I was planning to join Hack The Box for awhile but kept postponing it until today. I had free time on this beautiful Saturday afternoon, I thought why not give it a try.
It took around 45 minutes to get the result. I like the idea of hacking the invitation page first and proving you are worthy to join the community.
Let me tell you this though; “No, I will not provide you step by step guide how to do it”. Not only because it is not fair, but also it will ruin the fun.
Here is the page (Don’t forget to play with the background 😉 ):
And here are my hints:
- Don’t complicate things. This is just a simple test to enter the site, so put that Burp down on the ground slowly.
- This is a web page, the source code is the first thing you should check.
- Don’t just look at the plain HTML code. Use your browser’s developer tools.
- Have you tried running them on the browser’s console?
- Do you know ROT13 encoding?
- You have the message, so send that request.
- We have “=” here, this is obviously encoded with Base64.
- Did you decode it? Congratulations, continue with the registration process. 🙂
I hope this will be helpful enough. See you in there.