Share
## https://sploitus.com/exploit?id=9F5DA2D6-40FA-55B7-8AB0-59F771FB8B6D
# ๐Ÿ”ฅ React2Shell Toolkit - CVE-2025-55182 & CVE-2025-66478



![React2Shell Banner](https://img.shields.io/badge/React2Shell-Exploitation_Toolkit-red?style=for-the-badge&logo=react)
[![CVE-2025-55182](https://img.shields.io/badge/CVE-2025--55182-critical?style=for-the-badge&logo=cve)](https://nvd.nist.gov/vuln/detail/CVE-2025-55182)
[![CVE-2025-66478](https://img.shields.io/badge/CVE-2025--66478-critical?style=for-the-badge&logo=cve)](https://nvd.nist.gov/vuln/detail/CVE-2025-66478)
[![CVSS](https://img.shields.io/badge/CVSS-10.0_Critical-darkred?style=for-the-badge)](https://www.first.org/cvss/)

**๐Ÿšจ Critical RCE in React Server Components & Next.js ๐Ÿšจ**

*Professional Red Team Toolkit for CVE-2025-55182 Detection & Exploitation*

[๐Ÿ” Features](#-features) โ€ข [โšก Quick Start](#-quick-start) โ€ข [๐Ÿ“š Documentation](#-documentation) โ€ข [๐Ÿค Connect](#-connect-with-me)



---

## ๐ŸŽฏ About CVE-2025-55182 & CVE-2025-66478

### ๐Ÿ› What is React2Shell?

**React2Shell** is a **critical unauthenticated Remote Code Execution (RCE)** vulnerability affecting React Server Components (RSC) and Next.js applications.

| CVE ID | Component | CVSS Score | Impact |
|--------|-----------|------------|--------|
| **CVE-2025-55182** | React Server Components | **10.0** ๐Ÿ”ด | Complete Server Takeover |
| **CVE-2025-66478** | Next.js Server Actions | **10.0** ๐Ÿ”ด | Full System Compromise |

### ๐ŸŽญ Attack Vector

```javascript
// Attacker sends malicious Flight protocol payload
POST / HTTP/1.1
Next-Action: exploit
Content-Type: multipart/form-data

{"__proto__": "pollution", "then": "gadget_chain"} 
    โ†“
Unsafe Deserialization
    โ†“
Prototype Pollution
    โ†“
๐Ÿ’ฅ Remote Code Execution ๐Ÿ’ฅ
```

### ๐ŸŽฏ Affected Versions

- **React**: 19.0.0, 19.1.0, 19.1.1, 19.2.0
- **Next.js**: 15.x, 16.x (with App Router)
- **Frameworks**: React Router, Waku, Vite RSC, Parcel, RedwoodSDK

### โœ… Patched Versions

- **React**: 19.0.1+, 19.1.2+, 19.2.1+
- **Next.js**: 15.0.5+, 15.1.9+, 15.2.6+, 16.0.7+

---

## ๐Ÿ› ๏ธ Toolkit Components

This repository contains **4 professional-grade tools** for CVE-2025-55182 detection and exploitation:





### ๐Ÿ” Nuclei Template
**Advanced Scanner**

![Nuclei](https://img.shields.io/badge/Nuclei-Template-blue?logo=nuclei)

โœ… 5 Payloads  
โœ… Zero False Positives  
โœ… Math Validation  
โœ… Batch Scanning  




### ๐Ÿ Shodan Scanner
**Target Discovery**

![Python](https://img.shields.io/badge/Python-3.8+-blue?logo=python)

โœ… Automated Search  
โœ… Mass Scanning  
โœ… 50+ Shodan Queries  
โœ… Interactive Wizard  




### ๐Ÿ’ป Bash Exploit
**CLI Framework**

![Bash](https://img.shields.io/badge/Bash-Script-green?logo=gnubash)

โœ… 8 Predefined Payloads  
โœ… Interactive Mode  
โœ… Multi-Target Support  
โœ… Cyberpunk UI  




### ๐Ÿ”ง Burp Extension
**Manual Testing**

![Burp](https://img.shields.io/badge/Burp-Extension-orange?logo=burpsuite)

