Hi hulley.
I'm not shure if it's a wondeful work. It's a hard work for the tool to reduce overhead from a hccapx file.
And its much, much more than comparing only mac_sta, mac_ap and ESSID or messagepair.
I failed epically to reduce this overhead (on a hccapx), so I decided to implement this in hcxpcaptool (and that needed a complete rewrite).
Some words about --nonce-error-corrections
hcxpcaptool doesn't correct the nonce (like hashcat it does - hashcat can do this much better).
Using --nonce-error-corrections reduces the overhead, because only handshakes up to this value
are converted. If you decide to convert up to a value of 256 you will get more handshakes (on crappy reception),
but you need also the same value in hashcat to recover the password from them.
In this case the price tag is speed drop!
I'm not shure if it's a wondeful work. It's a hard work for the tool to reduce overhead from a hccapx file.
And its much, much more than comparing only mac_sta, mac_ap and ESSID or messagepair.
I failed epically to reduce this overhead (on a hccapx), so I decided to implement this in hcxpcaptool (and that needed a complete rewrite).
Some words about --nonce-error-corrections
hcxpcaptool doesn't correct the nonce (like hashcat it does - hashcat can do this much better).
Using --nonce-error-corrections reduces the overhead, because only handshakes up to this value
are converted. If you decide to convert up to a value of 256 you will get more handshakes (on crappy reception),
but you need also the same value in hashcat to recover the password from them.
In this case the price tag is speed drop!