$ python -m webvulnscan http://localhost:8666/ --broken_unicode_characters
Traceback (most recent call last):
File "/usr/lib/python2.7/runpy.py", line 162, in _run_module_as_main
"__main__", fname, loader, pkg_name)
File "/usr/lib/python2.7/runpy.py", line 72, in _run_code
exec code in run_globals
File "/home/phihag/projects/webvulnscan/webvulnscan/__main__.py", line 18, in <module>
webvulnscan.main()
File "webvulnscan/__init__.py", line 232, in main
messages = run(options, arguments)
File "webvulnscan/__init__.py", line 98, in run
drive_all(page, attacks, client)
File "webvulnscan/attacks/__init__.py", line 20, in drive_all
attack(page, client)
File "webvulnscan/attacks/broken_unicode_characters.py", line 33, in broken_unicode_characters
try_on_form(client, form, symbol)
File "webvulnscan/attacks/broken_unicode_characters.py", line 11, in try_on_form
result = form.send(client, attack_parameters)
File "webvulnscan/form.py", line 42, in send
return client.download_page(self.action, parameters)
File "webvulnscan/client.py", line 86, in download_page
status_code, html, headers = self.download(url, parameters)
File "webvulnscan/client.py", line 48, in download
data = urlencode(parameters).encode("utf-8")
File "/usr/lib/python2.7/urllib.py", line 1329, in urlencode
v = quote_plus(str(v))
UnicodeEncodeError: 'ascii' codec can't encode character u'\uffff' in position 0: ordinal not in range(128)
With python 2.7, running it on vulnsrv gives:
It works fine on Python 3.