dancer1234
diff --git a/‎README.MD
+3-242 b/‎README.MD
+3-242
diff --git a/‎images/linux1.png
-71.1 KB b/‎images/linux1.png
-71.1 KB
diff --git a/‎images/linux2.png
-168 KB b/‎images/linux2.png
-168 KB
diff --git a/‎images/report.png
54.4 KB b/‎images/report.png
54.4 KB
@@ -37,249 +37,10 @@
 w9scan扫描器项目仅用于学习，禁止用于其他用途。
 
 ## 运行测试
-### Linux 
-![](https://github.com/boy-hack/w9scan/blob/master/images/linux1.png)
-![](https://github.com/boy-hack/w9scan/blob/master/images/linux2.png)
 
-用`w9scan 1.4.2` 扫描 http://testphp.vulnweb.com/ 的扫描报告：
-```
-      [Note] php version:5.3.0 - current
-      [Note] 存在crossdomain.xml文件发现漏洞...(信息) payload: http://testphp.vulnweb.com//crossdomain.xml
-      [Note] http://testphp.vulnweb.com/['php']
-      [Info] IP:176.28.50.165
-      [Note] udp/53=>[DNS];Ver =>none
-      [Note] TCP: [21, 22, 25, 80]
-      [Note] 80 => [www]; Ver => [('Server', 'nginx/1.4.1'), ('X-Powered-By', 'PHP/5.3.10-1~lucid+2uwsgi2')]
-21 => [ftp]; Ver => 220 ProFTPD 1.3.3e Server (ProFTPD) [176.28.50.165]
-[***] Scan report:
-      [Note] Infomation Collect:[email protected]
-      [Note] Infomation Collect:[email protected]
-      [Hole] [Integer SQL injection] http://testphp.vulnweb.com/artists.php?artist=1 GET /artists.php?artist=1%2B1-1 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Hole] [String SQL injection] http://testphp.vulnweb.com/artists.php?artist=1 GET /artists.php?artist=1/%2A%2A/and/%2A%2A/1%3B%23 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Hole] [String SQL injection] http://testphp.vulnweb.com/artists.php?artist=1 GET /artists.php?artist=1%09and%091%3B%23 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Hole] [String SQL injection] http://testphp.vulnweb.com/artists.php?artist=1 GET /artists.php?artist=1%0Aand/%2A%2A/1%3B%23 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Note] Infomation Collect:[email protected]
-      [Hole] [Error SQL Found MySQL database] http://testphp.vulnweb.com/artists.php?artist=1 mysql_fetch_array()GET /artists.php?artist=1%27 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Hole] [Error SQL Found MySQL database] http://testphp.vulnweb.com/artists.php?artist=1 mysql_GET /artists.php?artist=1%27 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Note] Infomation Collect:[email protected]
-      [Note] Infomation Collect:[email protected]
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?cat=%3Cscript%3Ealert%281%29%3B%3C/script%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?cat=%3Cscript%3Eprompt%281%29%3B%3C/script%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?cat=%3Cscript%3Econfirm%281%29%3B%3C/script%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?cat=%3Cscr%3Cscript%3Eipt%3Ealert%281%29%3C/scr%3Cscript%3Eipt%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?cat=%3Cobject%20data%3D%22data%3Atext/html%3Bbase64%2CPHNjcmlwdD5hbGVydCgxKTs8L3NjcmlwdD4%3D%22%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?cat=%3Csvg/onload%3Dprompt%281%29%3B%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?cat=%3Cmarquee/onstart%3Dconfirm%281%29%3E/
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?cat=%3Cbody%20onload%3Dprompt%281%29%3B%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?cat=%3Cselect%20autofocus%20onfocus%3Dalert%281%29%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?cat=%3Ctextarea%20autofocus%20onfocus%3Dalert%281%29%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?cat=%3Ckeygen%20autofocus%20onfocus%3Dalert%281%29%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?cat=%3Cvideo%3E%3Csource%20onerror%3D%22javascript%3Aalert%281%29%22%3E
-      [Hole] [Integer SQL injection] http://testphp.vulnweb.com/listproducts.php?cat=1 GET /listproducts.php?cat=1%2B1-1 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Hole] [String SQL injection] http://testphp.vulnweb.com/listproducts.php?cat=1 GET /listproducts.php?cat=1/%2A%2A/and/%2A%2A/1%3B%23 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Hole] [String SQL injection] http://testphp.vulnweb.com/listproducts.php?cat=1 GET /listproducts.php?cat=1%09and%091%3B%23 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Hole] [String SQL injection] http://testphp.vulnweb.com/listproducts.php?cat=1 GET /listproducts.php?cat=1%0Aand/%2A%2A/1%3B%23 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Note] Infomation Collect:[email protected]
-      [Hole] [Error SQL Found MySQL database] http://testphp.vulnweb.com/listproducts.php?cat=1 mysql_fetch_array()GET /listproducts.php?cat=1%27 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Hole] [Error SQL Found MySQL database] http://testphp.vulnweb.com/listproducts.php?cat=1 mysql_GET /listproducts.php?cat=1%27 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Hole] [Error SQL Found MySQL database] http://testphp.vulnweb.com/listproducts.php?cat=1 You have an error in your SQL syntax;GET /listproducts.php?cat=1%27 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Hole] [Error SQL Found MySQL database] http://testphp.vulnweb.com/listproducts.php?cat=1 MySQL server version for the right syntax to useGET /listproducts.php?cat=1%27 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Note] Infomation Collect:[email protected]
