CTF, HTB

CTF::HacktheBox: Invite Code

hackthebox invite code picture

How to approach it ?

Hackthebox.eu doesn’t allow you to register. The only way to sign up is by having an insider to provide you with an invite code or hack your way in.

I don’t have someone to provide me an invite code so I have to hack me way in.

I start off by analyzing the source code of the Invite Code form, where I find an interesting javascript inviteapi.min.js

hackthebox backend

I see that the file makes an interesting post request makeInviteCode()

makeinvite code

I run it on the console of inspect elements, and I was able to pull up some interesting data:

ctf

There is a string encoded on base64.  By doing a google search of base64 to text, I end up at https://www.base64decode.org/ and was able to decode the string:

Base64:

“SW4gb3JkZXIgdG8gZ2VuZXJhdGUgdGhlIGludml0ZSBjb2RlLCBtYWtlIGEgUE9TVCByZXF1ZXN0IHRvIC

9hcGkvaW52aXRlL2dlbmVyYXRl”

Text:

In order to generate the invite code, make a POST request to /api/invite/generate

 

That is great news. Now I need to send a POST request in order to generate an invite code.

On Firefox browser, I used the pentest add-on called  hack bar  to execute the post request.

As the following shows I got an error message: “Whoops something went wrong”

opps something went wrong

Now I do the post request:

post request

Where we get the invite key but is encoded in base64:

TlRIRUYtT1dVWFktWkFCRlMtS1BTTlctQlBZWEc=

url hack the box

Solution | Invite Code

 

Again I used the website  to decode and get the following result.

NTHEF-OWUXY-ZABFS-KPSNW-BPYXG

And Uala, I’m in. Now I can finally register 😉

registration ctfhackthebox

Tip: After filling out the form don’t look for a submit button, just hit ENTER

welcome ctf hackthebox

Was this tutorial helpful?
81 votes · 81 answers
Tagged , , ,

24 thoughts on “CTF::HacktheBox: Invite Code

  1. Thanks for the explanation, I feel like a noob. lol My JS skills are mad weak, comming from a straight Python background =/ Can you explain to me how you initially were able to tell that theres post request to the function “makeInviteCode”? … My first instinct was to use inspector, I opened up ‘.*inviteapi.*’ , so from that point of the proccess, how would you explain it to a noob (me) how you ascertained the request ? like some deobs?

    1. I am no expert either, but the function is served in a silver platter in plain English. What else could “makeInviteCode” do? I ran it, and I got a base 64 code. That simple 🙂

  2. Hi there,

    First of all, thanks for your post which would be helpful. However, in my case, this did not work and invite code which has been decoded was mentioned as an invalid one.

    Maybe am I missing some point from your post?

  3. I keep getting error that “Your IP address can not use this code”. I tried it on home network,company network even on my mobile network but getting same error. If i am entering any other code it says code is not right means i have generated right code when i get error””Your IP address can not use this code”. Steps provided by you are very easy and i am not doing any mistake 🙂 . Please suggest …

  4. Hi,
    I just wanted clarification on this please.

    When you said ‘makeinvitecode’ you stated the next step was

    ‘I run it on the console of inspect elements, and I was able to pull up some interesting data:’

    What did you mean by run it on the console of inspect elements? I am new and may be misunderstanding this.

    Thank you

    1. Thank you for your comment and sorry for my late reply.
      I performed the hack using Google Chrome Browser.
      When you open the page https://www.hackthebox.eu/invite and right click on top of the “Invite Code” box, you will see that on the right side, the developers menu will open, with the tabs on top “Elements”, “Console”, “Sources”, etc.
      Click on the “Console” tab and on the bottom you will see the cursor sign “>”, there you will type “makeInviteCode()”, and hit “Enter”.
      You will get a “200, Success ” message. Drop down the arrow and you will see the base 64 data string there.
      Let me know if it worked for you.

  5. Thanx
    When i register it shows me The g-recaptcha-response field is required. how can i bypass that?
    since there is no field of recaptcha.
    Thank you

  6. The problem is that some of you are using two different IP addresses. That is all I am going to tell you. You need to figure out how you are using two different IPs, and why it matters.

    1. Hi Mason,
      Thank you for your comment. Please follow through the tutorial to generate a new code. The code is IP based and you will need to generate a new code from your PC to get in. The code i posted here won’t work.
      Let me know if you have any problems on following through.

      Good Luck ! 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *