HackTheBox BountyHunter machine walkthrough

This article will be dedicated to the walkthrough of the BountyHunter box (level easy) available in HackTheBox.

It is a machine now “retired”, from which I got the user and system flags some months ago (October 2021) when it was still active.

Initial disclaimer: do not consider these steps as 100% correct or the best one available. Pretty sure that it would have been possible to get the solution faster and with a different approach. That said, I think it’s important to see the tentatives and logic applied, besides the tools used. This is important when looking back at possible errors and ways to improve, especially when starting.

Hackthebox.eu: how to register

Few days ago while attending the course “Practical Ethical Hacking – The Complete Course” by Heath Adams (aka The Cyber Mentor), in the section “Mid-course Capstone”, he introduced Hack The Box.

For those unfamiliar with it, Hack The Box is one of the most famous online platforms where you can experiment and improve your pentesting and cyber-security skills.

However, as explained during the video lesson, the “first step” that needs to be done in order to start using the virtual machines present in HTB is to “get yourself” the invitation code in order to register.

As you can see from the screen below, once you click on the button on the top right “Join Now” on the home page, you are redirected to the page that we have to “hack” in order to get the coupon which will then allow us to proceed with the actual registration process.

Although it is possible to find the solution to the problem simply by googling it, my opinion in this case is that “a good start is half the job”. Seriously, considering the type of portal we want to subscribe to, I think it’s essential to find the solution by ourselves.