Don't rely on generic lists. Use a more comprehensive dictionary or a specialized one.
If you are using , you have to specify the hash mode (usually -m 22000 for WPA/WPA2 or older modes like -m 2500 ). If you force the tool to read the handshake as a different type of hash, it may fail to process the lines in the wordlist correctly, resulting in a "zero candidates" scenario. Don't rely on generic lists
Now that we know the password isn't in the default list, it's time to bring out the big guns. Here is the escalation path for cracking difficult handshakes. If you force the tool to read the
If Aircrack-ng succeeds with a wordlist but John fails (or vice versa) using the same wordlist and capture file, you're encountering a known interoperability issue. Some users report that John has more trouble with passwords of 9 characters or longer, while Aircrack-ng remains reliable across all lengths. If Aircrack-ng succeeds with a wordlist but John
This generates 8-character passwords starting with the word "password" and ending in a symbol.