Skip to content

XRAY 1.3.0
Compare
Choose a tag to compare
@zema1 zema1 released this 27 Aug 09:42
· 278 commits to master since this release
1.3.0
da1bf31
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Features:

  • 改进高级版授权验证机制,旧版授权不再支持,需要联系管理员重新签发
  • 改进普通爬虫实现逻辑,更加可靠和稳定
  • 部分平台自动调整 rlimit 限制,避免因此导致的请求失败
  • baseline 插件新增检查项,需自行开启:
    • detect_china_bank_card 检查银行卡号泄露
    • detect_china_address 检测街道地址泄露
  • 同步社区新增检测 POC,支持部分 HW 热门漏洞检测,需自行合并到配置文件或重新生成配置文件
    • poc-yaml-sangfor-edr-arbitrary-admin-login
    • poc-yaml-sangfor-edr-rce
    • poc-yaml-tongda-meeting-unauthorized-access
    • poc-yaml-citrix-cve-2020-8193-unauthorized
    • poc-yaml-bt742-pma-unauthorized-access
    • poc-yaml-apache-ofbiz-cve-2020-9496-xml-deserialization
    • poc-yaml-apacheofbiz-cve-2018-8033-xxe
    • poc-yaml-jenkins-unauthorized-access
    • poc-yaml-joomla-component-vreview-sql
    • poc-yaml-joomla-cve-2018-7314-sql
    • poc-yaml-jupyter-notebook-unauthorized-access
    • poc-yaml-nexusdb-cve-2020-24571-path-traversal
    • poc-yaml-openfire-cve-2019-18394-ssrf
    • poc-yaml-wordpress-cve-2019-19985-infoleak

Bugfixes:

  • 修复 sql 注入部分网站扫不出的问题 #834
  • 修复 shiro 自定义 aes_key 不生效的问题
  • 修复 poc-yaml-thinkcmf-write-shell 未闭合导致的错误
  • 修复 poc-yaml-draytek-cve-2020-8515 的误报
Assets 10
Loading