EzXSS Versions Save

ezXSS 3.3 is a small update before the 4.0 release. I've refactored some code and added a kill switch.

It would probably still take some time before 4.0 will be released. More 3.x releases can be expected.

Thanks for using ezXSS!

ezXSS 3.2 is now available! This release fixes some bugs and security issues. ezXSS 3.1 and 3.0 are affected by these bugs, which are fixed in version 3.2. You should update to prevent information disclosure.

Changelog:

• Fixed search function
• Support chinese
• Fixed 2FA for new installations
• Fixed share report bug/security issue

Thanks to @54Pany and @geeknik

Quick update.

3.1 Changelog:

• Checks if you are on PHP >7.1
• Fixed an issue where blocked domains didn't properly work
• Fixed 2FA login
• Fixed a possible memory limit issue.

Will be working on v4.0 soon with a new codebase. Open for ideas and feedback.

Thanks for using ezXSS. After I quit working on this project for more than a year, the new release is here.

Update log ezXSS 3.0:

• Recoded the entire application
• Fixed & cleaned some styling issues
• Added back screenshots and option to disable
• Added Local Storage and Session Storage in payload
• Added direct share link for reports
• And many more small features and improvements

If you have any feedback, suggestions or found a bug please let me know.

Execute this SQL to update from 2.x to 3.0:

INSERT INTO `settings` (`id`, `setting`, `value`) VALUES (NULL, 'screenshot', '0');

ALTER TABLE `reports` ADD `screenshot` LONGTEXT NULL DEFAULT NULL AFTER `archive`, ADD `localstorage` LONGTEXT NULL DEFAULT NULL AFTER `archive`, ADD `sessionstorage` LONGTEXT NULL DEFAULT NULL AFTER `archive`, ADD `shareid` VARCHAR(50) NOT NULL AFTER `id`;

UPDATE `reports` SET `shareid` = concat(
    lpad(conv(floor(rand()*pow(36,8)), 10, 36), 8, 0),
    lpad(conv(floor(rand()*pow(36,8)), 10, 36), 8, 0),
    lpad(conv(floor(rand()*pow(36,8)), 10, 36), 8, 0),
    lpad(conv(floor(rand()*pow(36,8)), 10, 36), 8, 0)
);

Hey! Because of massive interests in ezXSS, I decided to release a small update.

• Fixed an issue with reports not showing up
  • If you still have this issue, please check https://github.com/ssl/ezXSS/issues/10
• Fixed an small parsing issue

I am currently busy with ezXSS 3.0, stay tuned!

The great release with great new functions. It is here.

This version contains:

• Fixed all small bugs and typos I could find.
• You are now able to block a domain
• Added a notepad to the dashboard. In case you need to save some info!
• Share page is removed and now integrated on the reports page with a modal.
• Archive reports that you don't want to see, but also don't want to delete.
• Search page is removed and now fully integrated on the reports page.
• Searching is now optimized, find things even better.
• Added more payloads.
• Added the setting to change your domain name for payloads.
• Added API key. The API is not done, so you can not use it yet.

If you find any bugs or have a great idea, let me know! Next version with API and a new feature you would love (suggested by @dev) coming soon!

ezXSS is a bit optimized. Some templates are removed and integrated into the framework.

• Screenshots removed
• Fixed an share issue

Screenshots are temporary removed. I noticed that on some sites the callback was not called because of an issue with making the screenshot. Will try to fix this soon.

Please leave any positive or negative feedback, it helps!

The release of the first official ezXSS! Welcome to 2.0.

This version has a lot of new features and fixes, some of the main things:

• A total new design, hopefully you like it :-)
• The email design is also changed
• Installation is now easier
• Searching on the reports page
• The way you delete reports is changed, and screenshots of reports are now also deleted
• Removed username from logging in (password only)
• Option to add Google's 2FA to the login
• New favicon
• A lot of small features added, updated or deleted
• Cleaned up allot of code again

Please leave any positive or negative feedback, it helps!

It is here, ezXSS version 1.6

What is fixed?

• Fixed an HTTPS issue for some servers
• Fixed/removed the index.js for some servers
• Cleaned some CSS
• Secret key is removed from sharing (I even found out you could bypass the secret key)
• Filter tab removed to dashboard
• Changed some design things in "All reports" and "Search"

What is added?

• Custom JavaScript is here! Visit the payload page
• Check more statics on the dashboard
• Download latest ezXSS version from the dashboard

The next version will include even more great functions! Including ez installation and updating.

Here it is: ezXSS v1.5

What is changed?

• Cleaned up some code
• Now you can delete a report
• Share a report easier with auto fill
• Fixed an password changing issue where you could change the password without an correct current password
• New CDN for jquery and bootstrap
• Some small fixes

Soon I will release v1.6 with allot of new features.