HACK THE BOX
making an account for hack the box
what is hack the box?
Hack the box is a platform that provides different Pen-Testing Labs with different categories where you can use your skill to retrieve the hidden flag and solve the problem (basically a CTF).
Since hack the box is a Pen-Testing lab, making an account requires basic knowledge about web applications. Here are the steps to make an account for hack the box.
go to the website https://www.hackthebox.eu/
You will see,
Continue with the individuals button that redirects you to, https://www.hackthebox.eu/individuals
scroll down until you find the Join button as shown in the image
Clicking the join button redirects you again to https://www.hackthebox.eu/invite
now you will see that the website asks you for an invite code as shown in the image
Now is where you might have no idea, you can see that it says
“Feel free to hack your way in :)”
How to hack your way in?
now, I will provide you with a solution for getting your own invite code.
First, Inspect the website (i.e. go to the inspect element)
you will get
now go to the Sources tab, you will get
now, you can find the js folder there, expand the folder and you will get
Hmmm, there is a JS file called inviteapi.min.js which seems like that it might contain some stuff
the source for the js seems to be at: https://www.hackthebox.eu/js/inviteapi.min.js
Visiting the url you can see,
here looking through the code, you can find different function in which makeInviteCode is one of them.
Go to the console tab in inspect element, you can see
now, scroll down and type in as shown in the figure
you will get a code in data and seems like its encrypted as BASE64
then go to https://gchq.github.io/CyberChef/ which is one of the best debugging platform.
Copy your base64 code and paste it in the website selecting the From base64 option
put you base64 in input and get the output as in the figure
now, use curl in the terminal to go the site /api/invite/generate with POST method as shown in the figure,
sending the request, you will get your code,
now copy the code and decrypt the value again using the same process like we did before and you will get,(its in BASE64)
Copy the code in the output and place it in the invite,
use the invite code in the box that was prompted at the beginning,
you will get
Congratulations, all you need to do is scroll down and fill in the form
here you go now you can register and do the CTFs and challenges in the machine, I recommend you to go through all the stuffs in the beginning so you dont get hacked by your fellow members XD.