03-31-2017, 11:07 PM
(This post was last modified: 03-31-2017, 11:12 PM by burrito.
Edit Reason: additional info
)
(03-31-2017, 11:55 AM)magnum Wrote: A captured handshake can be "validated" (it includes all 4 states, showing the password was correct) or not (meaning you just may have captured someone using the wrong password). Not sure whether hashcat shows it to you.
Also, there's obviously a chance the password was changed between the capture and your login attempt.
You hit the nail on the head - I had forced a handshake capture by trying to join the network myself and typing in a possible idea. I realized this must be the problem because on one of them the "discovered" password was a word I knew I typed in to force a handshake.
The password attempt that I made was mistakenly found as the correct password.
I didn't realize that was going to be a problem - guess you have to have a real client on the network and not fake it yourself.
PS - I had validated all of them before turning into hccapx with cowpatty to try to cut down on bad captures