How does the WPA2 crack work with Hashcat 22000 format hash lines?
I'm trying to understand the format and functionality of WPA2 hash lines that start with WPA*02* used with -m 22000 on hashcat.
The way I understand it, this format was created as an improvement and replacement to the .hccapx file format, and should thus contain the exact same data elements. However, when comparing it, I noted that when compared to the Hashcat wiki: https://hashcat.net/wiki/doku.php?id=hccapx for hccapx files, it is notably missing the nonce_sta field that is present in .hccapx files.
My question is, how does cracking a hash with such a hash line work without the nonce_sta field? What exactly does the EAPOL field contain?
Given a WPA*02* hash line, and its correct password, could you show me through each step of how to verify that that password is in fact the correct password from that hash line?
Thank you!
