So I had two weeks before my exam (more on that later) and all the machines in the lab were “owned” so it was time to write the “dreaded” lab report. Now like any techie, writing documentation of any sort is a painful experience and hearing from other people on the course I knew this particular report would be several hundred pages long.
Not being a penetration tester by trade I had only read a few reports as part of my job, the guys at Offensive Security provide a template though which makes the process a little less daunting (only a little less). I have to say for me writing the report wasn’t a fun experience and I struggled at times to get the motivation together to get it done.
There were times where I cursed the OffSec guys for making me write me the report but then one day it just clicked. The lab report is important for two reason, the first is that if you get a job as a pen tester you WILL have to write reports and these reports that will be read by people at different levels (i.e. non techies) so understanding how to structure a report and how to explain technical subjects in a non-technical way is just as important as knowing how to perform SQL injection attacks against a machine.
The second reason is probably the best reason for writing the report (in my opinion), explaining the step by step process for how you exploited a machine is a good way to reinforce what you learnt. It’s easy to “point and click” at a machine but writing it done makes you think more about the “how” and “why”. In fact I ended up re-exploiting several machines in my last week of lab time just because I wasn’t happy about how I did them the first time around, and in doing so I learnt some new techniques and tricks.
In the end my report was about 600 pages long, yes a lot was from output that I just copied and pasted but I think about a third was my detailed explanations of how I compromised machines, as well as explaining things like SSH tunnelling and I even added some diagrams for completeness.
So here are my top tips for writing the lab report:
1. Screenshots – Make sure you have plenty, but make sure they are of the right thing. I discovered as I wrote my report that I was missing some screenshots of important events and had to rely on memory and a written explanation.
2. Notes – There is a tendency to get carried away in the labs with exploiting machines and at times I forgot to take console output, it may seem like a bit of time sink but the more notes you have the better.
3. Start early – If you can start your report when you are starting the labs, then maybe you should. It will keep things fresh in your mind and stop the mad panic of trying to write your report at the end.
4. Stay Focused – This is actually more about keeping the focus on what you are writing, don’t wander off the subject. Make your explanation detailed but remember you are explaining how you exploited a machine, nothing else.
5. Remember why – The report is important, you have to write one for the exam and you maybe surprised how much you learn from writing the lab report.
I won’t lie, it’s not fun (unless you like that sort of thing… weirdo) but it is necessary, it will help you and it is worthwhile..