How to join HackTheBox challenge


Hack The Box (https://www.hackthebox.eu/) is an excellent collection of vulnerable vms, which are online to test/ hack them to upgrade the hacking skills.

To join the HTB, you need to have an invite code which needs to be entered while signing up. This invite code is not something someone will forward you. You have to generate one using your hacking skills and enter it to register to the site.

'View source' will not work, so we use developer tools and carefully going through we find a file called:
/js/inviteapi.min.js

Now go the browser and type: https://www.hackthebox.eu/js/inviteapi.min.js whose contents can be pasted to an online JavaScript interpreter but does not give any result:
But we can see makeInviteCode, which seems interesting. Let's search this in the console for this code. Executing makeInviteCode() gives a we see a data which seems to be ROT13 encoded:
Decoding it gives some instructions:
We use CURL to fire the above request, to get another Base64 encoded secret:
Decoding the above secret gives the Invite code which we were looking for, using the code we ca join HTB:
ZDEFO-IOQZA-EQSAU-FAHXC-JTPWU

Finally, the registration page appears, to complete the Sign Up:







Comments

Popular posts from this blog

SQL Injection in search field

File Upload through Null Byte Injection