I may need a bit of help on this. I think I have what I need on twitter, but I am kinda stuck what to do now. Are the passwords in the breach data the right ones? I would appreciate any help or hints.
@BlindIdiotGod said:
I may need a bit of help on this. I think I have what I need on twitter, but I am kinda stuck what to do now. Are the passwords in the breach data the right ones? I would appreciate any help or hints.
Hi, Everything is in the files provided. look close at the passwords. Anything “non random” ???
Maybe i’m just struggling to find the right ones? I don’t want to put out spoilers in case I am on the right track, but I found a specific email whose password seems like it should be what I am looking for, but I can’t work out what that pattern would be.
@Maiden
oops wrong forum. I completed this one. :-/
This took me a lot less now that I’m familiar with this company from ‘We Have A Leak’ … remember that she’s quite a seasonal password fan 
…
… i think I found the details I was looking in a more unconventional way by breaking up the word file in it’s more ‘raw’ state and found useful information in one of the resulting files.
Fun little challenge. I recommend doing “We have a leak” first 
Hey, i got some passwords to try but whenever i try and open Key.doc it keeps telling me “Could not open Key.docx Archive Type not Supported” Anyone able to help
Easy challenge, specially if you at least started the previous one (“We Have a Leak”)
I love OSINT challenges, hope they will aprove new ones soon, maybe in a month? 
Hey guys! I managed to find the password for the key.docx document, but I’m not sure what to do with the output. Could you give me nudge in the right direction?
@notseelan said:
Hey guys! I managed to find the password for the key.docx document, but I’m not sure what to do with the output. Could you give me nudge in the right direction?
Never mind, just got it. Fun challenge!
Type your comment> @z3nn said:
This took me a lot less now that I’m familiar with this company from ‘We Have A Leak’ … remember that she’s quite a seasonal password fan
… i think I found the details I was looking in a more unconventional way by breaking up the word file in it’s more ‘raw’ state and found useful information in one of the resulting files.
if you solve the we have a leak, this is the best hint ever, with this hint it takes 1 min thanks a lot respect given
I like it so Much … there are some rabbit holes, but guessing is the Magic here.
Thank you @greenwolf I have enjoy my time and learn something
Someone help me on this challenge
I’m just not understanding these :neutral:
I got to the password.zip in “we have a leak” - no idea where to go with that.
Someone mentioned completing BREACH helped them with “we have a leak”, so here I am… But again, no clue as to what I’m supposed to be looking at.
I feel like you have to think a certain way in order to solve these - and that’s what I’m also learning while doing these…how to think ■■■■
But yeah, I’m so lost with this…
It is a pretty nice challenge and I definitly learned something new about passwords
PM me for a nudge
got it, feel free to PM me
Anybody else have problems with Office2john? I ran that and built a quick and small wordlist based on the pattern I saw. For some reason, john and hashcat both failed to properly recover the password, despite it being in the list. I ended up just guessing it manually, but I would have like to see it worked via automation.
Hey guys, I feel a bit dumb, but… I cannot open the file related to the challenge (Login :: Hack The Box :: Penetration Testing Labs). The usual “hackthebox” password doesn’t seem to work. May you please confirm that it should work instead (i.e. this is not the password that I am supposed to go hunting for)?
I was able to get the ssh key, but not sure what to do next.
Type your comment> @fab13770 said:
Hey guys, I feel a bit dumb, but… I cannot open the file related to the challenge (Login :: Hack The Box :: Penetration Testing Labs). The usual “hackthebox” password doesn’t seem to work. May you please confirm that it should work instead (i.e. this is not the password that I am supposed to go hunting for)?
Same issue here and I am certain that I opened it once before. I can not open the breach.zip file using the htb password provided. Is this on purpose or is something broken?