Well I have to say that I didn't break this one by social engineering, but instead I have *bruteforced* it. Well it was really a dictionary attack.
In my opinion, the password is a little dum.. I mean it's not really something that one would use as a password.
And a question: [hint] Is the password changing?
If you are tired of "Please make your question more specific"
or tired of asking your *best friend* what's his name, or where he lives or other st**id questions that you would normally never ask your best friend (if he's your best friend, then you already know when is his birthday, or what age he is, or what's his name)
Then my advice to you is the following
Start this one as a social engineering challenge. Ask questions, write down the answers, also write down what you already know about the person.
After that, with all the info you have, create a dictionary file, and then, create the application to crack this one's password
That's it, it should take you a short time, as the dictionary file you can create in about 5 minutes, the application in about 5 to 10 also and then you should break the password in a few minutes.
The SE challenge is not that difficult if you see the hints from the HBHBot and other threads. You have to keep in mind that this mission isn't being powered by some kind of AI chatbot, so the only way you can arrive at your answers is by exhaustively probing possibilities. But the likely possibilities are not numerous. You really do not require a brute force style attack for this.
still, it's a bitch. i don't like the weird syntax of the questions. Do they really need to be so damned specific? social engineering is like an art form, there's no single way to go about it, it's all about subtle manipulation, no two people are going to do it the same way.
it's like saying that you have an argument that will beat anything. So long as there are words, it is not [and never will be] infallible.