WPA/WPA2 half-handshake?
#1
Does oclHashcat support using only EAPOL packets 1 and 2?

After the first 2 packets of the handshake are sent, which contain the anonce and snonce, one should be able to run the handshake to retrieve the PSK, yes?

Wireshark indicates both packets are in the capture, aircrack-ng tells me I have a valid handshake, it writes the hccap, which is successfully loaded into oclhc, yet it never yields the password, though it is in the dictionary.

Anybody know why?
#2
Packets 1 + 2 and a beacon yields passwords for me. 1+2 is logon and 3+4 verifies validity in theory.
#3
After I captured a cap file with airmon-ng(and it say 4 way handshake) , i check with wireshark the eapol packets and i got two Eapol saying 2/4 message, 2/4 message.
I use hashcat converter to hccap file and they give me the file, no problem.

I thought we were suppose to have 4 eapol 1/1 , 1/2 , 1/3 , 1/4(in wireshark) to have a successful handshake ?