What is hashcat mode 22000?

Mode 22000 is the unified WPA-PBKDF2-PMKID+EAPOL hash mode introduced in hashcat 6.0. It supersedes the older modes 2500 (EAPOL-only) and 16800 (PMKID-only), and accepts both kinds of material in a single file format produced by hcxpcapngtool.

How fast can my GPU crack WPA2?

Order-of-magnitude numbers on mode 22000: RTX 5090 about 4.5 MH/s, RTX 4090 about 2.6 MH/s, RTX 3090 about 1.8 MH/s, RTX 3080 about 1.4 MH/s, RTX 2080 Ti about 850 kH/s, GTX 1080 Ti about 460 kH/s. WPA2 is PBKDF2-HMAC-SHA1 with 4096 iterations, so speeds are a rounding error compared to simple hashes.

Should I use rockyou.txt alone?

Rockyou is a good smoke test but in 2026 it only hits extremely low-entropy passwords. A realistic attack stack uses a high-quality curated list like weakpass_4 or the crackstation human-passwords list, combined with rule files best64, dive, and OneRuleToRuleThemAll, plus targeted masks for phone numbers and date patterns.

Why does hashcat say no devices found?

Usually an outdated GPU driver or a mismatched CUDA/ROCm runtime. Check hashcat -I to see what the tool sees. On laptops, confirm the discrete GPU is the active device, not the integrated one. On Linux, pass --force only if you know the driver is present but hashcat fails a version check.

What does workload -w 3 mean?

The -w flag sets GPU workload profile. -w 1 is low load for shared desktops. -w 3 is high load for dedicated crack rigs. -w 4 is nightmare mode and can freeze the display. Use -w 3 for an unattended run and -w 2 if you still want the machine responsive.

GPU cracking / hands-on

Hashcat Mode 22000: Crack a WPA2 Handshake Step by Step

Hashcat mode 22000 is the modern unified format for WPA/WPA2 handshake cracking. It replaced the older mode 2500 (EAPOL) and mode 16800 (PMKID) in hashcat 6.0 and is now the only mode you need for any WiFi hash produced by a 2020-or-later capture tool. This tutorial walks through conversion, the four main attack families (dictionary, rules, mask, hybrid), realistic 2026 GPU speeds, and the command lines that work in production on a RTX 4090 or a rented cloud GPU. Every example assumes a handshake captured from a network you own or have written authorization to audit — see the aircrack-ng tutorial for the capture step.

Background: why 22000 and not 2500

Hashcat historically had two WPA modes. Mode 2500 took a binary .hccapx file containing one EAPOL 4-way handshake. Mode 16800 took a text PMKID line captured from a single associate frame. Both targeted PBKDF2-HMAC-SHA1 at 4096 iterations, but they used different input formats and could not be mixed in one job.

Mode 22000 (introduced in hashcat 6.0, early 2020) folds both into a single text line format. One file can contain PMKIDs from many networks, EAPOL pairs from many networks, and mixed captures. All modern capture tools — hcxdumptool, hcxpcapngtool, Wireshark with a converter — output 22000 directly. The old .hccapx format is legacy; for anything new, use 22000.

If you already have a .hccapx from 2019 or earlier, conversion is a one-liner — see the hccapx-to-22000 guide.

Install hashcat and hcxtools

On Kali Linux both are preinstalled. On plain Debian or Ubuntu:

sudo apt update
sudo apt install -y hashcat hcxtools

hashcat -V                # should print 6.2.6 or later
hcxpcapngtool --version   # should print 6.3.x or later

Older Ubuntu repos ship hashcat 6.1, which is fine but misses a few OpenCL fixes. For the absolute latest, download the release tarball from hashcat.net and run it in place — no install step, the binary is self-contained.

On Windows grab the ZIP from hashcat.net, unpack it, install the latest NVIDIA Game Ready driver or AMD Adrenalin, and run hashcat.exe -I to confirm the GPU shows up. AMD users need the ROCm or the official AMD OpenCL runtime; NVIDIA users need the CUDA runtime that ships with the Game Ready driver.

Convert capture to hc22000

hcxpcapngtool -o handshake.hc22000 capture-01.cap

# summary lines of interest:
# EAPOL messages (total).......: 14
# EAPOL pairs (total)..........: 3
# EAPOL pairs (best)...........: 1
# PMKID (total)................: 1
# EAPOL M1M2 ROGUE (total).....: 0

head -n 1 handshake.hc22000
# WPA*02*1a2b3c...*aabbccddeeff*112233445566*4d794 ...

