## https://sploitus.com/exploit?id=DE5A4B0C-AC97-565D-BE7F-D798AB83FF60
# Zoomeye Next.js RCE Scanner
Author: im-ezboy
Scanner for Next.js RCE (CVE-2025-55182) using Zoomeye search. Finds targets via Zoomeye queries and tests them with the supplied exploit payload.
## Features
- Two focused Zoomeye dorks by default:
- `http.header="Vary: RSC, Next-Router-State-Tree"`
- `vul.cve="CVE-2025-55182"`
- Parallel scanning (default 20 threads) with request timeout control.
- Saves vulnerable targets to `vulnerable_zoomeye_*.txt` and a detailed JSON report.
- Console output highlights vulnerable targets with separators for readability.
- User-specified max total results (capped at 500,000) to manage scope.
## Requirements
- Python 3.8+
- Dependencies: `requests`, `tqdm`
Install deps:
```bash
pip install requests tqdm
```
## Configuration
Edit `zoomeye.py`:
- `ZOOMEYE_API_KEY` โ put your Zoomeye API key here (remove it before pushing to public repos).
- Optional: `ZOOMEYE_USERNAME`, `ZOOMEYE_PASSWORD` if you prefer JWT login (leave empty for API key).
- `RESULTS_PER_QUERY` (default 1000) and `MAX_PAGES` (default 200) โ pagination controls; subject to your plan limits.
- `MAX_TOTAL_LIMIT` (default 500_000) โ hard cap for user-requested total results.
- `SCAN_THREADS` (default 20) and `REQUEST_TIMEOUT` (default 10s) โ tuning knobs for scanning speed vs. reliability.
## Usage
```bash
python3 zoomeye.py
```
You will be prompted for the total results limit (<= 500000). Press Enter to use the default (RESULTS_PER_QUERY * 2).
Example:
```
Enter max total results to collect (<= 500000, blank=default 2000):
```
## Output
- Console:
- Section separators (`============================`) for each stage.
- If vulnerabilities are found, they are listed in red with indices.
- Files:
- `vulnerable_zoomeye_YYYYMMDD_HHMMSS.txt` โ vulnerable targets (one per line).
- `report_zoomeye_YYYYMMDD_HHMMSS.json` โ summary and metadata.
## Notes for GitHub
- Remove or replace any real API keys before committing.
- Optionally load the key from environment variables instead of hardcoding.
- Add `vulnerable_*.txt` and `report_*.json` to your `.gitignore` if you don't want scan outputs committed.
## Safety & Limits
- Large limits may hit Zoomeye rate limits or plan caps; adjust `RESULTS_PER_QUERY`, `MAX_PAGES`, and the prompted total limit accordingly.
- The exploit payload is for CVE-2025-55182; use responsibly and only on targets you are permitted to test.