[0x39F09FA5B3] - The Meet

Thanks to everyone who joined our first meetup of the year. It showcased how to bypass the limitations of solo hacking successfully. Nine years of 0xOPOSEC – who would've thought we'd make it this far without getting completely pwned?

For this anniversary bash, we've got a killer lineup. Rodrigo Lima (@Pengrey) is back! Remember his last hilarious talk on malware development? Prepare for another dose of insightful hacking. This time, he's tackling the sneaky risks of client-side data filtering, revealing the "hidden" data left in the dust—all through a real-life story straight from the trenches you won't want to miss!

But that's not all! Duarte Monteiro (@d0kt0r), an original c0r3 member, makes a grand return to our stage. He'll give us the lowdown on SIM card vulnerabilities, showing how OTA binary SMS and SIM card applets can be exploited. Mobile network geeks out there, this is your chance to level up!

Just a friendly reminder: this is an in-person event. Before RSVPing, please double-check that you can attend and be there in person. Good logistics rely on it!

In the meantime, you can join our Slack chat (https://bit.ly/3XbyGQu) to discuss all kinds of hackish stuff and, of course, interact with other members.

You're the reason 0xOPOSEC is still kicking. Here's to many more years of learning, networking, and hacking, with you at the heart of it all! 🚀

[Goals]

Learn something new, get to know other g33ks, and, the most important thing, have fun.

[Agenda]

- "Celebrating 9 years of sharing!" (PT/EN) by Renato Rodrigues (@SiMpS0N)

- "The Bad Side Of Client Side" (PT/EN) by Rodrigo Lima (@Pengrey)

- "Over-the-Air, Under-the-Radar: SIM Card Exploits Overview" (PT/EN) by Duarte Monteiro (@d0kt0r)

[Challenge]

Jenkins is a trusted automation tool, but sometimes, hidden weaknesses can expose more than they should. With careful exploration and the proper techniques, you'll piece together the clues and uncover the flag buried within the system.

Are you ready to dig deep into one of the 2024 nightmares? Visit http://madlabs.pw:8080 and have fun!

⚠️ Note: Ping (@)SiMpS0N with the flag and play fair! Avoid making destructive changes—keeping the system intact ensures everyone enjoys the challenge.