As mentioned on the last page of the challenge-pdf, this challenge is not a cryptographic one but a "hacking" one (nevertheless, the bug was in the implementation of a cryptographic library).
In contrast to many of the existing cryptanalysis algorithms, the real world is "messy" and by far not so straight forward. Often, there is trial-and-error involved, since an attacker can simply not know all the interna of the attacked server.
This is also the case for this challenge. In the background, there are many users trying to login – some of them with correct and some of them with wrong passwords. These are the users from MTC3, but also some automated ones. When exploiting the heartbleed bug you see all of this data, which of course can confuse an attacker. However, it is the way how a server, or more specifically the heartbleed exploit, works. With other words, the challenge is working exactly as intended and exactly as it would be on a real server.
Solving a challenge is not only about "blindly" applying tools, but also about gaining some knowledge about what kind of danger a certain weakness (here software bug, otherwise cryptographic weaknesses) poses and what exactly can or can not be done with it. Therefore, please don't judge to quickly about "wrong" challenges – all the problems you are seeing are real ones when exploiting the heartbleed bug. You should not expect, that an attacked server will serve you willingly his most secret data in a nicely formated way and also provide the answer to all questions. What can or can not be known by the attacker, solely depends on the used exploit.