 Hey, what's going on everybody my name is John Hammond and a few people asked me if I would be willing and able and I am both Of those things to share my note-taking process and some of the procedures that I did while I was taking my OSCP or offensive security certified professional so I want to put together a quick haphazard video like all my videos are and Showcase some of that stuff. So the first thing I'm gonna do is just fire up a little github or get lab repository I'm gonna use get lab because I like it to be private and I think you should too especially if these are gonna be your notes here So I'm just gonna go to get lab calm. I'll quickly sign in I'm using last pass so it'll just crank through username and password super simple super easy That's good stuff, and I want to hit that new project button up on the top right I've seen this take a little bit of time to load, and I don't know why right now That makes no sense to me Okay, cool. Here we are on get lab comm slash project slash new so we can give a name to our project I'll just call mine OSCP with two E's so it's cool and clever, and that way it's not the same as one that I already have So you can give a little project description. These are my notes and resources for well I Why don't know why my mouse is like flashing is it doing that for you guys too? Sorry well I was taking OSCP cool, and we can go ahead and create that project super easy Cool, so now we have that URL and we can work with it on the command line Which is where the better stuff actually happens So what I'm gonna do is come just going to get clone that repository if you don't have git If you're on arch you should just be able to yay tack s install Don't actually use the word install, but yay tack s get or pseudo pac-man if you have any Sunday Set up any aliases for that blah blah blah or if you're on Ubuntu or some other maybe Debian based Install distribution where you just have apt as your package manager. You can apt install get so now I will cd into that directory and now we just have this as our workspace So I'm gonna use vim as my editor here. I'll just create a little OSCP notes and what I like to do when I create things like this I'll just put my name and the date was it October 6th. Yeah Some notes here. I'll be like these are all my notes And we crank through that. Okay, so I could just do a little get add get commit added initial read me Save that and let's pump that the repository. I'll just do a little git push here I don't have my ssth keys put together with git lab and I totally should I'm kind of a failure in that regard But okay now if I root or fresh that we could see my commit and my notes are in there And I could fill that out as I needed to That's super handy because that way now any pictures screenshots that you save just throw in this repository Get add get commit throw it up there and then you have a cloud backup, right? In the sense that now of your notes are in another remote location so if you happen to be working elsewhere and you've got some opportunity you've got some time you can just crank through some work and You have a backup right now. We can go back a little bit of version control see some other notes that you may have left there previously So another individuals I think it asked me for how do I actually convert my markdown into a PDF? And the way that I had done that was with OSCP Markdown to PDF. I think I shared the link in that previous video Noraj had a little template for it and this was super awesome and I shared this and wanted to showcase it This is a good Templates for creating the your exam report or lab report whatever you want to end up creating Just keep it simple keep it easy and markdown and being able to work with it so you'll need PAN doc and you need latex and This EIS Vogel or ice Vogel dot tech. I think it's a little styling there I'm not entirely too hot on some of the PAN doc stuff But then you could just run this command to quickly generate your PDF So I will show you how I set that up and I'll try and showcase some of my notes here But that all all that stuff comes from this ice Vogel repository here So you need that ice Vogel dot tech file present in what you're gonna actually be working with So I will show you that In what my old setup was I'll go to PWK OSCP and there are my notes and some information that I kept track of here So I would work with PAN doc and again Yay tech capital S to install that and then I needed text live tech most and the case of arch I think I don't know if that will go ahead and install core and bin But I added those before I added most so I'm not sure which of those is particularly necessary To be able to make my quick simple generate report that I say script run quickly and easily Let me actually just go take this example Repository here, so I don't accidentally show you anything That I didn't want to previously. Let me I'll just get cloned in this current directory. So that works just fine Nice and easy now. I have that OSCP exam report markdown Director here. Okay, so I could Take one of these example markdown Files which I'll check out here and you can see nice give a little title Good little author give some information there and fill out between the paragraphs in the sections that you would want to fill out According to the machines that you broke into right according to the exercises and the questions that you wanted to showcase I'm not actually going to showcase mine because obviously that still has the actual content in there And I'm going to respect offensive securities wishes and not leak that information fingers crossed So that's how you can do the super simple super easy in markdown Just type as you need to add with the information you want These are more explanations and details blah blah blah And then we can actually go ahead and generate that output. Yeah, let me out Jim So what I'm going to do is just move my generate report script into that directory And I'll show you that in action exam report. Okay, cool Great what this generate report script is is Super small super simple just a wrapper around that pandoc command because they didn't want to keep typing that and running that over and over And over again, I just take the argument and bring it out to a PDF file And I note that in some usage up here So input dot markdown and output dot PDF and I move that ice Vogel Latex file into the directory that needs to be an if for whatever reason That's not already in place on the machine because that I had that issue when I was working on another Work machine that I wanted to get spun up on and then if that command to generate the PDF ran successfully I would simply show the PDF with evidence. So let's try that What I'm going to do is just run my generate report script. Let's use the OSCP exam report templates who is Flynn because I like that one better dot markdown And let's just say example dot PDF. So give a little bit of some time Just a quick second here and suddenly that will just pop out. Here's your penetration test. Here's your lab report Here's your exam report, whatever you wanted to put together And it's all of that same text that you've