What is Hack The Box?

Hack The Box is an online platform that allows you to test your penetration testing skills and exchange ideas and methodologies with other Members who have similar interests.

Hack The Box contains some constantly updated challenges. The challenge simulates real-world scenarios and some of these challenges are more inclined towards the Capture The Flag (CTF) Challenge style.
Getting the Invite Code

To register on Hack the Box required an invite code.

The Invite code is obtained from completing the challenge on the registration page. This challenge is used to test your knowledge in Web hacking and your understanding of PHP and JavaScript.

But if you have given up, you can follow this article on how to get the invite code Hack the Box (HTB).

Just go ahead and check out the steps:

First, when the Invite Code page appears, we try to do the Inspect Element. When the source view, there is an interesting thing, that is/js/inviteapi.min.js.

Secondly, if we try to open www.hackthebox.eu/js/inviteapi.min.js, it will appear as follows:

To be more neat, we try to open using beautifier.io and then copy and paste the contents of the file, later will appear as follows:

Third, from the results above, there is an interesting JavaScript function, namely makeInviteCode (). We try to run the function in the Web Console (when opening the inspect element, go to the Console tab), as follows:

Fourth, there is data and the enctype information, next we try to decode the data from the ROT13 the Enctype Web cryptii.com. His results are as follows:

Fifth, from the decode result above, there is a information that we have to create a POST request to/api/invite/generate to generate the invite code. To do so we can use curl as follows or use the Burp suite.

Curl-XPOST https://www.hackthebox.eu/api/invite/generate

And the result is as follows:

Sixth, there is data code again, which after I find out it is a format from Base64, we will decode again using cryptii.com, as follows:

Seventh, from the decode result above, we try to insert into the Invite code form from HackTheBox. When you try it appears, look like this:

yeaaahhhhh!!!!!, Congratulations you got through the test and now you can create a HackTheBox account.

3/5 (2 Reviews)

LEAVE A REPLY

Please enter your comment!
Please enter your name here