Table of contents
- Table of contents
- OSCP EXAM REPORT - TRAINING
REPORT - TRAINING
Report templates
Reports downloading
Download the templates :
git clone https://github.com/noraj/OSCP-Exam-Report-Template-Markdown.git
mkdir report_training
cd OSCP-Exam-Report-Template-Markdown
mv src/OSCP-exam-report-template_* ../report_training/
In this repository there is two exam templates :
- OSCP-exam-report-template_whoisflynn_v3.2.md
- OSCP-exam-report-template_OS_v1.md
Choose the one that you prefer between these two, you can see what they’ll look like once in PDF format here :
If you don’t like any of them here’s some more templates from Offensive Security :
For my part I choose OSCP-exam-report-template_whoisflynn_v3.2.md, so any training will be done with this one.
Requirements
You’ll need to install a few things :
- Pandoc
- LaTeX (eg. TeX Live) in order to get
pdflatexorxelatex - Eisvogel Pandoc LaTeX PDF Template
- p7zip (if you want to use the script, for generating the archive)
- evince (apt install evince)
Scripts for report generation
Generate report script
This script is for the report generation in PDF from markdown.
# generate_report.sh
#!/bin/bash
if [ "$#" -ne 2 ]; then
echo "usage: $0 <input.md> <output.pdf>"
exit
fi
# if this machine does not have the template in place, put it there!
if [ ! -e /usr/share/pandoc/data/templates/eisvogel.latex ]
then
sudo cp eisvogel.latex /usr/share/pandoc/data/templates/
fi
pandoc $1 -o $2 \
--from markdown+yaml_metadata_block+raw_html \
--template eisvogel \
--table-of-contents \
--toc-depth 6 \
--number-sections \
--top-level-division=chapter \
--highlight-style zenburn
if [ $? -eq 0 ]
then
evince $2
fi
Submission script
This script is to generate the password protected .7z, once your report is finish. I commented the LAB_REPORT part of the script because I did not do it.
# make_submission.sh
#!/bin/bash
OSID="XXXXX"
EXAM_REPORT="OSCP-OS-$OSID-Exam-Report.pdf"
# LAB_REPORT="OSCP-OS-$OSID-Lab-Report.pdf"
ZIP_PACKAGE="OSCP-OS-$OSID-Exam-Report.7z"
echo "Generating exam report..."
./generate_report.sh ./OSCP-exam-report-template_whoisflynn_v3.2.md $EXAM_REPORT
# echo "Generating lab report..."
# ./generate_report.sh lab_report.md $LAB_REPORT
echo "Creating 7z package..."
# 7z a $ZIP_PACKAGE -pOS-$OSID $EXAM_REPORT $LAB_REPORT
7z a $ZIP_PACKAGE -pOS-$OSID $EXAM_REPORT
You have to change the line 3 by your OSID.
Make scripts executable
chmod +x generate_report.sh make_submission.sh
Report generation
You should have something like that :
Now to test that everything is working let’s try to generate a report from markdown.
./generate_report.sh OSCP-exam-report-template_whoisflynn_v3.2.md test.pdf
Wait a few seconds and a PDF report called test.pdf of 9 pages should open.
Report training
Markdown editor
To edit the markdown template, I used Typora.
Markdown cheat sheet
If you want to know some more about markdown syntax :
Training
To train myself at reporting, I train on buffer overflow. Why buffer overflow ? Because I knew that at the exam there was one. So if I do it right, during the real exam, I would not have to do much change to my report training.
I did my training on this box :
So I took screenshots during the box, they’re all inside a directory that I called images. Here’s what my folder look like :
Here’s how I generated it (as in Report generation) :
./generate_report.sh OSCP-exam-report-template_whoisflynn_v3.2.md test.pdf
Here’s what my training report looks like :
- Markdown : https://github.com/Liodeus/liodeus.github.io/blob/master/_posts/OSCP-exam-report-template_whoisflynn_v3.2.md
- PDF : https://github.com/Liodeus/liodeus.github.io/blob/master/_posts/test.pdf
But I highly advice that you do it yourself, don’t just take mine, practice !
Other
I just trained reporting on Buffer Overflow but if you want to train your reporting on other box, here’s what I found :
- Jeeves (25 Points)
- Chatterbox (20 Points)
- Cronos (20 Points)
- Sense (10 Points)
Here is a report example from Offensive Security :
Tips on report generation
Backslash
If backslashes are in code syntax, there is no generation problems.
But if you want to print it as text, this is a problem. You have to double it, like so :
Tabulation
To make a tabulation I used the Latex syntax :
\quad <TEXT>
Text color
To change the text color, I used the Latex syntax :
\textcolor{<COLOR>}{<TEXT>}
The predefined color names are
black, blue, brown, cyan, darkgray, gray, green, lightgray, lime, magenta, olive, orange, pink, purple, red, teal, violet, white, yellow
More infos on Latex colors :
Code syntax background color
If you want to change the background color of the code markdown syntax, you just have to change the line 21 of generate_report.sh
--highlight-style <STYLE>
- kate
- monochrome
- breezeDark
- espresso
- zenburn
- haddock
- tango
You should try them all, to see the one that you like the most.
Report submission
For report submission, just use the script make_submission.sh as follow :
./make_submission.sh
During the real exam, after running this script, you would have to upload the 7z here :
Then, send the link to : OSCP@offensive-security.com
Tips before the exam
Proctoring requirements
Follow this tutorial before your exam to install all requirements concerning the proctoring :
OSCP Exam Guide
Read the OSCP Exam Guide :
OSCP FAQ
Have some questions ? Read the OSCP FAQ :