Skip to content

XRAY 1.7.0
Compare
Choose a tag to compare
@zema1 zema1 released this 20 Jan 08:48
· 194 commits to master since this release
1.7.0
528778d
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

国内用户可以从 https://download.xray.cool/ 进行下载,速度更快。

  • webscan 增加 --burp-file xxx 的输入来源,可以用于解析 burp 的导出文件并扫描
  • 为 yaml poc 增加 response.latency 表示响应延迟,单位毫秒
  • 修复 yaml poc 对 bytes 替换的问题,可以编写 body 是 bytes 的 poc 了
  • 新增如下热门漏洞 poc,共计 29 个,感谢社区师傅们的提交,下列 poc 更新后即可自动加载
    • poc-yaml-alibaba-nacos-v1-auth-bypass
    • poc-yaml-chinaunicom-modem-default-password
    • poc-yaml-citrix-xenmobile-cve-2020-8209
    • poc-yaml-craftcms-seomatic-cve-2020-9757-rce
    • poc-yaml-dlink-dsl-2888a-rce
    • poc-yaml-dotnetcms-sqli
    • poc-yaml-flink-jobmanager-cve-2020-17519-lfi
    • poc-yaml-frp-dashboard-unauth
    • poc-yaml-go-pprof-leak
    • poc-yaml-jira-cve-2019-8442
    • poc-yaml-jumpserver-unauth-rce
    • poc-yaml-kafka-manager-unauth
    • poc-yaml-lanproxy-cve-2021-3019-lfi
    • poc-yaml-nps-default-password
    • poc-yaml-opentsdb-cve-2020-35476-rce
    • poc-yaml-ruijie-eg-rce
    • poc-yaml-samsung-wea453e-default-pwd
    • poc-yaml-samsung-wea453e-rce
    • poc-yaml-seeyon-ajax-unauthorized-access
    • poc-yaml-seeyon-cnvd-2020-62422-readfile
    • poc-yaml-solarwinds-cve-2020-10148
    • poc-yaml-sonarqube-cve-2020-27986-unauth
    • poc-yaml-springboot-env-unauth
    • poc-yaml-terramaster-cve-2020-15568
    • poc-yaml-terramaster-cve-2020-28188-rce
    • poc-yaml-vmware-vcenter-arbitrary-file-read
    • poc-yaml-yonyou-nc-arbitrary-file-upload
    • poc-yaml-zeit-nodejs-cve-2020-5284-directory-traversal
    • poc-yaml-zeroshell-cve-2019-12725-rce
Assets 10
Loading