โœ… 30+ Payloads  
โœ… Active + Passive Scan  
โœ… GUI Interface  
โœ… Collaborator Integration  





---

## โšก Quick Start

### ๐Ÿ“ฆ Installation

```bash
# Clone the repository
git clone https://github.com/cybertechajju/cve-2025-55182.git
cd cve-2025-55182

# Install Python dependencies
pip install -r requirements.txt
pip install -r exploits/requirements.txt
```

### ๐Ÿš€ Usage Examples

#### 1๏ธโƒฃ **Nuclei Scanner** (Fastest Detection)

```bash
# Scan single target
nuclei -t nuclei-templates/cve-2025-55182.yaml -u https://target.com

# Scan multiple targets
nuclei -t nuclei-templates/cve-2025-55182.yaml -l targets.txt
```

#### 2๏ธโƒฃ **Shodan Scanner** (Mass Discovery)

```bash
# Interactive wizard mode
python exploits/shodan_scanner_advanced.py

# Or with API key directly
python exploits/shodan_scanner_advanced.py --api YOUR_SHODAN_API_KEY
```

#### 3๏ธโƒฃ **Bash Exploit** (Direct Exploitation)

```bash
# Interactive mode
bash exploits/scanner_advanced.sh -i

# Quick exploitation
bash exploits/scanner_advanced.sh -d https://target.com -p 2
```

#### 4๏ธโƒฃ **Burp Extension** (Manual Testing)

1. Open Burp Suite โ†’ **Extensions** โ†’ **Add**
2. Select `burp-extension/React2Shell_Burp.py`
3. Check "React2Shell Pro" tab for GUI

---

## ๐Ÿ“ Repository Structure

```
cve-2025-55182/
โ”œโ”€โ”€ ๐Ÿ“‚ nuclei-templates/          # Nuclei YAML templates
โ”‚   โ””โ”€โ”€ cve-2025-55182.yaml       # Advanced detection template
โ”œโ”€โ”€ ๐Ÿ“‚ exploits/                  # Exploitation tools
โ”‚   โ”œโ”€โ”€ shodan_scanner_advanced.py   # Shodan mass scanner
โ”‚   โ”œโ”€โ”€ scanner_advanced.sh          # Bash exploitation framework
โ”‚   โ””โ”€โ”€ requirements.txt             # Python dependencies
โ”œโ”€โ”€ ๐Ÿ“‚ burp-extension/            # Burp Suite extension
โ”‚   โ”œโ”€โ”€ React2Shell_Burp.py       # Main extension (30+ payloads)
โ”‚   โ”œโ”€โ”€ payloads.json             # Payload library
โ”‚   โ””โ”€โ”€ detection_rules.json      # Detection patterns
โ”œโ”€โ”€ ๐Ÿ“‚ burp bechek/               # BCheck files for Burp Scanner
โ”‚   โ”œโ”€โ”€ CVE-2025-55182-React2Shell-Active.bcheck
โ”‚   โ””โ”€โ”€ CVE-2025-66478-NextJS-React2Shell-Active.bcheck
โ””โ”€โ”€ ๐Ÿ“„ README.md                  # This file
```

---

## ๐ŸŽจ Features Showcase

### โœจ Nuclei Template Features

- โœ… **5 Exploitation Payloads**: Linux, Windows, alternative endpoints
- โœ… **Mathematical Validation**: `41 * 271 = 11111` (zero false positives)
- โœ… **Multi-Stage Detection**: Framework fingerprinting โ†’ RSC discovery โ†’ RCE validation
- โœ… **Multiple Matchers**: Math validation, error patterns, execution proof

### ๐Ÿ”ฅ Shodan Scanner Features

- โœ… **50+ Shodan Queries**: Maximum vulnerable target discovery
- โœ… **Smart Extraction**: Both IPs and domain names
- โœ… **Interactive Wizard**: Guided setup for beginners
- โœ… **Cyberpunk UI**: Neon-themed terminal with animations
- โœ… **Batch Scanning**: Multi-threaded target scanning
- โœ… **JSON Reports**: Detailed vulnerability reports

### ๐Ÿ’ช Bash Exploit Features

- โœ… **8 Predefined Payloads**: System info, AWS metadata, container detection, etc.
- โœ… **Interactive Mode**: Menu-driven exploitation
- โœ… **Multi-Target Scanning**: Scan from file list
- โœ… **Rich Output**: Color-coded results with animations
- โœ… **Error Analysis**: Detailed failure diagnostics

