Skip to main content

Hack Invite Code To Register - Hack The Box


Recently I found another website that have more advanced hacking challenges...I know I need to cover other websites which i have promised you but something in this website is interesting.For registering in this website,you need to hack and get an invite code.So, I thought to deviate from our regular topic and talk about it.
The WEBSITE is

 HACK THE BOX

 They are asking invite code for registering.As usual i checked source-code of the page.Since I found nothing suspicious,I started looking at JavaScript and found one that seems can help me.

 
<script defer src="/js/inviteapi.min.js"></script>


I visited the js..There is a script and i found some keywords from that like "log","invite","verifyInviteCode","makeInviteCode"
I went back to our registration page now right clicked and selected inspect.

SELECT CONSOLE


 Try typing in each keyword and check if function exist.
I got output when i checked verifyInviteCode();
But, there was no help from that

 when I checked makeInviteCode();
I found something encrypted!
Encryption type is specified in it as base64.
so i used an online base64 decoder for decoding it!

 The information i got was:

 In order to generate the invite code, make a POST request to /api/invite/generate

hurreehh!! we are almost there now we know where to look for
but if you directly visit the page by 
https://www.hackthebox.eu/api/invite/generate

 you will get error because its specified clearly , we need to use a post request!
How to do it? no need to code something new its right in our reg page
in the page, right click and select inspect
you will see
change form action to:

Now, type something in input and hit sign up.
BANG!!

 you get something informative!!

 I got this
{"success":1,"data":{"code":"UkdSVFotTk9aQkUtTllCSlktTEVOVFMtS0RUWVA=","format":"encoded"},"0":200}


We have the code but in encrypted form!


To find which encryption is used, goto






Hash Type Checker




now paste the code and check which is encryption type,I got base64


then goto 




Base64 Decode




for decoding base64 and i got my invite code!


RGRTZ-NOZBE-NYBJY-LENTS-KDTYP






Isn't it  a spoiler?


No! the invite code differ for each person and so you will get your own code!


GOOD LUCK!















Labels:


































Comments











Post a Comment




















Popular posts from this blog





















Hack This Site Basic 8




























     Sam remains confident that an obscured password file is still the best idea, but he screwed up with the calendar program. Sam has saved the unencrypted password file in /var/www/hackthissite.org/html/missions/basic/8/  However, Sam's young daughter Stephanie has just learned to program in PHP. She's talented for her age, but she knows nothing about security. She recently learned about saving files, and she wrote a script to demonstrate her ability.  So, we know the password is stored in some obscured password file.   Lets try the same code as we did in level 7.  But the code 'ls' is not treated as command. so lets try it differently.  Try with aaa;<!--ls-->  it also failed but got a message:   If you are trying to use server side includes to solve the challenge, you are on the right track: but I have limited the commands allowed to ones relevant towards finding the password file for security reasons(because there will always be that one person who decides to ...




















2 comments









Read more






























Hack This Site! Basic 4




























       This time Sam hardcoded the password into the script. However, the password is long and complex, and Sam is often forgetful. So he wrote a script that would email his password to him auto  And below this,There is a button for sending password to Sam's email.What we should do?  right click on the button ,if you are in google chrome ,select > inspect .  Now on right side you could see the script of that button.  In this script you could see,      <input type="hidden" name="to" value="sam@hackthissite.org">    Got any idea? yea , all you have to do is change the email to whatever  email you registered in Hackthis site ! Now check your mail,there must be the password you needed!   Keep going!   




















3 comments









Read more






























Hack This Site Basic 11




























       Sam decided to make a music site.  Unfortunately he does not understand Apache.  This mission is a bit harder than the other basics.  As you may have noticed! when we visit this level all we are given with is some line about song.This line changes on each refresh.From this we assume that this is not the real page we need to visit.But how we find our requirement? There is a tool in Kali Linux called 'Dirb'. But for now Iam using an online service for this  >> URL FUZZER << . First we give the url and search for files with .php extension.    select start scan.Wait for scan to finish.     So,we have found a file.Now visit it as:   https://www.hackthissite.org/missions/basic/11/index.php     There is our login page.still we are stuck!we don't have the password or any hint in the source code of this page. Lets run another scan on the URL Fuzzer ,this time for directories      Same way start scan and wait for it to finish.     There are two possible directori...




















Post a Comment









Read more