https://www.hackthebox.eu/
#1
From registration to finish, let's hack away.
https://www.hackthebox.eu/
Reply
#2
(02-03-2018, 06:44 PM)espionage Wrote: From registration to finish, let's hack away.
https://www.hackthebox.eu/

I long time ago I was able to hack my way in in like two days. I can't claim full credit because someone told me to focus on the JavaScript console, but that was all I was told. Otherwise, I got in on my own. This was months ago before I decided I didn't know what the fuck I was doing beyond that and that I needed to go back and learn how more stuff works.
Reply
#3
(02-04-2018, 09:19 AM)fogbright Wrote:
(02-03-2018, 06:44 PM)espionage Wrote: From registration to finish, let's hack away.
https://www.hackthebox.eu/

I long time ago I was able to hack my way in in like two days. I can't claim full credit because someone told me to focus on the JavaScript console, but that was all I was told. Otherwise, I got in on my own. This was months ago before I decided I didn't know what the fuck I was doing beyond that and that I needed to go back and learn how more stuff works.

Spoiler below
Spoiler(Show)
all you had to do was look at makeInviteCode(); in inspect element.
then change it to make a request to api/invite/generate
then you can just decode it base64.
Reply
#4
(04-28-2018, 05:37 AM)Void Wrote:
(02-04-2018, 09:19 AM)fogbright Wrote:
(02-03-2018, 06:44 PM)espionage Wrote: From registration to finish, let's hack away.
https://www.hackthebox.eu/

I long time ago I was able to hack my way in in like two days. I can't claim full credit because someone told me to focus on the JavaScript console, but that was all I was told. Otherwise, I got in on my own. This was months ago before I decided I didn't know what the fuck I was doing beyond that and that I needed to go back and learn how more stuff works.

Spoiler below
Spoiler(Show)
all you had to do was look at makeInviteCode(); in inspect element.
then change it to make a request to api/invite/generate
then you can just decode it base64.

Spoiler(Show)
The endpoint that generates the invite code also sometimes spits out a ROT13 (Caesar) cipher instead of base64. It's actually a great problem solving exercise to show to beginners, as it's quite quick, but shows what can be accomplished, and introduces those critical critical thinking skills.
Reply
#5
Do you have the code for this site? If yes please send me. Thanks very much. If you know where there are many beautiful blog code can tell me?
Reply
#6
(04-29-2018, 10:50 AM)abczxy Wrote: Do you have the code for this site? If yes please send me. Thanks very much. If you know where there are many beautiful blog code can tell me?

Yes, I have the code - but you have to find it yourself. That's sorta the whole point...
Reply
#7
(04-29-2018, 10:50 AM)abczxy Wrote: Do you have the code for this site? If yes please send me. Thanks very much. If you know where there are many beautiful blog code can tell me?

You will be required to generate an invite code for yourself. This code will be binded to the IP address used to generate said code, thus ensuring the user truly found the code on their own. Even if someone sends you an invite code that they generated, your IP address will be different, so it will not work.

Hint: POST request.

Spoiler(Show)
If you are seriously desperate and have actually tried, check this script out:
https://github.com/ihebski/HackTheBox

I recommend at least trying prior to understanding this script.
Reply
#8
(04-30-2018, 07:13 PM)Cypher Wrote:
(04-29-2018, 10:50 AM)abczxy Wrote: Do you have the code for this site? If yes please send me. Thanks very much. If you know where there are many beautiful blog code can tell me?

You will be required to generate an invite code for yourself. This code will be binded to the IP address used to generate said code, thus ensuring the user truly found the code on their own. Even if someone sends you an invite code that they generated, your IP address will be different, so it will not work.

Hint: POST request.

Spoiler(Show)
If you are seriously desperate and have actually tried, check this script out:
https://github.com/ihebski/HackTheBox

I recommend at least trying prior to understanding this script.

What he said ^ It's pretty easy though if you know your way around inspect element lol.
Reply
#9
Great start place for learning, and yes, the fact that you have to find your way to get in is brilliant.
Almost better than retrogaming XD
Reply
#10
Hello,
im new here, but i have a Usefull Information about  https://www.hackthebox.eu/. When you have a Dual-Stack-Lite Internet Connection aka DSLite (which some Cable Internet Companys have, where you only have a deticaded IPv6 Adress and no Deticaded IPv4)you will sometimes run into trouble generating the Invite Code.
Even when you Generate the Code, it wont let you in sometimes (because the Code is bound to IPv4 and when you use DSLite, the IPv4 Adress of you is not constant). Needed almost a hour to figure that Problem out, only fix for me was to open a Hotspot via my Smartphone and generate the Code this Way.
Sadly Hackthebox cant really do something about this Issue said the Support.

Greetings
WhoIsJonny
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Ditch Cloudflare - Broken HTTPS/MiTM NO-OP 3 12,893 09-15-2016, 04:53 PM
Last Post: Insider