One hash per network per line. The format is WPA*TYPE*PMKID-or-MIC*MAC_AP*MAC_CLIENT*ESSID*ANONCE*EAPOL*MESSAGEPAIR. TYPE 01 is PMKID-only; 02 is full EAPOL. You do not need to understand the field layout to crack; hashcat parses it internally. If you want to double-check what the file contains, paste it into the handshake analyzer.

Attack 1 — Straight dictionary

The simplest, fastest-to-start attack. Point hashcat at a wordlist and let it run:

hashcat -m 22000 handshake.hc22000 rockyou.txt -o found.txt -w 3

# -m 22000      hash mode
# rockyou.txt   14M candidates, classic but shallow
# -o found.txt  write cracked password to this file
# -w 3          workload profile 3 (high)

Rockyou is a smoke test. In 2026, the productive wordlists are:

weakpass_4.txt — ~1 billion candidates, the community's current reference for WPA.
crackstation-human-only.txt — ~60 million candidates, curated from real breaches.
hashes.org founds — deduplicated finds across all public breach cracks, top signal per byte.
10-million-password-list-top-1000000.txt — SecLists' top 1M, quick first pass.

Run them in order of expected yield per hour, smallest and best-curated first, giant-and-dirty last. A realistic stack on a 4090 finds most attackable WPA2 home networks within 6–10 hours of wall-clock time.

Attack 2 — Dictionary + rules

Rules turn one candidate into many variations. The famous best64.rule expands each word 64-fold with common mutations (appending digits, leetspeak, capitalization).

hashcat -m 22000 handshake.hc22000 rockyou.txt \
  -r /usr/share/hashcat/rules/best64.rule \
  -w 3 -o found.txt

Production rule files worth knowing:

best64.rule — shipped with hashcat, ~77 rules, good first pass.
dive.rule — shipped with hashcat, ~99k rules, much deeper but 1000x slower.
OneRuleToRuleThemAll — NotSoSecure's 52k-rule compilation, higher yield per rule than dive.
T0XlC.rule — a classic, still useful, leans on leet and case mutations.

Rule count multiplies your keyspace. On a 4090, a 14M-word list + 64-rule file = 900M candidate tests = about 6 minutes. A 14M list + 52k rule file = 700B tests = about 70 hours. Budget accordingly.

Attack 3 — Mask attack

Mask attacks enumerate every combination of a charset pattern. They excel when the password structure is known or suspected.

# 8-digit phone number / date
hashcat -m 22000 -a 3 handshake.hc22000 ?d?d?d?d?d?d?d?d -w 3

# 9-char lowercase + digits (e.g. word + 3 digits)
hashcat -m 22000 -a 3 handshake.hc22000 ?l?l?l?l?l?l?d?d?d -w 3

# mixed case 8-char alphanumeric
hashcat -m 22000 -a 3 handshake.hc22000 -i --increment-min=8 --increment-max=8 ?a?a?a?a?a?a?a?a -w 3

Charset shorthand: ?d = 0-9, ?l = a-z, ?u = A-Z, ?s = symbols, ?a = all printable.

Keyspace math matters: 8 lowercase = 208 billion candidates, about 24 hours on a 4090. 9 alphanumeric mixed-case = 13 quadrillion, not feasible. Mask attacks only win when you can constrain the structure.

WPA2 passwords must be 8–63 characters. Do not run masks shorter than 8 — they will not match the PBKDF2 input length requirement and you will burn GPU cycles for nothing.

Attack 4 — Hybrid (dict + mask or mask + dict)

Hybrid attacks combine a wordlist and a mask, appending or prepending mask-generated characters to each word.

# -a 6: wordlist + mask  (e.g., "summer" + "2024")
hashcat -m 22000 -a 6 handshake.hc22000 \
  names.txt ?d?d?d?d -w 3

# -a 7: mask + wordlist  (e.g., "2024" + "summer")
hashcat -m 22000 -a 7 handshake.hc22000 \
  ?d?d?d?d names.txt -w 3

Hybrid hits the extremely common pattern of word + year or name + phone. On real captured WPA2 corpora, hybrid with a 50k-name list + ?d?d?d?d yields a double-digit percent of finds that pure dictionary misses.

