Invite Challenge | HackTheBox

Hello Reader,

If you’re here, It means it’s your start of the journey in Infosec Or May be into CTFs.

So, Our Very famous HackTheBox for CTF Challenge, Itself has a challenge for creating an account.

Well, Spoiler Alert. Don’t blinding copy the steps on this blog but read and understand why you’re doing what you’re doing.

Let’s start with the home page.

Click on Join Now.

It will send you to an invite challenge.

Now, the very basic on Hacking is Information gathering, reconnaissance.

So, Let’s read the source code or check the developer options.

Here after looking in the developer options/ inspect elements tab we found a link something like inviteapi. something, Let’s open it up.

Well we got something but doesn’t look that helpful at first.

But with a closer look we have something here.

now let’s try to access that api/invite/how/to/generate.

No luck.

But Wait, Sending a request through Browser simply send GET request. Let’s try sending a POST Request.

But how do we do that?

Well we can do that by using the curl request from the command prompt.

Below is the command for the same:

curl -XPOST

Okay well we get a code here, let’s decode that and see what does it say.

Well, It’s another set of instruction. Just like a cool CTF every clue leads to another discovery.

So, It says to send POST request to /api/invite/generate.

We can do it the same way as we did using command prompt earlier.

Cool, Here’s another Code, Let’s decode that too.

Bingo, We’re done.

Now you can create your account and play all the free CTFs or buy VIP membership to test your skills on the retired boxes.




Security researcher, Blogger, Bug Bounty hunter

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Snowflake Access Control — Get it right first time

Bucket Sort Algorithm

5 reasons to upgrade from tix free to tix pro.

Programmatic Fencing 102: Data Types and Sabre

Action Mailer: A Beginner’s How-To

Using abstract classes to design enemies | Unity

sRADS to RADS swap : fix and update of the ratio system

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Kapil Verma

Kapil Verma

Security researcher, Blogger, Bug Bounty hunter

More from Medium

TryHackMe — Network Fundamentals — Extending Your Network

Metasploitable 2 - Full Walkthrough :

CTF Write-up on Cloudsek’s 2022 Earn While You Learn Program(EWYL-2021) selection Challenge.

All About CEH Practical/Experience