If you see "0 handshake" or "1 handshake (but weak)," your capture is invalid. Attackers often capture a "deauth frame" but miss the reconnection. Re-capture the handshake with better signal strength.
If you absolutely need to crack that handshake, stop using probable.txt alone. Start using rockyou.txt + OneRuleToRuleThemAll.rule (available on GitHub). You’ll have better luck.
aircrack-ng uses .cap or .hccapx . hashcat uses 22000 format (hash mode). If you converted incorrectly, the hash is malformed. Run:
Before blaming the wordlist, verify the capture.
If the output file is 0 bytes, your handshake is garbage.
probable.txt is often deduplicated and sanitized. It lacks leet-speak mutations ( password -> p@ssw0rd ) and ruleset transformations.
: Even "weak" passwords that are not part of the top 4,800 most common will be missed.
Failed to crack handshake: wordlists-probable.txt did ... - GitHub
This appends 00-99 to every word in probable.txt .