GPU benchmark numbers (mode 22000, 2026)

Run hashcat -b -m 22000 on your hardware for ground truth. Representative numbers from our rigs and public benchmarks:

GPU	Mode 22000 speed	14M-wordlist + best64	8-digit mask
RTX 5090	~4.5 MH/s	~3.5 min	~6 hours
RTX 4090	~2.6 MH/s	~6 min	~10 hours
RTX 3090	~1.8 MH/s	~9 min	~15 hours
RTX 3080	~1.4 MH/s	~12 min	~20 hours
RTX 2080 Ti	~850 kH/s	~19 min	~32 hours
GTX 1080 Ti	~460 kH/s	~35 min	~60 hours
CPU (i9-14900K)	~14 kH/s	~19 hours	~6 months

WPA2 is PBKDF2-HMAC-SHA1 with 4096 iterations. It is intentionally slow. A 4090 does 120 GH/s on NTLM but only 2.6 MH/s on WPA2 — a 46,000x gap. That gap is the reason a 12-character random WPA2 passphrase remains cryptographically safe against a single-workstation attacker.

Optimization flags worth knowing

-w 3 — workload profile. Use 3 for dedicated rigs, 2 for a desktop you still want to use.
-O — optimized kernel. On mode 22000 this is automatic; do not pass it blind, it truncates passwords to 32 chars on some hashes.
--status --status-timer=10 — progress output every 10 seconds instead of requiring you to press 's'.
--potfile-disable — do not cache finds. Useful when batching lots of jobs for different owners; you do not want cross-contamination.
--session=myname — named session, resumable with --restore --session=myname.
-d 1,2,3 — limit to specific GPUs (1-indexed), useful on multi-GPU rigs when sharing.
--hwmon-disable — skip GPU temperature polling if the driver does not support it on your card.
--slow-candidates — reorder keyspace for better ROI on small wordlist + huge rules.

Reading hashcat's live output

Session..........: hashcat
Status...........: Running
Hash.Mode........: 22000 (WPA-PBKDF2-PMKID+EAPOL)
Hash.Target......: handshake.hc22000
Time.Started.....: Mon Apr 21 14:12:04 2026 (1 min, 14 secs)
Time.Estimated...: Mon Apr 21 14:15:22 2026 (2 mins, 4 secs)
Kernel.Feature...: Pure Kernel
Guess.Base.......: File (rockyou.txt)
Guess.Mod........: Rules (best64.rule)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 2614.3 kH/s (41.88ms) @ Accel:256 Loops:1024 Thr:64 Vec:1
Recovered........: 0/1 (0.00%) Digests (total), 0/1 (0.00%) Digests (new)
Progress.........: 195559168/920459136 (21.25%)

Speed is the current effective rate. Progress is candidates tested over keyspace. Recovered is hashes cracked. Time.Estimated is wall-clock completion if the run continues uninterrupted. If Speed drops suddenly, check GPU temperatures with nvidia-smi or rocm-smi — thermal throttling halves speed.

Pot file and verifying finds

When hashcat cracks a hash it appends the plaintext to hashcat.potfile in your home directory. To list what has been cracked against the current input:

hashcat -m 22000 handshake.hc22000 --show

# output:
# WPA*02*abc...*aabbccdd*112233*MyWiFi*...*...:sunshine2024

The part after the final colon is the passphrase. Verify by connecting to the AP; a successful association is the only ground-truth test. Hashcat does report false positives extremely rarely on truncated EAPOL pairs, so one live connection confirms.

What hashcat 22000 does not crack

WPA3-SAE. No offline mode exists. The SAE handshake does not yield a verifiable transcript. See the WPA3 comparison.
WPA2-Enterprise / 802.1X. No shared PSK; credentials are per-user EAP. Attack surface is different (EAP-MD5, PEAP-MSCHAPv2), needs different hashcat modes.
Truncated captures. If hcxpcapngtool reports 0 pairs and 0 PMKIDs, there is nothing to crack — go back to the capture stage.
Networks with SSID-as-salt that you do not know. PBKDF2 uses the SSID as salt; if the capture lost it or it was cloaked, the hash becomes uncrackable.

