[OSINT] Breach

Just starting a thread for the new challenge

Fun challenge. Thank you greenwolf!
You need to connect a few dots (all avaliable within the archive provided by author) in order to solve it.

It should be easy if you solved We Have a Leak challenge.
Also, I’m starting to get familiar with this SuperSecureStartup, might drop them my CV.

I’m going to be that guy and ask:
“iS BrUtE-FoCinG ReQuRiED !?!1”
(serious question).

No bruteforcing.
That was mine initial idea, but no.

It was easy, but i think that it need more hints in its description, if you solve “We have a leak” , it’s more easy, but it’s not a clearly all clues or that seemed to me, and you need to come back to twitter, thos i did it

I solved this challenge without even once visiting Twitter. My solution did however involve a small amount of brute forcing though, so maybe that’s an unintended route.

@Xentropy
I would really like to know more about your bruteforcing approach.

I don’t see a BF path that wouldn’t take ages.

Nice challenge. If you have any problem I strongly suggest do “we have a leak” first, it makes this challenge a lot easier.

Type your comment> @joshibeast said:

@Xentropy
I would really like to know more about your bruteforcing approach.

I don’t see a BF path that wouldn’t take ages.

It’s less bruteforce and more intelligent “guessing”. I meant more that I did end up having to use a guessing attack in the end, even if the amount of guesses to make was relatively small.

I did some “small” bruteforcing as well for the last step, couldn’t be bothered to look up the correct information because I am fed up with that twitter page.

I think this challenge might be a bit too easy and not different enough from the previous ones.

I think that I was missing a key detail but I used BF based on the info that I had

update… looks like I had the right info… I was just trying to dig too deep where there was nothing. if you have the right detials you should be able to guess it in a few tries.

Flagged! Would love a senior dev’s responsibilities for junior’s pay!

Great challenge, got stuck at some point but from there, it got a lot easier.
I don’t think bruteforcing would work anyways, just focus on the files you have and try to find information.

Is the password somehow in the txt file or in some tweet? I know who I’m looking for but I can’t find anything helpful. I already worked with that txt file but it seems useless until now.

the actually PW is not, but the pattern is… hope that is not too much info

@anguzmar said:

I did some “small” bruteforcing as well for the last step, couldn’t be bothered to look up the correct information because I am fed up with that twitter page.

Ha, not sure which of the twitter pages your talking about but i feel like at this point i know them all forwards and backwards…

good challenge.
A warning to anyone using Open office: Try a different program.
I use Open office 4.1.1 and it doesn’t know what to do with the .docx file, it sent me down a deep rabbit hole before I try something else.

Nevermind, got it

very simple , just a little bit info from Twitter