[OSINT] Breach

Do not bruteforce, examine closely everything you are given :slight_smile:

Office2john gets me a hash which I can get a pass from the breach file but it does not work…I can’t find any other info in the files anybody got a hint?

Type your comment> @WarrenVos said:

Office2john gets me a hash which I can get a pass from the breach file but it does not work…I can’t find any other info in the files anybody got a hint?

You don’t need any tools to complete the challenge.

Type your comment> @Hellburpp said:

Type your comment> @WarrenVos said:

Office2john gets me a hash which I can get a pass from the breach file but it does not work…I can’t find any other info in the files anybody got a hint?

You don’t need any tools to complete the challenge.

I’ve searched through all the files, xml etc but can’t seem to see/find anything…I can only find 1 name but nothing else

Type your comment> @WarrenVos said:

Type your comment> @Hellburpp said:

Type your comment> @WarrenVos said:

Office2john gets me a hash which I can get a pass from the breach file but it does not work…I can’t find any other info in the files anybody got a hint?

You don’t need any tools to complete the challenge.

I’ve searched through all the files, xml etc but can’t seem to see/find anything…I can only find 1 name but nothing else

did you also try to search their company name and the name that you found on the internet?

Type your comment> @Hellburpp said:

Type your comment> @WarrenVos said:

Type your comment> @Hellburpp said:

Type your comment> @WarrenVos said:

Office2john gets me a hash which I can get a pass from the breach file but it does not work…I can’t find any other info in the files anybody got a hint?

You don’t need any tools to complete the challenge.

I’ve searched through all the files, xml etc but can’t seem to see/find anything…I can only find 1 name but nothing else

did you also try to search their company name and the name that you found on the internet?

I did…tried the 6 passwords from the file but nothing…tried all words I could find for the person on twitter and nothing…not sure what I’m missing :frowning:

Type your comment> @WarrenVos said:

Type your comment> @Hellburpp said:

Type your comment> @WarrenVos said:

Type your comment> @Hellburpp said:

Type your comment> @WarrenVos said:

Office2john gets me a hash which I can get a pass from the breach file but it does not work…I can’t find any other info in the files anybody got a hint?

You don’t need any tools to complete the challenge.

I’ve searched through all the files, xml etc but can’t seem to see/find anything…I can only find 1 name but nothing else

did you also try to search their company name and the name that you found on the internet?

I did…tried the 6 passwords from the file but nothing…tried all words I could find for the person on twitter and nothing…not sure what I’m missing :frowning:

I’ll DM

What do you do after you unlock the key.docx? I have the SSH key for root, but not sure what else to do?

Can you not open the .docx on kali? I have several passwords, and I’m pretty sure one of them is correct, but they all fail. Do I literally need to get a free trial of microsoft word to open this? I’m trying with libreoffice.

Got the password pretty quick but unsure what to do with the private key now. First attempt and pretty noobie so all help welcome.

I may need a bit of help on this. I think I have what I need on twitter, but I am kinda stuck what to do now. Are the passwords in the breach data the right ones? I would appreciate any help or hints.

@BlindIdiotGod said:
I may need a bit of help on this. I think I have what I need on twitter, but I am kinda stuck what to do now. Are the passwords in the breach data the right ones? I would appreciate any help or hints.

Hi, Everything is in the files provided. look close at the passwords. Anything “non random” ???

Maybe i’m just struggling to find the right ones? I don’t want to put out spoilers in case I am on the right track, but I found a specific email whose password seems like it should be what I am looking for, but I can’t work out what that pattern would be.
@Maiden

oops wrong forum. I completed this one. :-/

This took me a lot less now that I’m familiar with this company from ‘We Have A Leak’ … remember that she’s quite a seasonal password fan :smiley:

… i think I found the details I was looking in a more unconventional way by breaking up the word file in it’s more ‘raw’ state and found useful information in one of the resulting files.

Fun little challenge. I recommend doing “We have a leak” first :slight_smile:

Hey, i got some passwords to try but whenever i try and open Key.doc it keeps telling me “Could not open Key.docx Archive Type not Supported” Anyone able to help

Easy challenge, specially if you at least started the previous one (“We Have a Leak”)

I love OSINT challenges, hope they will aprove new ones soon, maybe in a month? :wink:

Hey guys! I managed to find the password for the key.docx document, but I’m not sure what to do with the output. Could you give me nudge in the right direction?

@notseelan said:

Hey guys! I managed to find the password for the key.docx document, but I’m not sure what to do with the output. Could you give me nudge in the right direction?

Never mind, just got it. Fun challenge!