TechEarl

How to Crack a WPA/WPA2 Wi-Fi Password with Hashcat

How to recover your own WPA/WPA2 Wi-Fi password: capture the handshake or PMKID, convert it to the hashcat 22000 format, and crack it with a wordlist. I cover the full toolchain, realistic expectations for this slow hash, and why WPA3 resists the whole approach. Lab use only. Tested on hashcat 7.1.2.

Ishan Karunaratne⏱️ 7 min readUpdated
Share thisCopied
Capture the handshake or PMKID with hcxdumptool, convert with hcxpcapngtool, crack with hashcat -m 22000 and a wordlist, realistic expectations, and why WPA3 changes the game.

Cracking a WPA/WPA2 Wi-Fi password is an offline attack against a captured handshake, and it is the standard way to audit the strength of your own network's passphrase. You grab a handshake or PMKID off the air, convert it to a hash, and try passwords against it with hashcat. The good news for defenders is that WPA2 is a deliberately slow hash, and the 802.11 minimum of eight characters means a decent passphrase holds up. This is the full toolchain, tested on hashcat 7.1.2.

TL;DR

WPA/WPA2 is hashcat mode -m 22000 (the modern format that unifies both PMKID and EAPOL handshake captures). The workflow is three steps: capture a handshake or PMKID with hcxdumptool (needs a wireless adapter that supports monitor mode), convert it with hcxpcapngtool -o handshake.hc22000 capture.pcapng, then crack with hashcat -m 22000 handshake.hc22000 wordlist.txt. WPA2 is a slow hash (PBKDF2 with 4096 iterations), so you use a wordlist of eight-plus-character candidates, never brute force. A strong passphrase is effectively uncrackable, and WPA3 resists this attack entirely.

How WPA2 cracking works

When a device joins a WPA2 network, it performs a four-way handshake with the access point. That handshake contains enough material to verify a passphrase guess offline, without ever talking to the network again. Modern access points also leak a PMKID that serves the same purpose and is often capturable without waiting for a client to connect.

So the attack is: capture that material once, then guess passphrases against it on your own hardware as fast as the slow hash allows. No further contact with the network is needed, which is exactly why a weak Wi-Fi password is a real risk and a strong one is not.

Step 1: capture the handshake or PMKID

This is the one step that needs hardware: a wireless adapter that supports monitor mode. The current tool is hcxdumptool (part of the hcx toolchain), which captures handshakes and PMKIDs to a .pcapng file:

bash
# Put the adapter in monitor mode and capture to a pcapng
sudo hcxdumptool -i wlan0 -w capture.pcapng

You either wait for a device to (re)connect, producing an EAPOL handshake, or capture a PMKID directly from the access point. This runs on Linux with a compatible adapter; a cloud server or a VM with no wireless hardware cannot do this step.

Step 2: convert to the hashcat 22000 format

hashcat does not read .pcapng directly. hcxpcapngtool (from hcxtools) converts the capture into the -m 22000 hash format:

bash
hcxpcapngtool -o handshake.hc22000 capture.pcapng

The resulting .hc22000 file contains one line per captured network, in the unified WPA format. A line looks like this (a PMKID example, the format hashcat documents for mode 22000):

text
WPA*01*4d4fe7aac3a2cecab195321ceb99a7d0*fc690c158264*f4747f87f9f4*686173686361742d6573736964***

The 01 marks a PMKID; 02 marks an EAPOL handshake. The trailing fields are the AP MAC, client MAC, and the SSID in hex.

Step 3: crack it

Point hashcat at the .hc22000 file with a wordlist. Here is a real crack of the official hashcat 22000 example (SSID hashcat-essid, passphrase hashcat!):

bash
hashcat -m 22000 -a 0 handshake.hc22000 wordlist.txt
text
Status...........: Cracked
Hash.Mode........: 22000 (WPA-PBKDF2-PMKID+EAPOL)
Speed.#02........:       15 H/s
Recovered........: 1/1 (100.00%) Digests
...:hashcat!

Note the 15 hashes per second on a laptop. WPA2 is a slow hash, by design. On a high-end GPU that climbs to the order of a million per second, but that is still glacial next to MD5's billions, which is the whole reason a sensible Wi-Fi passphrase survives. For per-GPU numbers, see the hashcat benchmark deep dive.

Wordlists for Wi-Fi (mind the 8-character minimum)

WPA/WPA2 passphrases are at least eight characters by the 802.11 standard, so any candidate shorter than eight is wasted. Filter your wordlist accordingly:

bash
# Keep only candidates of length 8 or more
awk 'length>=8' rockyou.txt > rockyou-wifi.txt
hashcat -m 22000 -a 0 handshake.hc22000 rockyou-wifi.txt -r rules/best66.rule

Wi-Fi passwords skew toward memorable phrases, names, and number patterns, so a good wordlist plus rules is the high-yield attack. A targeted mask helps for known router-default formats (some ISPs ship predictable patterns), but a genuinely random passphrase is out of reach.

Realistic expectations, and WPA3

Because WPA2 is slow and the passphrase is at least eight characters, the outcome is decided by passphrase quality:

  • A common phrase, a dictionary word with digits, or an ISP default pattern: crackable, sometimes quickly.
  • A long, random passphrase (a few random words, or 12-plus mixed characters): effectively uncrackable. The keyspace times the slow hash is too much.

WPA3 changes the game. Its SAE handshake (Dragonfly) is designed to resist exactly this offline dictionary attack, you cannot capture a handshake and grind passphrases against it the way you can with WPA2. The defensive takeaway is simple: use a long passphrase, and move to WPA3 where you can.

Where to go next

Sources

Authoritative references this article was fact-checked against.

Tagswpa2wifihashcatmode 22000hcxtoolspassword cracking

Found this useful? Pass it on.

Copied

Ishan Karunaratne

Software Systems Architect · Senior Software Engineer · Engineering Leadership

Software systems architect and senior software engineer with more than two decades designing, building, and running production software, Linux systems, and DevOps infrastructure, and lately working AI into the stack. Now a CTO, though what I write here is drawn from the full arc of that work, across architecture, engineering, and operations, not any single job.

More by IshanLinkedIn
Keep reading

Related posts

Why MD5 falls in seconds, the optimal hashcat attack (-m 0), salted MD5 variants, the truth about MD5 decrypt sites, and why no app should store passwords as MD5.
Security

How to Crack an MD5 Hash with Hashcat

MD5 is the easy case: fast, unsalted, and broken for passwords, which makes it the perfect place to learn cracking. I cover the hashcat command, salted MD5 variants, why MD5 decrypt sites are not what they claim, and why MD5 has no business storing a password. Tested on hashcat 7.1.2.

Where Windows NTLM hashes come from, why they fall fast, the optimal hashcat attack (-m 1000), realistic crack times on modern GPUs, and how NTLM differs from NetNTLMv2.
Security

How to Crack NTLM Hashes with Hashcat

NTLM is the hash behind Windows and Active Directory passwords, and it is fast and unsalted, which is why a password audit cracks weak ones in seconds. I cover the hashcat command, where the hashes come from, realistic crack times, and the NetNTLMv2 distinction. Tested on hashcat 7.1.2.