Before getting into how to get an invite code from Hack The Box, we will first begin with understanding what is Hack The Box and why it is such a popular platform for cybersecurity enthusiasts and researchers?
What is Hack The Box
Hack The Box is an online platform that allows you to test and advance your skills in the areas of Cybersecurity like Penetration Testing and Network Security. It is a platform that consists of various level of machines that needs to be hacked and get either the root flag by escalating the privilege of the machines or by other methods.
The machines here are regularly updated and simulate real-world situations/scenarios, while others are more like CTFs. Hack the box is beyond resourceful if you want to level up your cybersecurity skills, especially as a beginner.
How to get the invite code to join HackTheBox?
To even join Hack The Box, you have to hack your way in or treat it like a CTF challenge sounds intimidating? This article will take you through how to achieve the challenge mentioned. However, I highly recommend that you first try to hack yourself in(on your own) and only use this article as a guide in case you need help.
Let’s get started
Firstly, visit the official Hack The Box website on the top right you could see a join button. It will redirect you to the invite page that asks you to enter an invite code.
Now you could inspect element by the command (ctrl+shift+i) or by simply right click and inspect element it would open chrome developer tools.
Now we will see the sources tab on the chrome developer tools and see which scripts are made available to us which are used on the website.
Now visit https://www.hackthebox.eu/js/inviteapi.min.js and you will see a JS file like the one in the image below.
Now, although it is some obfuscated code it does give us some keywords and clues like “console”, “makeInviteCode” etc.
Again, we will go to the https://www.hackthebox.eu/invite to try and find the contents of makeInviteCode.
Go to the Console tab and type makeInviteCode() and then press Enter. You will get a 200 Success status and data and the encoding type as shown below:
In my case, it is base64 encoding, although you could also get a ROT13 which is also known as Caesar cipher encoding as it rotates between either of them.
It’s time to decode the message we have. Copy the contents of data and search online for a base64 decoder. In my case, I used CyberChef as it is pretty handy for many encryption types.
Now with this information, we have to generate a Post request which I generate with the help of cmd by typing.
curl -X POST https://www.hackthebox.eu/api/invite/generate.
Now we have the invite code but here is a catch it is again encoded but this time there is no clue with which type of encoding, but here I know it is a base 64 encoding as there is a “=” at the end of ciphertext which indicates padding which is done in base64 cipher. Usually, this ciphertext has the same encoding that was for the URL.
After decoding the ciphertext you would get the invite code now put that invite code on the invite page of Hack The Box and Voilla!! now you could register on the website by entering your details.
If you like the blog and find it useful, do share it with your friends, and in case of any query you could ask in the comment section given below.
If you want to learn how to approach a CTF or learn about the Hacking you could follow us and subscribe to our newsletter to get updated.
Get the latest tech news and updates, ethical hacking tutorials, and cybersecurity tips and tricks. Check out MeuSec for more.
Sometimes we include links to online retail stores and/or online campaigns. If you click on one and make a purchase we may receive a small commission.
3 replies on “Hack The Box: How to get the invite code?”
Hola! I’ve been following your site for some time now and finally got the courage to go ahead and give you a shout out from Kingwood Texas! Just wanted to tell you keep up the great job!
Thanks alot mate
Hello іt’s me, I am also viѕitіng this ԝeƄsite regularly, tһis website is genuinely fastidious and the visitors are rｅally sharing fastidious thoսghts.