WPA2 Half Handshake (half handshake): WiFi password hacking software and attack scripts
Each Client connection (Station) to a WiFi access point is a rather complicated process of exchanging random data (generated for a particular connection) and keys. This data set is called WPA handshake. There are four elements in it that various authors call messages (messages), exchanges, or packages. Also, message 1 is usually denoted M1, message 2 is M2, message 3 is M3 and message 4 is M4.
The WiFi password is not transmitted in open form at any stage, however, the handshake contains enough information for brute-force selection of a password. As already mentioned, there should be four elements in the handshake. You can view the composition of the handshake with various tools, for example, using Wireshark , for this purpose the tool has an “ eapol ” filter:
And this is only the second and third:
In fact, to crack a WiFi password, all four elements are not required. Breaking a WPA password is possible even if some messages are missing in a handshake. Nevertheless, full handshake is preferred: it allows you to check the password in two different ways, it ensures that the client trying to connect has entered the correct password.
Read the full article @
https://kalitut.com/wpa2-half-handshake-attack/