(05-05-2019, 05:03 PM)philsmd Wrote: not possible. math must be understood and respected. things that are infeasible, are and will remain infeasible (at least for our lifetime).

as we told you already hundreds of times (at least that is how it feels, btw: I got also PMs from baba and I tried really hard to explain it in detail), PMK values are not meant to be brute forced, you do not brute-force a 32 byte (or 64 hex character) long PMK.

Please stop this nonsense. If you do not understand what PMK is and how to use it, you should either accept our help and inform yourself (and be willing to learn) and use this hash mode as it was meant to be used, or move on cracking WPA without PMK (-m 2500 for instance).

(05-06-2019, 09:03 AM)philsmd Wrote: yeah, -a 0 (dictionary attack) makes most sense with -m 2501 and -m 16801

the general approach is to use wlangenpmk (or wlangenpmkocl for OpenCL support) from https://github.com/ZerBea/hcxkeys

Again, -m 2501 and -m 16801 make only sense in some particular situations (pre-computing like rainbowtables and having a small set of essid and reusing the pre-computed keys, PMKs). You need to use the tools that you got wisely and how they are supposed to be used. brute-forcing a 32 bytes (or 64 hexadecimal character) long PMK is not how this attack works !

There could be situations where you use other attack types besides -a 0 for PMKs, but I would say they are very, very rare, e.g. if you know the PMKs are somehow generated very badly (non-random) by the system etc.... but this is not the usual case. use hcxtools (yeah, sometimes it's possible to extract some info also with that tool from the capture) or hcxkeys (wlangenpmkocl, wlangenpmk) together with the PMK modes that hashcat supports.