The idea is simple..

1. extract Uhaha's challenge file using your favorite Uha Extractor (in this case we're using uharc) with bruteforce technique using first 100 rockyou wordlists
2. extract the content of Uhaha extracted from previouse step using "Step 1"
3. repeat until you extracted the flag

write simple python script ftw

```import os
import subprocess

wl = ['123456', '12345', '123456789', 'password', 'iloveyou', 'princess', '1234567', 'rockyou',
'12345678', 'abc123', 'nicole', 'daniel', 'babygirl', 'monkey', 'lovely', 'jessica',
'654321', 'michael', 'ashley', 'qwerty', '111111', 'iloveu', '000000', 'michelle',
'tigger', 'sunshine', 'chocolate', 'password1', 'soccer', 'anthony', 'friends',
'butterfly', 'purple', 'angel', 'jordan', 'liverpool', 'justin', 'loveme', 'fuckyou',
'123123', 'football', 'secret', 'andrea', 'carlos', 'jennifer', 'joshua', 'bubbles',
'1234567890', 'superman', 'hannah', 'amanda', 'loveyou', 'pretty', 'basketball', 'andrew',
'angels', 'tweety', 'flower', 'playboy', 'hello', 'elizabeth', 'hottie', 'tinkerbell',
'charlie', 'samantha', 'barbie', 'chelsea', 'lovers', 'teamo', 'jasmine', 'brandon',
'666666', 'shadow', 'melissa', 'eminem', 'matthew', 'robert', 'danielle', 'forever',
'family', 'jonathan', '987654321', 'computer', 'whatever', 'dragon', 'vanessa', 'cookie',
'naruto', 'summer', 'sweety', 'spongebo', 'joseph', 'junior', 'softball', 'taylor',
'yellow', 'daniela', 'lauren', 'mickey', 'princesa']

def test(passwd, f):
out = subprocess.run(['uharc', 'e', f'-pw{passwd}', f], stdout=subprocess.PIPE)
return out.stdout

c = 0
while True:
for i in wl:
print(f'[Trying] : {i}')
cname = f'uhaha-{c}.uha'
res = test(i, cname)
if b'ERROR' not in res:
print(f'[Found] : {i}')
c += 1
os.rename('uhaha', f'uhaha-{c}.uha')
print(res)
break
```

got the flag after repeating 50 times