[0x78] - The Meet

[0x78] - The Meet

Cheers to you!

It's time to say a proper farewell to 2019 as it comes to an end. Looking back, we had an outstanding line-up of stimulating and enriching gatherings, all thanks to you.

We can't thank the speakers and challenge makers enough for their creative and dedicated contributions throughout the year. Nevertheless, needless to say, it is the enthusiasm that all of you put on every single challenge and meetup that makes this community unique and special.

We hope you can join us for the last meetup of the year as we'll be surfing the web this time in a different mood.

As usual, keep an eye on the agenda and stay tuned for more!

We kindly ask you for some help with the logistics. Be sure to RSVP yes only when you are 100% sure you can attend. Thanks in advance.

In the meantime, you can join our Slack chat (https://oposec.herokuapp.com/) to discuss all kind of hackish stuff and, of course, interact with other members.

Hope to see you soon!

[Goals]

Learn something new, get to know other g33ks, build an information security community/group in the Porto area and, the most important thing, have fun.

[Agenda]

• Who are you? (New participants small introduction)
• "Surf the new wave!" (PT) by (@)scombatti
• "Post domain admin exploitation in Office 365 environments" (EN/PT) by (@)mfbie

• Social drinks on the house 😉

[Challenge]

Baby pwn tu-tu-tu-tu!
Application: http://sefod.eu/ctf/xmas_ctfzadas.apk

• Get the first two flags ({oposec}XPTO) locally;
• For the brave ones, find a way to get the third flag, yup "This_is_the_flag" is your friend but not the final solution, ping (@)zezadas with your exploit chain and you will get the real one.

Remember to pass by the #ch4llenges channel for hints and clues! Submit your flags to (@)zezadas, and most of all, have fun! 🎁