Any passwords or hashs that you fine should be documented here. Include steps on how you were able to obtain them from your target: