author Message

Status: n/a
Joined: Thu, 07 Apr 2016
Posts: 4
Reputation: 0 Reputation
Thu, 07 Apr 2016 @ 13:21:45

Hi guys,

I have some handshakes that I wanted to clean.

1. Question:

Using wpaclean it only gives out 2 messages in my "cleaned" file, but when I look into the original cap file in wireshark there are 4 messages.
What is correct now? Do I only need 2 messages?
Is there a reason why wpaclean only filters the first two?

2. Question:

Is this correct when manually cleaning my .cap file with wireshark?..

Step 1: filter by "(eapol || wlan.fc.type_subtype == 0x08)"
Step 2: I get several Bracon frames from different SSIDs and the EAPOL Messages. Now I choose the beacon with the right SSID and all 4 messages, mark them and save them in a new file.

Anything I miss?

3. Question:

Analyzing the handshake with pyrit tells me "HMAC_SHA1_AES, bad, spread 1".
What exactly does that mean? Is this handshake useless?

UPDATE: I manually cleaned the cap file with all 4 messages and analyzing it with pyrit now results in "good, spread 1" I guess that should be it
Best regards


Status: Member
Joined: Fri, 03 Apr 2015
Posts: 169
Reputation: 212 Reputation
Sat, 21 May 2016 @ 19:59:51

I believe that only 2 messages are actually necessary. Namely message 1 and message 2.

I will usually look at the original .cap in wireshark using eapol as my filter.
If the original .cap contains all messages 1-4, then I feel fairly certain it was a good handshake.

Then you can using wpaclean to reduce the size of the original .cap
Lastly, I will convert the .cap to .hccap

4x R9 280x Windforce - BTC 1JGDEge8inRr877KYkrj97uTjZsC6Tz29C

2 Results - Page 1 of 1 -

We have a total of 216234 messages in 26436 topics.
We have a total of 23311 registered users.
Our newest registered member is sch1z0.