What is it like to participate in CISCN2022
StudentUnion
StudentUnion (STU) is a team under the Blue-Whale information security research team. It was established in December 2020 and has a complete range of Crypto, Binary, and Web directions. The undergraduates in the team are all non-computer majors (communication engineering, geology, marine engineering, chemical engineering and technology), so they are named StudentUnion, which means multi-professional student union.
The team’s logo is “Huiqi”, designed by the core member Surager. The main element is a human-shaped avatar with the logo wave of the Ocean University of China. Below is the team name StudentUnion, and the halo symbolizes the aura.
Huiqi means the convergence of yin and yang in the human body. It comes from “Historical Records: Biography of Bian Que Cang Gong”
Bian Que said: “If the prince is ill, the so-called “corpse sting” is also called. The husband uses the yang to enter the yin, moves the stomach and ridges, the middle meridian maintains the collaterals, and does not descend to the three energizers and bladder. Fighting on the top, the qi will be blocked and not communicated, the yin will go up and the yang will go inside, the bottom will bulge and the inner will not rise, the top will be blocked and the external will not be used. Abandoned veins are chaotic, so the shape is as static as death. The prince is not dead. The husband who uses yang to enter the yin branch orchid is born, and the yin enters the yang branch of the orchid to die. All these things are violent when the five Tibetans are in the middle. It is also done. Good work is taken, and the clumsy is suspicious.”
We compare the problem to yin and yang, where yang represents the problem that has been solved, and yin represents the problem that has not been solved.
Therefore, the yang meridian descends, and the yin meridian struggles upward, the qi will be closed and blocked, the yin will go up and the yang will move in, and the lower and inner bulge will not rise.
Solving too many questions may cause the players to be paralyzed and the rankings are “quiet as death”, but if you adjust the status in time, you can still get good results. There are too few questions solved, and the ranking is “quiet as death”, but this situation is basically inevitable.
If the yang enters the yin branch, the orchid is born, and the yin enters the yang branch, and the orchid dies.
Taking the meaning of knowing qi as the Logo, we hope that we can stay focused throughout the game, and even if there is a problem, we can “take it with good work”.
Good work is taken, and the clumsy is suspicious.
StudentUnion is a young team with less than 10 members currently. It is now recruiting new students from Ocean University of China. Students who want to join can check ” Blue-Whale Information Security Research Team Recruitment ” or send their resumes to my email: wyxadai@gmail .com.
preliminary round
??Never forget the cat flag and root password toor in trusted computing, which is very common in leading competitions, just like ?? going to nightclubs can always encounter specials, there are also read flags and gcc leak.
Forget the rest ?.
Northeast China ?
?
Online competition, ?I don’t remember what questions you did?, ?I only remember that there are a bunch of Miscs with 1200 points.
Finally, fourth, the first is Northeast China ?, the second is Northeast China ?, the third is Northeast China ?, and the fourth is East China ?.
picked up a country
? was in Shanghai, and ?’s little yellow duck was at school during the preliminaries and divisional matches. Later, the duck went home, ? is still in Shanghai.
The game was postponed and changed to online again. The game system is Break&Fix. Without awd’s fast boarding, ? felt like it was going to be sent.
?I have always criticized the Break&Fix format, but ?This time, I took advantage of the competition system and made a lot of mistakes. ??There is no re-enactment of last year’s check, all exp, all, ?, no exp, all but check, all. ? Just change a few things, the Fix is over, and the points are there.
In the first two minutes of the first day, UserManager nop free, Fix passed, ? I knew that this game can be messed up.
Common Fix methods in competitions:
-
nop free/syscall (UserManager, tmpfs, pwn_vvvvmmmm)
-
mmap 7 changed to 3 (oldvm, cgi)
-
Reduce size (SafeParse, mvvm)
? There should be only one off-by-one (pwn_stream) for serious repairs
Data security _safeql is a Longming topic. Inserting an unsafe menu question into a secure sqlite is data security. Pay tribute to the classic question of 2021 Fifth Space, data security _sqlite. This is a heap overflow, ? repaired the overflow point, but fixed, ? did not understand.
Forget the rest ?.
In the end, ?? went back two places compared to last year, and won the national first prize in seventh place, ? played stably in the lottery and won the national second prize.
In the finals, you were not allowed to connect to your own server. Of course, this server was also packed and taken away, making it impossible to connect, so ? can only open a virtual machine. ? The computer may not work. There were a lot of problems with the virtual machine during the game. Just after the game, I took the bonus and replaced it. This gave ? an excuse to change the computer and earned it.
No bonuses this year.
loss.
What is the experience of playing CISCN for four years in a row?
?I don’t feel it anymore.
make up
I write every year, so I will make one this year. The entire online competition, coupled with the relatively abstract questions (toor! nop free!), really didn’t have much to write about. The beginning is still a copy of “What is the experience of participating in CISCN2021”. So ?This article is just making up the numbers, it is recommended to wait for Chen Yanbi’s blog.
Originally, I could go to Tianjin to make a pilgrimage with everyone ?? this year, but because of the epidemic, I could only stay at home.
You poop wherever you go.
–ccx
If there is no epidemic, ? On the day of the game, you should be like a genius hi-ke, holding a roll of paper to find Shushuo. If ? stretches out his hand and touches the handle, then there must be someone here, if ? is about to reach out but is preempted by someone, then there must be no one here. But in this online competition, ? at home, before the competition, you can pull as you want. During the competition, as long as you report to the referee, you can pull as much as you want within 15 minutes.
There is no public travel, no public funds to eat and drink, no hotel buffet, no coffee break area, no dinner party, no boxed lunch, ? I didn’t eat anything, it still went from 0.075 tons to 0.09 tons, it’s a loss.
The team fee has bottomed out, and it is estimated that it will not be able to support offline eating and drinking, online competition, and earn money. I ate a bowl of braised noodles on the live broadcast at noon on the match day. It is estimated that I spent a huge sum of ten yuan. Who reported the meal for ?.
I didn’t go to Tianjin this time. The last time I went to 5space2021 was 5space2021. There were a lot of holes dug in it, which will be filled slowly in the future.
?The whole Longming will be updated synchronously in the future.
>
This article is reproduced from: https://aidaip.github.io/life/2022/08/29/%E5%8F%82%E5%8A%A0-CISCN2022-%E6%98%AF%E4%BB%80%E4 %B9%88%E6%A0%B7%E7%9A%84%E4%BD%93%E9%AA%8C.html
This site is for inclusion only, and the copyright belongs to the original author.