Before getting into how to get an invite code from Hack The Box, we will first begin with understanding what is Hack The Box and why it is such a popular platform for cybersecurity enthusiasts and researchers?
What is Hack The Box
Hack The Box is an online platform that allows you to test and advance your skills in the areas of Cybersecurity like Penetration Testing and Network Security. It is a platform that consists of various level of machines that needs to be hacked and get either the root flag by escalating the privilege of the machines or by other methods.
The machines here are regularly updated and simulate real-world situations/scenarios, while others are more like CTFs. Hack the box is beyond resourceful if you want to level up your cybersecurity skills, especially as a beginner.
How to get the invite code to join HackTheBox?
To even join Hack The Box, you have to hack your way in or treat it like a CTF challenge sounds intimidating? This article will take you through how to achieve the challenge mentioned. However, I highly recommend that you first try to hack yourself in(on your own) and only use this article as a guide in case you need help.
Let’s get started
Firstly, visit the official Hack The Box website on the top right you could see a join button. It will redirect you to the invite page that asks you to enter an invite code.
Now you could inspect element by the command (ctrl+shift+i) or by simply right click and inspect element it would open chrome developer tools.
Now we will see the sources tab on the chrome developer tools and see which scripts are made available to us which are used on the website.
Now visit https://www.hackthebox.eu/js/inviteapi.min.js and you will see a JS file like the one in the image below.
Now, although it is some obfuscated code it does give us some keywords and clues like “console”, “makeInviteCode” etc.
Again, we will go to the https://www.hackthebox.eu/invite to try and find the contents of makeInviteCode.
Go to the Console tab and type makeInviteCode() and then press Enter. You will get a 200 Success status and data and the encoding type as shown below:
It’s time to decode the message we have. Copy the contents of data and search online for a base64 decoder. In my case, I used CyberChef as it is pretty handy for many encryption types.
Now with this information, we have to generate a Post request which I generate with the help of cmd by typing.
curl -X POST https://www.hackthebox.eu/api/invite/generate.
Now we have the invite code but here is a catch it is again encoded but this time there is no clue with which type of encoding, but here I know it is a base 64 encoding as there is a “=” at the end of ciphertext which indicates padding which is done in base64 cipher. Usually, this ciphertext has the same encoding that was for the URL.
After decoding the ciphertext you would get the invite code now put that invite code on the invite page of Hack The Box and Voilla!! now you could register on the website by entering your details.
If you like the blog and find it useful, do share it with your friends, and in case of any query you could ask in the comment section given below.