You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Ok so something I wanted the app to do but it doesnt, is show the CVSS string on the page when you set the CVSS score. So I made a tamper monkey to do it. I am not very good with github so dont know if it's something PwnDoc wants to have from me or not? for anyone interested here is the code (or message me for the link as it's on my github): https://github.com/leonteale/pentestpackage/tree/master/TamperMonkeyScripts
hopefully this loads the image as an example.
// ==UserScript==
// @name PwnDoc CVSS String Builder
// @namespace http://cyberwolf-security.co.uk/
// @version 1.0
// @description Build CVSS string for PwnDoc
// @author Leon Teale
// @match https://10.200.200.5:8443/*
// @grant none
// ==/UserScript==
(function() {
'use strict';
// Define the sections and their corresponding codes
const sections = [
{ name: 'Attack Vector', code: 'AV' },
{ name: 'Attack Complexity', code: 'AC' },
{ name: 'Privileges Required', code: 'PR' },
{ name: 'User Interaction', code: 'UI' },
{ name: 'Scope', code: 'S' },
{ name: 'Confidentiality Impact', code: 'C' },
{ name: 'Integrity Impact', code: 'I' },
{ name: 'Availability Impact', code: 'A' },
];
// Mapping between option text and CVSS code
const mapping = {
"Network": "N",
"Adjacent Network": "A",
"Local": "L",
"Physical": "P",
"High": "H",
"Low": "L",
"None": "N",
"Required": "R",
"Unchanged": "U",
"Changed": "C",
};
// Function to get the CVSS value for a given section name
function getCVSSValue(name) {
const span = Array.from(document.querySelectorAll('span')).find(span => span.textContent.includes(name));
if (span) {
const button = span.parentElement.nextElementSibling.querySelector(`button[aria-pressed='true']`);
return button ? button.textContent.trim() : null;
}
return null;
}
// Function to build the CVSS string based on selected values
function buildCVSSString() {
let cvssString = ''; // Keep the label
for (const section of sections) {
const value = getCVSSValue(section.name);
const code = mapping[value] || 'X';
cvssString += `${section.code}:${code}/`;
}
displayCVSSString(cvssString.slice(0, -1)); // Remove trailing slash
}
// Function to display the CVSS string on the page
function displayCVSSString(cvssString) {
const container = document.querySelector('div.col-md-3');
if (!container) return; // Check if container exists
let cvssElement = container.querySelector('.cvss-string');
if (!cvssElement) {
cvssElement = document.createElement('span');
cvssElement.className = 'cvss-string';
cvssElement.style.color = 'yellow';
container.appendChild(cvssElement);
}
cvssElement.textContent = cvssString;
}
// Initialize the script by attaching click listeners and building the initial CVSS string
function init() {
const buttons = document.querySelectorAll('.q-btn-group button');
buttons.forEach(button => button.addEventListener('click', () => {
setTimeout(buildCVSSString, 100); // Delay to allow the button state to update
}));
buildCVSSString();
}
// Use a MutationObserver to reinitialize the script if the page content changes
const observer = new MutationObserver(init);
observer.observe(document, { childList: true, subtree: true });
init();
})();
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Ok so something I wanted the app to do but it doesnt, is show the CVSS string on the page when you set the CVSS score. So I made a tamper monkey to do it. I am not very good with github so dont know if it's something PwnDoc wants to have from me or not? for anyone interested here is the code (or message me for the link as it's on my github): https://github.com/leonteale/pentestpackage/tree/master/TamperMonkeyScripts
hopefully this loads the image as an example.
Beta Was this translation helpful? Give feedback.
All reactions