Skip to content

Releases: ssl/ezXSS

ezXSS v3.3

24 Aug 18:31
@ssl ssl
7dab57d
Compare
Choose a tag to compare

ezXSS 3.3 is a small update before the 4.0 release. I've refactored some code and added a kill switch.

It would probably still take some time before 4.0 will be released. More 3.x releases can be expected.

Thanks for using ezXSS!

ezXSS v3.2

19 Mar 14:05
@ssl ssl
4ab7bfa
Compare
Choose a tag to compare

ezXSS 3.2 is now available! This release fixes some bugs and security issues. ezXSS 3.1 and 3.0 are affected by these bugs, which are fixed in version 3.2. You should update to prevent information disclosure.

Changelog:

  • Fixed search function
  • Support chinese
  • Fixed 2FA for new installations
  • Fixed share report bug/security issue

Thanks to @54Pany and @geeknik

ezXSS v3.1

04 Nov 17:43
@ssl ssl
10053e7
Compare
Choose a tag to compare

Quick update.

3.1 Changelog:

  • Checks if you are on PHP >7.1
  • Fixed an issue where blocked domains didn't properly work
  • Fixed 2FA login
  • Fixed a possible memory limit issue.

Will be working on v4.0 soon with a new codebase. Open for ideas and feedback.

ezXSS v3.0

28 May 19:14
@ssl ssl
7b1c259
Compare
Choose a tag to compare

Thanks for using ezXSS. After I quit working on this project for more than a year, the new release is here.

Update log ezXSS 3.0:

  • Recoded the entire application
  • Fixed & cleaned some styling issues
  • Added back screenshots and option to disable
  • Added Local Storage and Session Storage in payload
  • Added direct share link for reports
  • And many more small features and improvements

If you have any feedback, suggestions or found a bug please let me know.

Execute this SQL to update from 2.x to 3.0:

INSERT INTO `settings` (`id`, `setting`, `value`) VALUES (NULL, 'screenshot', '0');

ALTER TABLE `reports` ADD `screenshot` LONGTEXT NULL DEFAULT NULL AFTER `archive`, ADD `localstorage` LONGTEXT NULL DEFAULT NULL AFTER `archive`, ADD `sessionstorage` LONGTEXT NULL DEFAULT NULL AFTER `archive`, ADD `shareid` VARCHAR(50) NOT NULL AFTER `id`;

UPDATE `reports` SET `shareid` = concat(
    lpad(conv(floor(rand()*pow(36,8)), 10, 36), 8, 0),
    lpad(conv(floor(rand()*pow(36,8)), 10, 36), 8, 0),
    lpad(conv(floor(rand()*pow(36,8)), 10, 36), 8, 0),
    lpad(conv(floor(rand()*pow(36,8)), 10, 36), 8, 0)
);

ezXSS v2.3

03 Apr 12:01
@ssl ssl
7613faa
Compare
Choose a tag to compare

Hey! Because of massive interests in ezXSS, I decided to release a small update.

  • Fixed an issue with reports not showing up
    • If you still have this issue, please check #10
  • Fixed an small parsing issue

I am currently busy with ezXSS 3.0, stay tuned!

ezXSS v2.2

21 Nov 16:36
@ssl ssl
7b14ed2
Compare
Choose a tag to compare

The great release with great new functions. It is here.

This version contains:

  • Fixed all small bugs and typos I could find.
  • You are now able to block a domain
  • Added a notepad to the dashboard. In case you need to save some info!
  • Share page is removed and now integrated on the reports page with a modal.
  • Archive reports that you don't want to see, but also don't want to delete.
  • Search page is removed and now fully integrated on the reports page.
  • Searching is now optimized, find things even better.
  • Added more payloads.
  • Added the setting to change your domain name for payloads.
  • Added API key. The API is not done, so you can not use it yet.

If you find any bugs or have a great idea, let me know! Next version with API and a new feature you would love (suggested by @dev) coming soon!

ezXSS v2.1

09 Nov 09:33
@ssl ssl
58bb4be
Compare
Choose a tag to compare

ezXSS is a bit optimized. Some templates are removed and integrated into the framework.

  • Screenshots removed
  • Fixed an share issue

Screenshots are temporary removed. I noticed that on some sites the callback was not called because of an issue with making the screenshot. Will try to fix this soon.

Please leave any positive or negative feedback, it helps!

ezXSS v2.0

12 Jun 20:15
@ssl ssl
Compare
Choose a tag to compare

The release of the first official ezXSS! Welcome to 2.0.

This version has a lot of new features and fixes, some of the main things:

  • A total new design, hopefully you like it :-)
  • The email design is also changed
  • Installation is now easier
  • Searching on the reports page
  • The way you delete reports is changed, and screenshots of reports are now also deleted
  • Removed username from logging in (password only)
  • Option to add Google's 2FA to the login
  • New favicon
  • A lot of small features added, updated or deleted
  • Cleaned up allot of code again

Please leave any positive or negative feedback, it helps!

Settings

ezXSS v1.6

10 Apr 20:00
@ssl ssl
Compare
Choose a tag to compare
ezXSS v1.6 Pre-release
Pre-release

It is here, ezXSS version 1.6

What is fixed?

  • Fixed an HTTPS issue for some servers
  • Fixed/removed the index.js for some servers
  • Cleaned some CSS
  • Secret key is removed from sharing (I even found out you could bypass the secret key)
  • Filter tab removed to dashboard
  • Changed some design things in "All reports" and "Search"

What is added?

  • Custom JavaScript is here! Visit the payload page
  • Check more statics on the dashboard
  • Download latest ezXSS version from the dashboard

The next version will include even more great functions! Including ez installation and updating.

ezXSS v1.5

28 Mar 14:43
@ssl ssl
Compare
Choose a tag to compare
ezXSS v1.5 Pre-release
Pre-release

Here it is: ezXSS v1.5

What is changed?

  • Cleaned up some code
  • Now you can delete a report
  • Share a report easier with auto fill
  • Fixed an password changing issue where you could change the password without an correct current password
  • New CDN for jquery and bootstrap
  • Some small fixes

Soon I will release v1.6 with allot of new features.