A friend showed me this lab. I have just started solving the HTB Lab. And I will share the solvings step by step. The Lab has 20 machines that Linux and Windows. The registration that I had the most fun ever seen until now.
I will explain first challange: invite code.
First, you should invite yourself.
Actually, there is no one who sending the invite code. You should invite yourself. Search for inviting.
I was review the js files. Specially /js/inviteapi.min.js
I typed this function name in console. And SUPRISE!
I decoded the data by base64.
I prepared a POST request to /api/invite/generate.
I found a new code in JSON Response.
I decoded the new code by base64.
Shall we begin! To be continued.
July 5 2017