## https://sploitus.com/exploit?id=89F02650-0FB3-5D35-B8B5-723C77DD579C
# MiddleForce
## π Overview
MiddleForce is a specialized security testing tool designed to detect and exploit the CVE-2025-29927 vulnerability in Next.js middleware. This tool helps security professionals identify applications vulnerable to middleware bypass attacks.
## π Features
- **Middleware Bypass Detection**: Automatically tests for Next.js middleware bypass vulnerabilities
- **Colored Output**: Clear visual indicators for vulnerable and non-vulnerable routes
- **Simple CLI Interface**: Easy-to-use command line arguments
- **Multiple Headers Testing**: Tests various bypass techniques
## π Requirements
- Python 3.x
- Required packages:
- colorama
- requests
- argparse
## π» Installation
### Automatic Installation (Linux)
```bash
git clone https://github.com/diogolourencodev/middleforce.git
cd middleforce
chmod +x install.sh
./install.sh
```
### Manual Installation
```bash
git clone https://github.com/diogolourencodev/middleforce.git
cd middleforce
pip install -r requirements.txt
```
## π§ Usage
```bash
# Basic usage
python3 middleforce.py -t http://example.com/api/dashboard
# If installed globally on Linux
middleforce -t http://example.com/api/dashboard
```
## π Output Interpretation
- **Green Output**: Vulnerable route detected - middleware bypass successful
- **Red Output**: Not vulnerable - either public route or middleware working correctly
- **Cyan Output**: Informational messages or unexpected responses
## π Security Implications
CVE-2025-29927 allows attackers to bypass Next.js middleware protections by manipulating specific HTTP headers. This can lead to unauthorized access to protected routes, API endpoints, and sensitive data.
## π€ Contributing
Contributions are welcome! Feel free to submit pull requests or open issues to improve the tool.
## π€ Author
Created by [Diogo LourenΓ§o](https://github.com/diogolourencodev)
---
If you found this tool useful, please consider giving it a star β