-      [Note] Infomation Collect:[email protected]
-      [Note] Infomation Collect:[email protected]
-      [Note] Infomation Collect:[email protected]
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?artist=%3Cscript%3Ealert%281%29%3B%3C/script%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?artist=%3Cscript%3Eprompt%281%29%3B%3C/script%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?artist=%3Cscript%3Econfirm%281%29%3B%3C/script%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?artist=%3Cscr%3Cscript%3Eipt%3Ealert%281%29%3C/scr%3Cscript%3Eipt%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?artist=%3Cobject%20data%3D%22data%3Atext/html%3Bbase64%2CPHNjcmlwdD5hbGVydCgxKTs8L3NjcmlwdD4%3D%22%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?artist=%3Csvg/onload%3Dprompt%281%29%3B%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?artist=%3Cmarquee/onstart%3Dconfirm%281%29%3E/
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?artist=%3Cbody%20onload%3Dprompt%281%29%3B%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?artist=%3Cselect%20autofocus%20onfocus%3Dalert%281%29%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?artist=%3Ctextarea%20autofocus%20onfocus%3Dalert%281%29%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?artist=%3Ckeygen%20autofocus%20onfocus%3Dalert%281%29%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/listproducts.php?artist=%3Cvideo%3E%3Csource%20onerror%3D%22javascript%3Aalert%281%29%22%3E
-      [Hole] [Integer SQL injection] http://testphp.vulnweb.com/listproducts.php?artist=1 GET /listproducts.php?artist=1%2B1-1 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Hole] [String SQL injection] http://testphp.vulnweb.com/listproducts.php?artist=1 GET /listproducts.php?artist=1/%2A%2A/and/%2A%2A/1%3B%23 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Hole] [String SQL injection] http://testphp.vulnweb.com/listproducts.php?artist=1 GET /listproducts.php?artist=1%09and%091%3B%23 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Hole] [String SQL injection] http://testphp.vulnweb.com/listproducts.php?artist=1 GET /listproducts.php?artist=1%0Aand/%2A%2A/1%3B%23 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Note] Infomation Collect:[email protected]
-      [Hole] [Error SQL Found MySQL database] http://testphp.vulnweb.com/listproducts.php?artist=1 mysql_fetch_array()GET /listproducts.php?artist=1%27 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Hole] [Error SQL Found MySQL database] http://testphp.vulnweb.com/listproducts.php?artist=1 mysql_GET /listproducts.php?artist=1%27 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Hole] [Error SQL Found MySQL database] http://testphp.vulnweb.com/listproducts.php?artist=1 You have an error in your SQL syntax;GET /listproducts.php?artist=1%27 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Hole] [Error SQL Found MySQL database] http://testphp.vulnweb.com/listproducts.php?artist=1 MySQL server version for the right syntax to useGET /listproducts.php?artist=1%27 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Hole] [Integer SQL injection] http://testphp.vulnweb.com/product.php?pic=1 GET /product.php?pic=1%2B1-1 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Hole] [String SQL injection] http://testphp.vulnweb.com/product.php?pic=1 GET /product.php?pic=1/%2A%2A/and/%2A%2A/1%3B%23 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Hole] [String SQL injection] http://testphp.vulnweb.com/product.php?pic=1 GET /product.php?pic=1%09and%091%3B%23 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Hole] [String SQL injection] http://testphp.vulnweb.com/product.php?pic=1 GET /product.php?pic=1%0Aand/%2A%2A/1%3B%23 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Note] Infomation Collect:[email protected]
-      [Hole] [Error SQL Found MySQL database] http://testphp.vulnweb.com/product.php?pic=1 mysql_fetch_array()GET /product.php?pic=1%27 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Hole] [Error SQL Found MySQL database] http://testphp.vulnweb.com/product.php?pic=1 mysql_GET /product.php?pic=1%27 HTTP/1.1
-Host: testphp.vulnweb.com
-Connection: Keep-Alive
-Accept-Encoding: gzip, deflate
-User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
-      [Note] Infomation Collect:[email protected]
-      [Note] Infomation Collect:[email protected]
-      [Hole] [XSS] http://testphp.vulnweb.com/showimage.php?file=%3Cscript%3Ealert%281%29%3B%3C/script%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/showimage.php?file=%3Cscript%3Eprompt%281%29%3B%3C/script%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/showimage.php?file=%3Cscript%3Econfirm%281%29%3B%3C/script%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/showimage.php?file=%3Cscr%3Cscript%3Eipt%3Ealert%281%29%3C/scr%3Cscript%3Eipt%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/showimage.php?file=%3Cobject%20data%3D%22data%3Atext/html%3Bbase64%2CPHNjcmlwdD5hbGVydCgxKTs8L3NjcmlwdD4%3D%22%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/showimage.php?file=%3Csvg/onload%3Dprompt%281%29%3B%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/showimage.php?file=%3Cmarquee/onstart%3Dconfirm%281%29%3E/