### ๐Ÿš€ Burp Extension Features

- โœ… **30+ Payload Library**: Organized in 5 categories
- โœ… **Dual Scanners**: Passive monitoring + active exploitation
- โœ… **8-Tab GUI**: Dashboard, scanner, exploitation, payloads, results, config, about
- โœ… **Burp Collaborator**: Out-of-band RCE confirmation
- โœ… **Export Options**: JSON and CSV reports
- โœ… **Confidence Scoring**: Certain (95%), Firm (75%), Tentative (50%)

---

## ๐Ÿ“š Documentation

### ๐Ÿ“– Detailed Guides

- [Nuclei Template Usage](nuclei-templates/README.md)
- [Shodan Scanner Guide](exploits/README.md)
- [Burp Extension Manual](burp-extension/README.md)
- [BCheck Documentation](burp%20bechek/README.md)

### ๐ŸŽ“ Learning Resources

- [Understanding React Server Components](https://react.dev/reference/rsc/server-components)
- [Flight Protocol Deep Dive](https://github.com/facebook/react/tree/main/packages/react-server)
- [Prototype Pollution Explained](https://portswigger.net/web-security/prototype-pollution)

---

## โš ๏ธ Legal & Ethical Disclaimer

```
โ•”โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•—
โ•‘                    โš ๏ธ  CRITICAL WARNING โš ๏ธ                     โ•‘
โ•šโ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•

This toolkit is for AUTHORIZED SECURITY TESTING ONLY.

โš–๏ธ  Legal Use:
   โœ… Penetration testing with written authorization
   โœ… Bug bounty programs within defined scope
   โœ… Security research on owned infrastructure
   โœ… Educational purposes in controlled labs

โŒ Illegal Activities:
   โ›” Unauthorized system access
   โ›” Malicious exploitation
   โ›” Data theft or destruction
   โ›” Deploying malware

By using this toolkit, you agree to use it ethically and legally.
Unauthorized access to computer systems is illegal under:
โ€ข Computer Fraud and Abuse Act (CFAA) - USA
โ€ข Computer Misuse Act - UK
โ€ข Similar laws worldwide

๐Ÿ”’ You are solely responsible for your actions.
```

---

## ๐Ÿค Connect With Me



### ๐Ÿ‘จโ€๐Ÿ’ป **CyberTechAjju**
*Security Researcher โ€ข Red Team Specialist โ€ข Bug Bounty Hunter*

**Motto:** *Keep Learning Keep Hacking* ๐Ÿš€





































---

## ๐ŸŒŸ Star History

If this toolkit helped you, please โญ star this repository!

[![Star History Chart](https://api.star-history.com/svg?repos=cybertechajju/cve-2025-55182&type=Date)](https://star-history.com/#cybertechajju/cve-2025-55182&Date)

---

## ๐Ÿ“ Credits & Acknowledgments

### ๐Ÿ™ Special Thanks

- **React Security Team** - For responsible disclosure
- **ProjectDiscovery** - For Nuclei platform
- **PortSwigger** - For Burp Suite
- **Emre Davut** - Original Shodan scanner inspiration
- **Security Research Community** - For CVE analysis and PoCs

### ๐Ÿ† Original Research

- [Assetnote React2Shell Scanner](https://github.com/assetnote/react2shell-scanner)
- [Maple3142's PoC](https://gist.github.com/maple3142/48bc9393f45e068cf8c90ab865c0f5f3)
- [React Official Advisory](https://react.dev/blog/2025/01/15/react-19-rsc-security-update)

---

## ๐Ÿ“„ License

**For Educational and Authorized Security Testing Only**

No warranty or liability provided. Use at your own risk.

---



### ๐Ÿ’ฌ Questions or Issues?

Open an [Issue](https://github.com/cybertechajju/cve-2025-55182/issues) or reach out on social media!

**Made with โค๏ธ by [CyberTechAjju](https://github.com/cybertechajju)**

*Keep Learning. Keep Hacking. Stay Ethical.* ๐ŸŽฏ๐Ÿ”