Talkative (Hard) | Hack The Box

Products

Solutions for

Teams

Schools

Individuals

Products we offer

Courses & Certifications

Cyber Ranges

Enterprise Attack Simulations

Gamified Team Assessments

Workforce Exercises
new

Talent Sourcing

View all products for teams

Academy for Business

Build cybersecurity talent from within.

An interactive and guided skills development platform for corporate teams
looking to master offensive, defensive, and general security domains.

Read more

Start a free trial

Dedicated Labs

Deal with the latest attacks and cyber threats!

Ensure learning retention with hands-on skills development through a
growing collection of real-world scenarios in a dedicated team environment.

Read more

Start a free trial

Professional Labs

Assess an organization's security posture.

Assess and certify your team's skills and problem-solving abilities
with complex, realistic corporate scenarios.

Enterprise Labs

Cloud Labs

Get a demo

Capture The Flag

Where is your organization standing?

Benchmark your team capability and analyze skill gaps with engaging
competitions featuring market-leading cybersecurity content.

Host your private CTF

Get a demo

Crisis Control

AI-powered tabletops for executive and cyber teams

We are redefining traditional TTXs to fully measure and develop
organizational crisis readiness. See how your staff reacts under pressure
and protect the pivotal assets in your organization.

Book a call

Read more

Talent Search

Recruit and develop your next team member!

Source future talent directly from our 2.5M community of skilled
individuals and develop clear career paths.

Read more

Get a demo

Products we offer

Courses & Learning Paths

Hands-on Labs

Gamified Team Exercises

Industry Certifications

Programs

Student programs

Teacher programs

View all products for schools

HTB Academy

Start your cybersecurity journey.

From comprehensive beginner-level to advanced online courses covering
offensive, defensive, or general security domains.

Get a demo

Dedicated Labs

Deal with the latest attacks and cyber threats!

Ensure learning retention with hands-on skills development through a
growing collection of real-world scenarios in a dedicated classroom
environment.

Get a demo

Capture The Flag

Where is your classroom standing?

Benchmark your classroom capability and analyze skill gaps with
engaging competitions featuring market-leading cybersecurity content.

Host your private CTF

Industry Certifications

Create market-ready cybersecurity professionals.

Bridge the gap between education and the dynamic job market with
industry recognized certifications.

Get a demo

Student Programs

Student subscription.

Unlock 40+ courses on HTB Academy for $8/month. Kickstart your
cyber career from the fundamentals.

Start now

Teacher Programs

Classroom plans.

Access exclusive business features and training service by bringing HTB
to your classroom.

Get a demo

Products we offer

Courses & Learning Paths

Hands-on Labs

Gamified Hacking Events

Job Board
11+ jobs available

Industry Certifications

View all products for individuals

HTB Academy

Start your cybersecurity journey.

From comprehensive beginner-level to advanced online courses
covering offensive, defensive, or general security domains.

Get started for free

HTB Labs

Where real hackers level up!

An ever-expanding pool of labs with new scenarios released every week.

Hacking Labs

Defensive Labs

Red Teams Labs

Join now

Capture The Flag

Looking for a real gamified hacking experience?

Measure your skills in dynamic cybersecurity competitions.

HTB Seasons

Hacking Battlegrounds

Join a CTF event

Job Board

Land your first job in cyber.

Recruiters from the best companies worldwide are hiring through
Hack The Box.

Apply now

Industry Certifications

Become a market-ready cybersecurity professional.

Skyrocket your resume and land your dream job with industry recognized
certifications.

Start now
Solutions

Job Roles

Red Teams

Blue Teams

Purple Teams

Industries

Government

Finance

Manufacturing

Healthcare

Consulting

Use Cases

Technical onboarding and talent retention

Team capabilities benchmarking and gap analysis

Internal and external candidate assessment

Emerging threats and tactic response preparation

Code vulnerability and risk mitigation

Governance and compliance

Real-time breach and crisis simulation

Customer Stories

Toyota & Hack The Box: bridge the
knowledge gap between security and cloud.