already seen now just in that beautiful easy breezy beautiful cover girl Display so you can submit that over to offensive security nice and easy, right? That's super cool let me close out of that and I'll show you some of the other stuff that I had in here because originally you do need to submit your exam report and lab report as part of a sevens that package and with your password Offensive security ID all bundled in there and I didn't want to get any of that wrong So I made a quick little script that would do that bundled it all in and it would include the files that I created as necessary That way it runs the sevens of command with all those variables and passwords and everything in place And I don't need to accidentally get that wrong or have a typo because that would be Devastating and they would not grade my not grade the exam and I would have completely failed. So that sucks trying to avoid that So that is my generate report data sage script That is the markdown PDF thing that I used that is how to create it in a simple text editor I used to use sublime now. I'm trying to get into VIM team ux and arch Linux and all that fancy stuff Now I want to showcase some of the other notes that I took because those might be handy to you One thing that I noted was I had a Windows W get that I had found online It's just a simple visual basic script that I wanted to take note of and Keep track of it in case you ever got on a Windows machine And you need to be able to download things or download some stuff from your host or other Privilege escalation scripts that you might be using etc. Etc. That's this syntax right here I'm happy to share that and you would just simply run it with C script Which you would normally be able to run and use just fine I didn't end up using this all that much because I was on low bins and That is you've probably seen a before in the GTFO bin side and you may very well have seen this one Low bass the living off the land at binaries and scripts. This one is strictly for Windows They do have a better website for this now You can check this out if you were to search for any of the commands that you're able to run on that target machine Or the victim that you're working with you might be able to do interesting things with them Like download files or in code and decode some different data streams or read files or write to files etc. Etc. So Normally I use cert util Which is pretty handy dandy for getting us a quick download They have a simple syntax here to be able to download files if you were on that Windows host Sometimes this wouldn't work for me. So another one that I found was actually extract. I think extract 32 That will still download as well Take a look at that guy Issue is that needs to be kind of hosted that file that you need to be able to download needs to be available on an SMB Share so you could spin that up with impact it if you wanted to and I can showcase that if you guys particularly need me to But it's a good quick and easy way download that file and impact it You can host it from your Cali machine or whatever attacker machine you're using so that's that But that came from my notion of this Windows W get that I tried to keep track of so Other notes that I had things that I was just trying to keep in the back of my mind as part of my preparation some Windows privilege escalation stuff a lot of these resources I found with YouTube and some information or some other people's writings and articles and blogs I tried to follow that slash our OSCP or that are slash OSCP subreddit There's a lot of good information that flows through there all the time So I monitored that a lot and some of these Repositories were pretty great for actually keeping track of that information. Let me just show you that real quick This guy had some good notes And it would honestly always boil down to just basic enumeration Basic. Hey what programs are installed? et cetera et cetera but this YouTube series was phenomenal and I always forget this guy's name and I Always fail at pronouncing it one way or the other but he has phenomenal videos quick super super short Super simple. I'm saying lots of s words tripping over my tongue here for a quick Techniques and tactics for Windows for legislation which you might want in the back of your head But a lot of times it just kind of boils down to the basic enumeration. So handy I Would showcase that as well and I took notes on like each section of this like one of these How do I do this in reality? How's what's my quick notes and reference that I can just copy and paste commands or tweak and adjust as needed And I'd do that with a lot of things Vim linux prevesc. Okay. I didn't actually have really anything worthwhile in here dirty cow rational love some simple like Colonel exploits things that you could take advantage of again. I didn't have as much mileage with that What I got to game time but for maybe the practice environment those could come in handy if you're if you're scraping It's straws. So that's handy. That's good for us And that is how I would simply generate things. I Would showcase the cover I guess of my PDF here for us OSCP OS that guy and These are the labs that I work through right but I'm not gonna show you this entire document But you can see there's 243 pages there. I had a huge lab report and my exam Page. I think that one was also Hefty. Oh, I opened that with I have no my bad I literally yelled at myself in my head for doing that earlier So and then I just had a little bit of a different display for the exam So that's that that's all that I really ended up doing use vim or sublime text or whatever text editor that you know and love Run through your stuff like jam out whatever you've been working with Because it's in a simple text editor It's nice and easy to just write everything that you're already working on document as you go and then use that simple maybe uh generate report script and Did I move that thing? I may have I may have moved that like a fool This is super duper handy and I found that really simple and easy Just wrapping around that pan doc command and being able to generate that PDF as quickly as I can So I'm happy to share this code. I hope this kind of helps showcase a little bit of my methodology And some other resources and assets that I would use and work with so Please let me know if there's more you want to see that I can realistically Show you right? I'm not I'm not trying to do anything bad here But I want to let you into my mind and my methodology for how I was able to burn through some of this stuff So mark down a PDF Use a text editor document as you go along write down everything you can take screenshots throw it in your nice cloud backup and simple repository to keep track of stuff OSCP So thank you guys for watching. I hope you enjoyed this if you did please do like comment and subscribe I'd love to see you guys in the next video. Love to see you on discord join the server There's a link in the description. Love to see you on patreon Love to see you on paypal. Just would love to see you at a conference at b-sides at defcon Thanks for watching everybody. I'll see you in the next video