scrot -d 5 -e 'mv $f ~/oswe_report/screenshots/app2_$f.png' The “Debugging Output” Secret Weapon OSWE examiners love debugging output. In your exploit script, include print() statements that show the vulnerable function call.
Explain step-by-step how user input flows from the entry point (e.g., a $_POST['file'] parameter) to a sink function (e.g., include() or system() ). OSWE examiners look for this “taint flow” analysis.
Use Shift+Ctrl+PrtScn (Windows) or Shift+Cmd+4 (Mac). Paste into the document at full size. Advanced Tips for the OSWE Exam Report Use a Template (But Customize It) Offensive Security does not provide a mandatory template for OSWE (like they do for OSCP). However, you should build one in Markdown (converted to PDF) or Microsoft Word with styles.
Example Python output to include in report: