Let see how we hack the signup page ( https://www.hackthebox.eu/invite )
Been thank full to their Hint lets go to the Console page. ( Right Click > Inspect )
If you looked for more, you can find more Hints hidden in the page source. Here's a one.
So the next hint is the page is loaded with Javascript so let's find where it's hidden.
usually, the javascript file extension is " . JS " so now you know where to look. it seems we have a few but I'm particularly inserted in one script called " inviteapi.min.js ".
Now we have the path to the Javascript so then let's try to access it from the browser. ( it's obviously a web directory ) it's all about making the correct URL and the Path to the File.
So you will have something like this as the Full path.
"https://www.hackthebox.eu/js/inviteapi.min.js"
Put it on any browser and hit enter , you'll directly go into the script.
Ok, now you have something like above, so look for the next hint. so assuming the above-highlighted text are functions I have searched that text name on the console search.
Boom 😀.
"makeInviteCode" responded with successful text so let's recall the same function with Full correct syntax
" makeInviteCode() "
Lalalala La 😀. Ok, we have the full data set called by the function.
We have a hint 😅 with encrypted data and the type of the method it encrypted.
Next is simple because we have " Google God " 😎.
Just simply Search " BASE64 to Text online " , and go for the first option and convert your encrypted text into Human-readable text.
I used " https://cryptii.com/pipes/base64-to-text "
I got something like this.
So the instructions are.
"In order to generate the invite code, make a POST request to /api/invite/generate"
Ok , How we do it ? 😐😐
Just Google it.
After a bit of research, I found that we can use the tool called "CURL".
"curl is a tool to transfer data from or to a server, using one of the supported protocols."
Look for the MAN page for more info.
so as per the instructions we need to make a post request over the HTTPS to the mentioned URL.
Just go to CMD and type " curl --help " so we can have a bit of a glimpse.
after searching here and there, I came up with the command to make the post request.
curl -X POST https://www.hackthebox.eu/api/invite/generate
Open the command prompt or any other terminal and type the command and hit enter to get the invite code to generate.
Here you go 😃. we have the code but it also encoded.
same as before go for a google search to get the text decoded.
Whoh 😍.. We have the invitation code now. use this code on the signup page to create your Hack the Box account.
Happy Learning and Happy Hacking 😎
