hi good day and welcome to my first walkthough on the HTB series today in this hack the box guide we are going to learn how to get the invite code on HTB as we all know you can’t simply just register a account and hack away
What is Hack The Box :
It is basically an online platform to test and advance your skills in penetration testing and cyber security. It contains several challenges that are constantly updated. Some of them simulating real world scenarios and some of them leaning more towards a CTF style of challenge. You should try this site out if you have interest in network security or information security.
SPOLIER ALERT!!!!
please try to get it your self before just coming here and using this guide after all practice makes perfect correct?
before we even start the invite code is actually inside the website so if you dont know HTML then please consider learning the basics a good site to learn from is here https://www.w3schools.com
great guide for learning HTML anyway back to it
Getting to hackthebox
simply go to this site https://www.hackthebox.eu
and you will see this
please dont worry the UXTERM in the top corner was me updating my parrot os
scroll down and you will see a link that says https://www.hackthebox.eu/invite
once you click on that you will get a nice little message saying invite code
here is where the fun begins PS you dont need linux for this you can simply gain the code on BOTH WINDOWS AND LINUX!!!
Start of hack the box guide
right you have 2 options here simply press F12 button or Ctrl+Shift+I to open the dev tool bar something that looks like this
please note i am using firefox yours will appear different if you are using a different browser but either way that box at the bottom will always look the same
click on the Elements tab and you will find a script with source as: /js/inviteapi.min.js
as you can see the makeinvitecode
makeinvitecode hmm this looks interesting so let’s quickly open a new tab and go to https://www.hackthebox.eu/invite (yes opening a new tab will make your life easier trust me!)
so in the new tab we got the big green face smiling at us again simply re open Dev tools and type in makeInviteCode() (or copy and paste this if it is easier for yourself)
please note yours may be different from that one in the picture (yes they are arseholes for that!)
when you click the small arrow alongside data, you will see the encoding type to be Base64
as we all know Base64 is encrypted data and the quickest way for this to be decrypted is by using a well known site https://www.base64decode.org/
once on that site quickly copy and paste the Base64 encrypted string in to the box below like this
as you can see it tells us what it says once it has been decrypted and well gives us the next step!
so in order for us to generate an invite code we need to make something called a POST request to https://www.hackthebox.eu/api/invite/generate
so assuming your using some kind of linux quickly open terminal and type in curl -XPOST https://www.hackthebox.eu/api/invite/generate
and you will end up with something like this
you can do the exact same thing on windows just simply open DOS and type in the same thing ( THANKYOU LAUGHING MAN FOR DESKTOP PIC!!!)
as you can see we sent a XPOST to HTB and it worked!
as you saw we code a code but this is not our invite code as it format encoded! so basically that means we are screwed! haha quick away around that simply head back to https://www.base64decode.org/
copy and paste the code we managed to get as seen in screen shot above in to the text box and boom!!! you got your invite code
simple as that you are now ready for Hack The Box but please be careful as once your actually in there and you start a game there is safety meassures you need to take as dont forget that is where all the hackers are just sitting there on those machines waiting to hack you as well as the actual CTF.
So as the saying goes if u dont want a STI wrap something on the end of it well same goes for this site trust me i know from expericence you can simply just hack your way though the actual CTF and then u can also gain root access to as many pc’s as you want back in the day it was called chain hacking where basically you start with one pc and end up hacking about 40 systems in the one go lol.
They do advise you use there vpn it should give you a sha code please verify it as you dont know if some one has it back doored if your unsure please use a paid VPN something like nordvpn etc or if you want a trial version VPN contact me on here or discord as you know i go by the name darkgrumpyoldman or simply drop me a comment and i will gladly sort out a vpn for you
until next time have fun and please be safe!!!!
dark
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.