Navigation X
ALERT
Click here to register with a few steps and explore all our cool stuff we have to offer!



 641

hackthebox Invite challenge

by shark420 - 27 March, 2021 - 05:07 PM
This post is by a banned member (shark420) - Unhide
shark420  
Registered
5
Posts
3
Threads
3 Years of service
#1
Found this website and stuck on understanding the invite file that the javascript gets.

i've tried putting in the "wot-verification" but no luck.


content = "website" / > < meta name = "twitter:card"
content = "summary_large_image" > < meta name = "csrf-token"
content = "0jW7kn7wBAqDltftVDhbQbg4CoHxobVs86OzKBwU" > < meta name = "wot-verification"
content = "1eeefbec1f6305acd476" / > < script type = 'application/ld+json' > {

https://www.hackthebox.eu/invite

Anyone else able to get a invite lol?
This post is by a banned member (Pshyotic) - Unhide
Pshyotic  
Registered
1.014
Posts
290
Threads
6 Years of service
#2
(This post was last modified: 27 March, 2021 - 05:13 PM by Pshyotic.)
Go through the elements tab and you will find a script with source (src) as: /js/inviteapi.min.js
visit https://www.hackthebox.eu/js/inviteapi.min.js 
make a POST request.
 ou will get a success message as:
Quote:{“success”:1,”data”:{“code”: “randomcharactersorsomething”, “format”: “encoded”}, “0”:200}

As you saw,  you get code But this is not your invite code as it says format:encoded.
  using decoder decode it: https://soumya.dev/decode.
select type as Base64. Paste the code you got as the response of the POST request into the Encoded Text box and press Decode.
Now, go to https://www.hackthebox.eu/invite and paste the Invite Code you got in the textbox asking for the same.
 
P S H Y O T I C

☻♥
[Image: Czwhvkg.png]

Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
or
Sign in
Already have an account? Sign in here.


Forum Jump:


Users browsing this thread: 1 Guest(s)