Building a realistic attack stack

In production, nobody runs a single hashcat command and waits. The practical workflow stacks attacks from highest expected yield per hour to lowest, stopping as soon as the hash cracks. A sensible 12-hour budget on a single 4090 looks like this:

Curated small list, no rules. 10 million common passwords, 4 seconds. Catches the genuinely low-hanging fruit immediately.
Curated small list + best64. ~640M candidates, ~5 minutes. Catches common word+digits/leet mutations.
weakpass_4 curated, no rules. ~1B candidates, ~7 minutes. Wider vocabulary pass.
Top-1M list + OneRuleToRuleThemAll. ~52B candidates, ~5–6 hours. The big rule-based pass that catches most remaining human passwords.
Targeted mask: 8-digit. ~100M candidates, ~40 seconds. Phone numbers, birthdays.
Hybrid: names.txt + ?d?d?d?d. ~500M candidates, ~3 minutes. The "summer2024" pattern.
Targeted mask: ?l?l?l?l?l?l?l?l (8 lowercase). ~208B candidates, rest of the budget. Last-resort catch-all.

Steps 1–6 together are under 6 hours; if nothing hits by then, step 7 fills the remaining window. If the passphrase still has not cracked after this stack, it is likely 10+ characters with good entropy — the crack is not happening on consumer hardware and further attempts cost more than they are worth.

Reading the potfile and handling multiple hashes

Hashcat maintains a potfile at ~/.local/share/hashcat/hashcat.potfile on Linux and %APPDATA%/hashcat/hashcat.potfile on Windows. When you crack a hash it is appended there, and subsequent runs against the same hash short-circuit immediately.

Multi-hash runs are efficient on mode 22000 because PBKDF2 dominates the wall-clock cost, and the iteration work is shared across all candidates. If you have 20 hc22000 hashes in one file, cracking 20 at once on a 4090 is roughly the same speed as cracking one, because the GPU pipeline saturates on the first hash and the rest come along for free until they match.

# One run against 20 captured networks
hashcat -m 22000 all-networks.hc22000 wordlist.txt -r best64.rule -w 3

# See which were cracked
hashcat -m 22000 all-networks.hc22000 --show

# Export only the plaintext passwords
hashcat -m 22000 all-networks.hc22000 --show --outfile-format=2

The --outfile-format flag takes a number and controls what columns appear. Format 2 is plaintext-only; format 3 is hash:plaintext; default is the full hash line.

Frequently asked questions

Is cloud GPU worth it?

For one-off handshakes, yes. Vast.ai or RunPod rent an RTX 4090 at about 35 cents per hour in 2026. Ten hours of attack time for 3.50 USD is cheaper than the electricity on a desktop rig.

Can I distribute the crack across multiple machines?

Yes, with --keyspace and manual slicing, or with a distribution wrapper like hashtopolis. Hashtopolis is the practical answer for a small team; it manages queues, agents, and potfile sync.

Does turning on --optimized-kernel-enable help?

On mode 22000 in hashcat 6.2+, the optimized kernel is auto-selected when passwords fit within 32 characters. Passing -O manually has no additional effect and risks truncation on longer candidates.

My estimated time is decades, should I quit?

If the keyspace is genuinely that large (random 13+ char), yes — a motivated actor is not getting that password cheaply. If you are on a huge rule file but small wordlist, try a smaller rule file with a bigger curated list; yield per hour often doubles.

Can I resume an interrupted run?

Yes. Always start runs with --session=name. Resume with hashcat --session=name --restore. Hashcat writes .restore every few seconds so the worst case is losing a few seconds of progress.

How do I stop the GPU thermal-throttling?

Repaste the card, clean the fans, undervolt via MSI Afterburner (NVIDIA) or LACT (AMD), and keep ambient below 25 C. Hashcat does not have anti-throttle logic; you protect the hardware.

Don't have a GPU rig?

Submit the hc22000 to our GPU recovery service. We run the same hashcat pipeline against a curated attack stack on multi-GPU rigs and you pay only if found.

Recap

Mode 22000 is the only WPA hashcat mode you should be using in 2026.
Convert capture to hc22000 with hcxpcapngtool; verify pairs present.
Dictionary + rules first, mask attacks second, hybrid third.
RTX 4090 ≈ 2.6 MH/s — plan keyspace accordingly.
Always use --session for resumability.

Run only against networks you own. Benchmarks vary ±15% by driver and ambient temperature.