View all customer stories
Pricing
Resources

Resource Hub

Educational resources for hackers, schools and teams.

Explore all resources

Discord Server

Join over 250K hackers interacting and learning.

Hang out

Community

Upcoming Events

Meetups

Forum

Affiliate Program

SME Program

Ambassador Program

Parrot OS

Get Help

Help Center

Contact Support

From the Blog

Hack The Box launches its sixth annual University Capture The Flag competition

Read more articles

Industry Reports

New release: 2024 Cyber Attack Readiness Report 💥

We threw 58 enterprise-grade security challenges at 943 corporate
teams and 4,944 security professionals from different industries. Here's
what we learned based on their performance and future security trends.

Download your guide
Company

Company

About us

Careers

Social Impact

Brand Guidelines

Certificate Validation

Legal

Contact us

Press

Partners

Enterprise Sales

Connect

LinkedIn

X

Youtube

Facebook

Why Hack The Box?

Work @ Hack The Box

Join our mission to create a safer cyber world by making cybersecurity
training fun and accessible to everyone. No boundaries, no limitations.

View open jobs

Featured News

Access specialized courses with the HTB Academy Gold annual plan.

Read more news

Store

HTB Swag

Buy Gift Cards

Business

Start free trial

Our all-in-one cyber readiness platform free for 14 days

Get a demo

Get in touch with our team of experts for a tailored solution

Login

HTB Business

Develop and measure all aspects of your team's cyber performance on a single cloud-based platform. Includes 1,200+ labs and exclusive business features.

HTB Academy

Prepare for your future in cybersecurity with interactive, guided training and certifications. Become a market-ready cyber professional.

HTB Labs

1,000+ realistic, hands-on labs focusing on the latest technologies and attack vectors. Free labs released every week!

HTB CTF

Explore 100+ challenges and build your own CTF event. Test your skills in an engaging event simulating real-world dynamics.

HTB Business

Upskill your cyber team

HTB Academy

Learn cybersecurity

HTB Labs

Level up your hacking skills

HTB CTF

Play or host a competition
Get Started

HTB Academy

Prepare for your future in cybersecurity with interactive, guided training and certifications. Become a market-ready cyber professional.

HTB Labs

1,000+ realistic, hands-on labs focusing on the latest technologies and attack vectors. Free labs released every week!

HTB CTF

Explore 100+ challenges and build your own CTF event. Test your skills in an engaging event simulating real-world dynamics.

HTB Academy

Learn cybersecurity

HTB Labs

Level up your hacking skills

HTB CTF

Play or host a competition

Talkative 458

RETIRED MACHINE

Talkative

Talkative - Linux

Linux

Talkative - Hard

Hard

4.8

MACHINE RATING

1101

USER OWNS

855

SYSTEM OWNS

09/04/2022

RELEASED

Created by TheCyberGeek & JDgodd

Machine Synopsis

Talkative is a hard Linux machine that starts off with a command injection in the `Jamovi` web application, which leads us into the `Jamovi` docker in which we find an `omv` file. Decompressing this `omv` file gives us the credentials for the `admin` user in Bolt CMS. This leads us to get a shell as user `www-data` by exploiting a Server Side Template Injection in `twig`. Further network enumeration gives us a shell as user `saul` on the host. For `root` we need to leverage port forwarding for connecting to a `MongoDB` server running in a separate container and through that we need to modify RocketChat&amp;amp;#039;s registered user role in order to access the admin&amp;amp;#039;s dashboard in the RocketChat web GUI. Further exploitation of the RocketChat&amp;amp;#039;s webhook functionality gives us a `root` shell in the RocketChat docker container. Since we are `root` in the docker container, we can install `libcap2` and view the system capabilities, which lead to abusing the `CAP_DAC_READ_SEARCH` capability to run the `shocker` exploit and read the root flag.

Machine Matrix

Ready to start your
hacking journey?

Join Now