Red team operators need detailed and accurate C2 report output in order to conduct high quality work. Consequently, reporting has always been a key element of PoshC2. With this update, PoshC2s reporting engine has been entirely rewritten for even better reporting functionality. In particular, HTML reports now have an improved interface and higher performance table rendering. This post gives an overview of the new reporting features.
Improved layout
All it takes to generate reports in PoshC2 is the use of the generate-reports
command.
The first thing you’ll notice when checking out the new HTML reports is the updated layout. The old report format ensured that every column got displayed on screen. This works out fine when there’s only a few columns but when for example you’re opening up an implants report, you’re greeted with 17 columns all trying to squeeze in.
The new reports scale the width of each column to appropriately fit its content, making it more readable. For large cells that contain a lot of content, such as the output of certain tasks like Seatbelt, right clicking the cell brings up a context menu that includes an open option to view the cell in full screen.
The context menu also provides options to let you copy the entire contents of a cell and to temporarily delete a row (until you refresh the page).
Reordering rows and search
The table now allows the reordering the rows and search filtering on each individual column.
Color coding
For certain reports, such as an implant report, the context column is color coded for each unique context there is.
This adds some ‘glance value’ to quickly differentiate between new contexts when scrolling through the rows.
Improved responsiveness
Another important change for the table is much improved responsiveness. The table is generated using the tabulator library, which supports using a virtual DOM. So, as long as the table is given a fixed height option in its constructor (which of course we’ve done) then the table will only render what’s visible. Without this, the table will attempt to load all rows into the table at once and so when you’re loading up a report with a thousand rows it can end up taking a lot of time and even lead to browser freeze up.
JSON and CSV download
We have now added a button to download the table data as JSON, which is useful in many contexts. Additionally, although PoshC2 could already generate CSV reports from the command line, the HTML reports now provide a dedicated button to do this. Both of these export options take into account any table changes you’ve made too, such as row reordering, deleting and filtering.
PoshC2 Logo options
As well as the PoshC2 logo, there’s also now space for a logo to be displayed in the bottom right corner of the report. By default this shows the Nettitude logo, but it can be customised to any other PNG in PoshC2 by changing ReportLogo.png
in the /resources/images/
folder.
Dark mode
We thought we’d save the best feature till last… there is now a dark mode! Although we can’t confirm or deny that it was added to make late night changes much easier on the eyes, it is here nevertheless! It’s an addition that we’re sure other night-owls like us will enjoy.
Conclusion
We hope you enjoy the new reporting features. We believe they are serious quality of life improvements. As always, if you’d like to contribute, hop on over to the PoshC2 repository on GitHub and get involved.