-      [Hole] [XSS] http://testphp.vulnweb.com/showimage.php?file=%3Cbody%20onload%3Dprompt%281%29%3B%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/showimage.php?file=%3Cselect%20autofocus%20onfocus%3Dalert%281%29%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/showimage.php?file=%3Ctextarea%20autofocus%20onfocus%3Dalert%281%29%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/showimage.php?file=%3Ckeygen%20autofocus%20onfocus%3Dalert%281%29%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/showimage.php?file=%3Cvideo%3E%3Csource%20onerror%3D%22javascript%3Aalert%281%29%22%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/?pp=%3Cscript%3Ealert%281%29%3B%3C/script%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/?pp=%3Cscript%3Eprompt%281%29%3B%3C/script%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/?pp=%3Cscript%3Econfirm%281%29%3B%3C/script%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/?pp=%3Cscr%3Cscript%3Eipt%3Ealert%281%29%3C/scr%3Cscript%3Eipt%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/?pp=%3Cobject%20data%3D%22data%3Atext/html%3Bbase64%2CPHNjcmlwdD5hbGVydCgxKTs8L3NjcmlwdD4%3D%22%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/?pp=%3Csvg/onload%3Dprompt%281%29%3B%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/?pp=%3Cmarquee/onstart%3Dconfirm%281%29%3E/
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/?pp=%3Cbody%20onload%3Dprompt%281%29%3B%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/?pp=%3Cselect%20autofocus%20onfocus%3Dalert%281%29%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/?pp=%3Ctextarea%20autofocus%20onfocus%3Dalert%281%29%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/?pp=%3Ckeygen%20autofocus%20onfocus%3Dalert%281%29%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/?pp=%3Cvideo%3E%3Csource%20onerror%3D%22javascript%3Aalert%281%29%22%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=%3Cscript%3Ealert%281%29%3B%3C/script%3E&pp=12
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=%3Cscript%3Eprompt%281%29%3B%3C/script%3E&pp=12
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=%3Cscript%3Econfirm%281%29%3B%3C/script%3E&pp=12
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=%3Cscr%3Cscript%3Eipt%3Ealert%281%29%3C/scr%3Cscript%3Eipt%3E&pp=12
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=%3Cobject%20data%3D%22data%3Atext/html%3Bbase64%2CPHNjcmlwdD5hbGVydCgxKTs8L3NjcmlwdD4%3D%22%3E&pp=12
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=%3Csvg/onload%3Dprompt%281%29%3B%3E&pp=12
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=%3Cmarquee/onstart%3Dconfirm%281%29%3E/&pp=12
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=%3Cbody%20onload%3Dprompt%281%29%3B%3E&pp=12
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=%3Cselect%20autofocus%20onfocus%3Dalert%281%29%3E&pp=12
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=%3Ctextarea%20autofocus%20onfocus%3Dalert%281%29%3E&pp=12
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=%3Ckeygen%20autofocus%20onfocus%3Dalert%281%29%3E&pp=12
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=%3Cvideo%3E%3Csource%20onerror%3D%22javascript%3Aalert%281%29%22%3E&pp=12
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=%3Cscript%3Ealert%281%29%3B%3C/script%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=%3Cscript%3Eprompt%281%29%3B%3C/script%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=%3Cscript%3Econfirm%281%29%3B%3C/script%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=%3Cscr%3Cscript%3Eipt%3Ealert%281%29%3C/scr%3Cscript%3Eipt%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=%3Cobject%20data%3D%22data%3Atext/html%3Bbase64%2CPHNjcmlwdD5hbGVydCgxKTs8L3NjcmlwdD4%3D%22%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=%3Csvg/onload%3Dprompt%281%29%3B%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=%3Cmarquee/onstart%3Dconfirm%281%29%3E/
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=%3Cbody%20onload%3Dprompt%281%29%3B%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=%3Cselect%20autofocus%20onfocus%3Dalert%281%29%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=%3Ctextarea%20autofocus%20onfocus%3Dalert%281%29%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=%3Ckeygen%20autofocus%20onfocus%3Dalert%281%29%3E
-      [Hole] [XSS] http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=%3Cvideo%3E%3Csource%20onerror%3D%22javascript%3Aalert%281%29%22%3E
-[***] Report end
-```
+用`w9scan 1.6.0` 扫描 http://testphp.vulnweb.com/ 的扫描报告生成在`vulnweb.com_1515587017.html`可自行查看
+![](https://github.com/boy-hack/w9scan/blob/master/images/report.png)
+
 
 ## Useage
 python w9scan.py