Generating an invite code for Hackthebox.eu

November 18, 2017    Article    162 words    1 min read

Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with other members of similar interests. It contains several challenges that are constantly updated. Some of them simulating real world scenarios and some of them leaning more towards a CTF style of challenge. Homepage

Getting in means you will need to hack your way in for an invite code. Grabbing one is easy, though I’d advice you to solve it by hand (and brain) first.

Performing a POST request to https://www.hackthebox.eu/api/invite/generate will yield all the required data, though base64-encoded.

You can use Paw, Postman or anything you see fit, data returned contains the invite code base64-encoded into the data.code JSON key.

Or, you can use a small Python script to get the required information:

import requests
import base64
import json

print "Code: ",base64.b64decode(requests.post("https://www.hackthebox.eu/api/invite/generate", json={"key": "value"}).json()["data"]["code"])

Or curl it:

$ curl -X "POST" "https://www.hackthebox.eu/api/invite/generate" \
    | jq -r .data.code \
    | base64 --decode

author

created November 18, 2017

tags #pentesting

Check out some related articles: