How To | HackTheBox | Registration Challenge Walk Through In 5 Minutes

Hackthebox is one of the best sites to test and improve your hacking skills, I personally joined it 5 days ago and it’s fun to complete challenges and crack the active boxes. I recommend beginners to buy VIP which costs 10 Euros, because VIP members can have access to retired machines which are rotated every week. 20 Retired machines are available every week and they are rotated based on voting’s and other stuff. Hack the box allows users to write write-ups for the retired machines. So, you can find tons of write-ups for the retired machines. So, it helps beginners in leaning and solving the active machines with ease.


Once you are familiar with the retired machines Enumeration and Privilege Escalation process, you can head ahead and start cracking the active machines. If you directly go and attack the active machines it’s going to be very hard to crack them, as you won’t get much of a support (excluding the support from forums). Also by going through various walkthroughs you can get different kinds of methodologies followed to enumerate something. My Suggestion is even after you crack a box on your own, go through other’s HTB walkthroughs and check if there is something new that you don’t know. You will always find something new always. So, let’s get ahead and go join the Hackthebox. This is for educational purpose only.

Step 1. Go to ; scroll down and click on “Join”

Step 2. You will be redirected to ; here you need to make a way to get invite code to join hackthebox


Step 3. You need to do some reconnaissance now. First step to start a web pentest is always check the source code of all the connected files.Right click on your web browser and click on “Inspect” to view the details of the web page.

Step 4. When I was going through the registration process few days ago it took me few minutes to know what to do. I was just going through all the source code and found something interesting i.e., JavaScript Files.


Step 5. There are two JavaScript Files being used to run this page. Just go through those 2 javascript files.


Step 6. After going through the JS Files, There are some functions available in inviteapi.min.js file. Out of all the functions, two of them seem interesting. But we just need only one. So, let’s run ‘makeInviteCode’ function. So, let’s try calling those functions.


Step 7. Let’s move to console tab and run “makeInviteCode()” function. We got a 200 success code, which means it’s aliveJ.


Step 8. Let’s open the object our makeInviteCode() function returned. we can see the data in the object file. It also says it’s encrypted in “BASE64”.


Step 9. So, let’s quickly move to some online Base64 Decoders and decode the data. It says “ In order to generate the invite code, make a POST request to /api/invite/generate

Step 10. So, we need to make a post request to there are hell lot of ways to send a post request. Let’s go with the easier process using “POSTMANchrome browser widget or a windows application.


Step 11. Download and open the POSTMAN chrome extension or a widows native application. Then select “POST” and enter the address to where we need to generate a POST Request and click on “SEND”


Step 12. You can see the output of the post request below. As you can see its encoded again. When you see a single “=” or ‘==” its most likely “BASE64” Encoded.

Step 13. Copy the code from the postman output and again move to Online Base64 Decoder and decrypt it. That’s it. Now copy the decoded code and paste it into and click “Sign Up”


Step 14. Congratulations!!! Banzaiiiii …… This is what we are after. Register and enjoy. If my post helped you give me some respect on HacktheBox. My Profile Name is ‘’WhiteVoid

Well, that’s it for my First Walkthrough on HackTheBox, I will come up with walkthroughs and tutorials on HackTheBox Retired Machines and Some Challenges. Hope you enjoyed this.



have fun folks! :slight_smile:


Thanks for Sharing!!

1 Like