[OSINT] Breach

Just starting a thread for the new challenge

Tagged:
«1

Comments

  • Fun challenge. Thank you greenwolf!
    You need to connect a few dots (all avaliable within the archive provided by author) in order to solve it.

    It should be easy if you solved We Have a Leak challenge.
    Also, I'm starting to get familiar with this SuperSecureStartup, might drop them my CV.

  • I'm going to be that guy and ask:
    "iS BrUtE-FoCinG ReQuRiED !?!1"
    (serious question).

    Sinfulspl0it

  • No bruteforcing.
    That was mine initial idea, but no.

  • It was easy, but i think that it need more hints in its description, if you solve "We have a leak" , it's more easy, but it's not a clearly all clues or that seemed to me, and you need to come back to twitter, thos i did it

  • I solved this challenge without even once visiting Twitter. My solution did however involve a small amount of brute forcing though, so maybe that's an unintended route.

    Xentropy
    Null | Nada- | Zip | Diddly | Zilch+

  • @Xentropy
    I would really like to know more about your bruteforcing approach.

    I don't see a BF path that wouldn't take ages.

  • Nice challenge. If you have any problem I strongly suggest do "we have a leak" first, it makes this challenge a lot easier.

    elearning

  • Type your comment> @joshibeast said:

    @Xentropy
    I would really like to know more about your bruteforcing approach.

    I don't see a BF path that wouldn't take ages.

    It's less bruteforce and more intelligent "guessing". I meant more that I did end up having to use a guessing attack in the end, even if the amount of guesses to make was relatively small.

    Xentropy
    Null | Nada- | Zip | Diddly | Zilch+

  • I did some "small" bruteforcing as well for the last step, couldn't be bothered to look up the correct information because I am fed up with that twitter page.

    I think this challenge might be a bit too easy and not different enough from the previous ones.

  • I think that I was missing a key detail but I used BF based on the info that I had

  • update... looks like I had the right info... I was just trying to dig too deep where there was nothing. if you have the right detials you should be able to guess it in a few tries.

  • Flagged! Would love a senior dev's responsibilities for junior's pay!

  • Great challenge, got stuck at some point but from there, it got a lot easier.
    I don't think bruteforcing would work anyways, just focus on the files you have and try to find information.

    v1ew-s0urce.flv
  • Is the password somehow in the txt file or in some tweet? I know who I'm looking for but I can't find anything helpful. I already worked with that txt file but it seems useless until now.

    Hack The Box

  • the actually PW is not, but the pattern is... hope that is not too much info

  • edited October 2019

    @anguzmar said:

    I did some "small" bruteforcing as well for the last step, couldn't be bothered to look up the correct information because I am fed up with that twitter page.

    Ha, not sure which of the twitter pages your talking about but i feel like at this point i know them all forwards and backwards......

  • good challenge.
    A warning to anyone using Open office: Try a different program.
    I use Open office 4.1.1 and it doesn't know what to do with the .docx file, it sent me down a deep rabbit hole before I try something else.

  • edited November 2019

    Nevermind, got it

  • very simple , just a little bit info from Twitter

    image

  • OSINT challenges are so fun. Thank you @Arrexel
    Will you do more?

    elearning

  • I'm having trouble figuring out how to use what is inside key.docx

  • I already got where to go in twitter, but I am having trouble finding the hint/pass... Can anyone provide me some kind of hint?

  • Type your comment> @xnakra said:

    I'm having trouble figuring out how to use what is inside key.docx

    Try to use something like CyberChef

  • I’ve mutated relevant passwords with the pattern and nothing. Does office2john work here?

    clubby789

    • GCIH
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments). And remember to +respect me if I helped you ; )
  • i find the password with some searching twitter leaked and etc but cant open key.docx why?is it need to bruteforce similar password?i use openoffice!

  • are the bad data lines in the p****** file important? or just noise?

  • Is the password even in the breached file?

  • Hey everyone, thank you for playing Breach!

    I really appreciated reading all your positive comments and I'm glad you enjoyed the challenge!

  • I'm starting this challenge now, but i'm having problems with the password for the orginal zip file. The one in the site is not working. Checksum is ok.
    Is this the password i need to find first? Or is for another file inside the zip?

  • Type your comment

Sign In to comment.