Disclaimer: I am not a hashcat developer but I am on Team Hashcat, I am going to apologize for some corrections but they need to be made.
1) wpaclean is part of the aircrack-ng suite, it should not be used for extracting hashes from wpa traffic for use in hashcat, the format it extracts in has been superceded and any requests for support using it will be denied.
There is an alternative wlandump from hcxtools https://github.com/ZerBea/hcxtools which is supported under the most recent versions of hashcat and these tools are very specific and purpose built, other tools in the suite include:
wlandump-ng
Small, fast and simple but powerfull WLAN scanner
wlanresponse
Extreme fast deauthentication/authentication/response tool
wlanrcascan
Small, fast and simple passive WLAN channel assignment scanner (status output)
pioff
Turns Raspberry Pi off via GPIO switch
wlancapinfo
Shows info of pcap file
wlancap2hcx
Converts cap to hccapx (recommended for use with wlandump-ng and wlanresponse)
wlanhcx2cap
Converts hccapx to cap
wlanhc2hcx
Converts hccap to hccapx
wlanhcx2essid
Merges hccapx containing the same ESSID
wlanhcx2ssid
Strips BSSID, ESSID, OUI
wlanhcx2john
Converts hccapx to format expected by John the Ripper
wlanhcxinfo
Shows detailed info from contents of hccapxfile
wlanhcxmnc
Manually do nonce correction on byte number xx of a nonce
whoismac
Show vendor information
pwhash
Generate hash of a word by using a given charset
2) from your post "I generally use john. When done, if i can't see a password in the terminal because it scrolled off screen, you type "john hashfile.txt --show"
hashcat has had this support for some time with --show, also --username if you are using a dump with usernames so there is no need to use john
3) from your post "I've dabbled with hashcat, but i don't have a GPU to use with it"
Hashcat supports CPU as of 3.00 with the correct opencl libraries
4) from your post "had to use the older CPU only version, where John just seems so much faster in this respect "
hashcats opencl cpu code is multiple times faster than johns native cpu code because of algorithms are optimized on math level
5) from your post "you can pipe crunch directly into aircrack"
Crunch is a legacy processor, you really should be using hashcat-utils maskprocessor instead, its much faster. That being said you don't need to use it as hashcat has it built in with -a 3 plus its markov-chain optimized
In summary stop using legacy tools like pyrit they haven't been updated in ages and no new research is being done, the guy who is writing hcxtools is the one who pushes WPA cracking today. There's not been any improvement on wpa based attacks since a long time for aircrack-ng and pyrit and both fail to do deauth attacks cleanly (without creating invalid handshakes)
Pyrit vs hashcat. Gpu (proper logging of success/failure)
in Questions
Posted
Disclaimer: I am not a hashcat developer but I am on Team Hashcat, I am going to apologize for some corrections but they need to be made.
1) wpaclean is part of the aircrack-ng suite, it should not be used for extracting hashes from wpa traffic for use in hashcat, the format it extracts in has been superceded and any requests for support using it will be denied.
There is an alternative wlandump from hcxtools https://github.com/ZerBea/hcxtools which is supported under the most recent versions of hashcat and these tools are very specific and purpose built, other tools in the suite include:
2) from your post "I generally use john. When done, if i can't see a password in the terminal because it scrolled off screen, you type "john hashfile.txt --show"
hashcat has had this support for some time with --show, also --username if you are using a dump with usernames so there is no need to use john
3) from your post "I've dabbled with hashcat, but i don't have a GPU to use with it"
Hashcat supports CPU as of 3.00 with the correct opencl libraries
4) from your post "had to use the older CPU only version, where John just seems so much faster in this respect "
hashcats opencl cpu code is multiple times faster than johns native cpu code because of algorithms are optimized on math level
5) from your post "you can pipe crunch directly into aircrack"
Crunch is a legacy processor, you really should be using hashcat-utils maskprocessor instead, its much faster. That being said you don't need to use it as hashcat has it built in with -a 3 plus its markov-chain optimized
In summary stop using legacy tools like pyrit they haven't been updated in ages and no new research is being done, the guy who is writing hcxtools is the one who pushes WPA cracking today. There's not been any improvement on wpa based attacks since a long time for aircrack-ng and pyrit and both fail to do deauth attacks cleanly (without creating invalid handshakes)
For some good reading:
WPA Cracking with hashcat
https://hashcat.net/forum/thread-6150.html
New parameter: --nonce-error-corrections
https://hashcat.net/forum/thread-6361.html
hashcat v3.00 release notes
https://hashcat.net/forum/thread-5559.html
For anything else please visit the hashcat forums, wiki and IRC channel