A few fixes and enhancements

EyeWitness.py

@@ -1,4 +1,4 @@
-#!/usr/bin/python
+#!/usr/bin/env python
 
 """
  This script's inspiration was Tim Tomes's web screenshotting script PeepingTom
@@ -15,6 +15,7 @@
 import sys
 import xml.etree.ElementTree as XMLParser
 import urllib2
+import cgi
 import re
 import logging
 import subprocess
@@ -214,8 +215,8 @@ def webHeader():
     web_index_head += "<center>Report Generated on " + report_date + " at " + report_time
     web_index_head += "<br><table border=\"1\">\n"
     web_index_head += "<tr>\n"
-    web_index_head += "<th>Web Screenshot</th>\n"
     web_index_head += "<th>Web Request Info</th>\n"
+    web_index_head += "<th>Web Screenshot</th>\n"
     web_index_head += "</tr>\n"
     return web_index_head
 
@@ -229,6 +230,10 @@ def fileNames(url_given):
     src_name = pic_name + ".txt"
     pic_name = pic_name + ".png"
     return url_given, src_name, pic_name
+
+def htmlEncode(dangerous_data):
+    encoded = cgi.escape(dangerous_data, quote=True)
+    return encoded
 
 if __name__ == "__main__":
 
@@ -302,7 +307,7 @@ def fileNames(url_given):
 
             try:
                 for key, value in page.headers.items():
-                    web_index += "\n<br><b> " + key.replace("u\'", "") + ":</b> " + value
+                    web_index += "\n<br><b> " + htmlEncode(key.replace("u\'", "")) + ":</b> " + htmlEncode(value)
 
             except AttributeError:
                 web_index += "\n<br><br>Potential blank page or SSL issue with <a href=\"" + url + "\" target=\"_blank\">" + url + "</a>."
@@ -406,4 +411,4 @@ def fileNames(url_given):
             page_append.write(link_text)
             page_append.close()
 
-    print "\n[*] Done! Check out the report in the " + report_folder + " folder!"
+    print "\n[*] Done! Check out the report in the " + report_folder + " folder!"