Category Archives: Tips

How to give a scientific talk

Posted on by
Reply

I have listened to so many talks in so many different fields and topics, that I feel confident enough to provide advice on how to give a proper talk. I have listened to talks ranging from public speaking contests to PhD level seminars. I draw mainly from science talks, but this pretty much applies to any field, really.

0. Prepare your talk

If you do not feel like preparing for your talk, then please just refrain from giving one and save the people from the hassle of listening to a terrible talk. Everybody needs preparation for a talk – their experience may make the preparation quicker, but it is still needed. No preparation, no talk.

1. Define your audience

Who is your talk for? This is the single most important question you need to ask yourself. Who are you speaking for? What background can you expect them to have? Always remember that you are giving a talk for people, so they should be your first focus. Not your work, your presentation, your show – the audience come first! Two presentations on the very same topic can turn out pretty different, if they are aimed at different audiences. If you do not plan for the right audience, you are likely to give a talk that is just wrong (and useless to the world).

The most common mistake is to make the talk too hard and high level with respect to the audience it will be delivered to. This is most usually a lack of confidence, which results in the perceived need of making something difficult to understand so that
a) people can believe the speaker is very smart;
b) make people believe that the subject is worth.
The latter is based on the widespread implicit assumption that anything that is hard to understand is worth, which is just bullshit. Beware of anything you do not understand.
It is also easy to just copy and paste some formulas or graphs and show those off, without giving away any real understanding.

So, when your talk is ready, revise the material and make sure it can be understood (to a good extent!) by a person having the background you expect from the audience. Most importantly, avoid all jargon unless it is really strictly required. And even then, question your choice of using it. It is fine to use some jargon at advanced talks, just bear in mind that if a listener has to pause and ponder about the meaning some word, you have lost them for the time being. Thus, all jargon used should be sufficiently ingrained in people’s head to come without thought.

2. Define what you want to take across

What content are you trying to deliver (if any)? List around 3 points and make sure they are thoroughly covered, and that your audience clearly understands those basic pieces of information. A good measure of success is whether 90% of the audience went home with the ability of re-telling those 3 points with clarity and sufficient detail. If not, then the talk was a failure.

Always make a point of cutting out non-essential stuff. It is true that you might be telling a year worth of work in just 30 minutes, and you may be tempted to detail all the things that make it look like you have done a lot of work, but again ask yourself: is this useful to the audience’s understanding? 95% of the times the answer is a sharp no.

3. Bring the material together and tell a story

The fact that you are communicating some objective piece of science does not mean that your talk should be dull. Of course, you should not aim for entertainment for its own sake. But still, strive to link all your material together and build a narrative with it, make clear to the audience how each piece is linked to the others. Aim to be a storyteller.

Also, a good question to cover, from the point of view of the audience, is “why should I care?”. Do not just show your work, make it meaningful to the audience.

Continue reading

Brute force a crackme file password with Python

Posted on by
Reply

I was to reverse a file for a challenge, MD5 hash 85c9feed0cb0f240a62b1e50d1ab0419.

The challenge was called mio cuggino, purposefully misspelled with two g letters. It asks for three numbers. The challenge led me to a brute force of the password with a Python script, learning how to interact with a subprocess stdin and stdout (SKIP to next section if you don’t care about context but only want the code).

Looking at the assembly with Radare, the first thing it does is to check that the numbers are non-negative and in increasing order. In details, it checks that:

  1. exactly three inputs have been provided;
  2. the first two are non-negative;
  3. the third is bigger than the second;
  4. the second is bigger than the first;
  5. the third is non-negative.

Very good, so the input pattern is three non-negative integers in increasing order. Fine. No clue about what those numbers should be though, yet.

Scroll the assembly just enough to unravel the magic.

A (pointer to) string is loaded into ebx, which contains the following Italian sentence:

Mi ha detto mio cuggino che una volta e’ stato co’ una che poi gli ha scritto sullo specchio benvenuto nell’AIDS, mio cuggino mio cuggino

The assembly basically takes the characters in the string that correspond to the first and second input (for ex, 0 as first input would map to the first char, M) and checks whether they are equal. If this is not satisfied, a Nope message is shown and the binary returns.

If this is satisfied, the same check is repeated with the third input (with the first one, although this doesn’t matter). If this is satisfied as well, a tricky sub.puts_640 function is called (with 5 inputs), and a Uhm message is shown.

Going to looking into that routine is absolutely useless as it’s completely unreadable, and even makes a bunch of additional calls that are further jumbled.

Continue reading

Getting started with Binary reverse engineering: an example

Posted on by
Reply

For a challenge in a university security class, I was given this file to crack: reverse1. I started with reverse0, which was considerably easier than the second one. In this post I will briefly explain how I tackled reverse1. I provided the files so you can you try on your own and then came back for hints if you are stuck! If you are new to this business, as I relatively am, I advise you to start from reverse0 and crack that first.

Hashes of reverse1 file: 
MD5 – c22c985acb7ca0f373b7279138213158
SHA256 – cd56541a75657630a2a0c23724e55f70e7f4f77300faf18e8228cd2cffe8248e

Disassembling and hoping for the best

The first thing I did was to disassemble the file with Radare to have a look at the code.

The assembly is quite jumbled up, and difficult to analyse all together. A quick look tells us that trying to crack the file just by reversing the assembly is no easy task, and actually a silly idea to begin with. There’s a cycle after the password is read from standard input, then some other instructions, then another cycle… it’s difficult to get what is going on…

Instead, let’s seek the Bad password print section, and see what should happen for the code to jump there. If we are lucky enough, we may find a bunch of final checks that will send over to the Bad password section. If we can find those, we may then look at those bits of assembly to understand how to avoid going there.

Scroll down enough, and down at the bottom I can see the Bad password part, starting at 0x080484f0.

Radare helps in showing two different arrows going into this address. The related comparisons are the following:

Continue reading

Base conversion in Ubuntu (decimal to binary)

Posted on by
Reply

Need to convert a base 10 integer in a base 2 one? Or, at any rate, convert a number from one numeration system to another? In Ubuntu, the bc utility already integrates these features. It is usually already installed, so you don’t have to anything special.

Simply run bc, and enter the following commands:

Then, all subsequent number inputs will be simply converted to their base-2 representation.

If you want to get a conversion straight ahead, without going through the opening of bc, just enter the following from a terminal:

which will convert the number 123 from base 10 to base 2.

Of course, 2 and 10 can be replaced with any other possible base!