wpaclean doesn't clean half-handshakes

[s0i37]

Issue type

• [ ] Defect - Unexpected behavior (obvious or confirmed in the forum)

System information

• OS Name: kali
• OS Version: rolling
• CPU: Intel(R) Core(TM) i7-8565U x64
• Wireless card and chipset (if relevant): 148f:5370

Aircrack-ng version

• Version: Aircrack-ng 1.7 rev 07a5c4dc
• Commit Revision hash: 07a5c4dc84c60fd3e1d5fc0acde817c213dc7b4c

Defect

About wpaclean said - it saves only 4-way handshakes. In other words it is valid handshakes. However wpaclean saves also and half-handshakes.

Details

When I move across physical perimeter I make deauth and online bruteforcing attacks in the same time. And because of I sends many wrong attempts I can't distinguish handshakes of real clients.

How to reproduce the issue

Just send the wrong PSK password.

[s0i37]

My pcap file has m1m2 (wrong pass) and m1m2m3(valid pass), obviously I cant brute it without cleaning:

hcxpcapngtool m1m2_m1m2m3.pcap -o eapol.txt --all
hcxhashtool -i eapol.txt --authorized -o eapol_valid.txt
hcxhash2cap --pmkid-eapol=eapol_valid.txt -c out-m1m2.cap