Hashcat + wlangenpmkocl how to convert back to plaintext ?

[ZerBea]

Running hash mode -m 22000 you must convert the capture file to a 22000 format hash file.
Than run hashcat -m 22000 hashfile.22000 wordlist. You should use latest version of hashcat.

Also what's wrong with adding the -r RULE with hashcat?
For sure, you can use masks or add rules to hashcat - but it doesn't make sense for hash modes like 2501, 16801, 22001.

I recommend to read basic information about PBKDF2:
https://en.wikipedia.org/wiki/Pbkdf2
https://github.com/s3inlc/hashtopolis/is...-749482259
If you have a PMK only, it is impossible to recover the PSK from it.

I think, you haven't understand to procces of calculating keys on WPA:
Please read this, too:
https://www.ins1gn1a.com/understanding-w...-cracking/

Here we go again:
The PMK is always 256-bit (32 byte) at length and calculated via PMK = PBKDF2(HMAC-SHA1, preshared_password, salt=access_point_name, rounds=4096) (where PBKDF2 is password based key-derivation function 2, which in this case involves 4096 rounds of HMAC-SHA1).
It is impossible to to run a mask or rule to calculate a PMK within a human life time!
We are not talking about 3-5 days. We are talking about > 1000 years