Table of contents

REPORT - TRAINING

Report templates

Reports downloading

Download the templates :

git clone https://github.com/noraj/OSCP-Exam-Report-Template-Markdown.git
mkdir report_training
cd OSCP-Exam-Report-Template-Markdown
mv src/OSCP-exam-report-template_* ../report_training/

In this repository there is two exam templates :

  • OSCP-exam-report-template_whoisflynn_v3.2.md
  • OSCP-exam-report-template_OS_v1.md

Choose the one that you prefer between these two, you can see what they’ll look like once in PDF format here :

If you don’t like any of them here’s some more templates from Offensive Security :

For my part I choose OSCP-exam-report-template_whoisflynn_v3.2.md, so any training will be done with this one.

Requirements

You’ll need to install a few things :

Scripts for report generation

Generate report script

This script is for the report generation in PDF from markdown.

# generate_report.sh

#!/bin/bash

if [ "$#" -ne 2 ]; then
    echo "usage: $0 <input.md> <output.pdf>"
    exit
fi

# if this machine does not have the template in place, put it there!
if [ ! -e /usr/share/pandoc/data/templates/eisvogel.latex ]
then
    sudo cp eisvogel.latex /usr/share/pandoc/data/templates/
fi

pandoc $1 -o $2 \
--from markdown+yaml_metadata_block+raw_html \
--template eisvogel \
--table-of-contents \
--toc-depth 6 \
--number-sections \
--top-level-division=chapter \
--highlight-style zenburn

if [ $? -eq 0 ]
then
    evince $2
fi

Submission script

This script is to generate the password protected .7z, once your report is finish. I commented the LAB_REPORT part of the script because I did not do it.

# make_submission.sh

#!/bin/bash

OSID="XXXXX"
EXAM_REPORT="OSCP-OS-$OSID-Exam-Report.pdf"
# LAB_REPORT="OSCP-OS-$OSID-Lab-Report.pdf"
ZIP_PACKAGE="OSCP-OS-$OSID-Exam-Report.7z"

echo "Generating exam report..."
./generate_report.sh ./OSCP-exam-report-template_whoisflynn_v3.2.md $EXAM_REPORT

# echo "Generating lab report..."
# ./generate_report.sh lab_report.md $LAB_REPORT

echo "Creating 7z package..."
# 7z a $ZIP_PACKAGE -pOS-$OSID $EXAM_REPORT $LAB_REPORT
7z a $ZIP_PACKAGE -pOS-$OSID $EXAM_REPORT

You have to change the line 3 by your OSID.

Make scripts executable

chmod +x generate_report.sh make_submission.sh

Report generation

You should have something like that :

Directory listing

Now to test that everything is working let’s try to generate a report from markdown.

./generate_report.sh OSCP-exam-report-template_whoisflynn_v3.2.md test.pdf

Wait a few seconds and a PDF report called test.pdf of 9 pages should open.

Report training

Markdown editor

To edit the markdown template, I used Typora.

Markdown cheat sheet

If you want to know some more about markdown syntax :

Training

To train myself at reporting, I train on buffer overflow. Why buffer overflow ? Because I knew that at the exam there was one. So if I do it right, during the real exam, I would not have to do much change to my report training.

I did my training on this box :

So I took screenshots during the box, they’re all inside a directory that I called images. Here’s what my folder look like :

Directory listing 2

Here’s how I generated it (as in Report generation) :

./generate_report.sh OSCP-exam-report-template_whoisflynn_v3.2.md test.pdf

Here’s what my training report looks like :

But I highly advice that you do it yourself, don’t just take mine, practice !

Other

I just trained reporting on Buffer Overflow but if you want to train your reporting on other box, here’s what I found :

  • Jeeves (25 Points)
  • Chatterbox (20 Points)
  • Cronos (20 Points)
  • Sense (10 Points)

Here is a report example from Offensive Security :

Tips on report generation

Backslash

If backslashes are in code syntax, there is no generation problems.

Code syntax

But if you want to print it as text, this is a problem. You have to double it, like so :

Double backslash

Tabulation

To make a tabulation I used the Latex syntax :

\quad <TEXT>

Text color

To change the text color, I used the Latex syntax :

\textcolor{<COLOR>}{<TEXT>}

The predefined color names are

black, blue, brown, cyan, darkgray, gray, green, lightgray, lime, magenta, olive, orange, pink, purple, red, teal, violet, white, yellow

More infos on Latex colors :

Code syntax background color

If you want to change the background color of the code markdown syntax, you just have to change the line 21 of generate_report.sh

--highlight-style <STYLE>
  • kate
  • monochrome
  • breezeDark
  • espresso
  • zenburn
  • haddock
  • tango

You should try them all, to see the one that you like the most.

Report submission

For report submission, just use the script make_submission.sh as follow :

./make_submission.sh

Report submission

During the real exam, after running this script, you would have to upload the 7z here :

Then, send the link to : OSCP@offensive-security.com

Tips before the exam

Proctoring requirements

Follow this tutorial before your exam to install all requirements concerning the proctoring :

OSCP Exam Guide

Read the OSCP Exam Guide :

OSCP FAQ

Have some questions ? Read the OSCP FAQ :