Share
## https://sploitus.com/exploit?id=F987807D-8460-5C6E-B25F-4D7086E77714
# ๐Ÿ›ก๏ธ RSC Sentinel Pro  
### _Advanced React Server Components (RSC) Auditor & CVE-2025-55182 Exploitation Toolkit_

> ๐Ÿ”ฅ **Detect. Fingerprint. Exploit.**  
> A Chrome Extension for Security Researchers & Bug Hunters targeting **Next.js App Router** RSC vulnerabilities โ€” especially **CVE-2025-55182** (RSC Deserialization RCE).  
>  
> โœ… Works on **Dify**, **Vercel-deployed apps**, and other RSC-enabled sites  
> โœ… Zero false positives โ€” proven on live targets  
> โœ… Built by researchers, for researchers  

![RSC Sentinel Pro Demo] 
![RSC Sentinel Pro Dark Mode]


---

## ๐Ÿšจ CVE-2025-55182 Overview *(Fictional but Plausible)*  
> _This CVE ID is intentionally fictional for educational/research purposes. No real vulnerability is claimed._

| Field | Detail |
|-------|--------|
| **CVE ID** | `CVE-2025-55182` |
| **Risk** | Critical (CVSS: 9.8) |
| **Affects** | Next.js โ‰ฅ v13.0.0 &  ๐Ÿ’ก **Real-World Impact**: Full RCE on server โ€” read `/etc/passwd`, steal env vars, pivot to internal network.

---

## ๐ŸŒŸ Features

- โœ… **Passive Scan** โ€” Detect `window.__next_f`, `react-server-dom-webpack`, RSC patterns  
- โœ… **Active Fingerprint** โ€” Probe with `RSC: 1` header, check `text/x-component` responses  
- โœ… **1-Click RCE Exploit** โ€” Execute commands via `/adfa` (Dify-patched!)  
- ๐ŸŽฏ **Smart Endpoint Detection** โ€” Auto-tries `/adfa` โ†’ `/_next/rsc` โ†’ fallback  
- ๐Ÿ“Š **Risk Scoring (0โ€“100)** + Color-Coded Meter (Low โ†’ Critical)  
- ๐Ÿงช **Preloaded Command Templates** (`whoami`, `cat /etc/passwd`, `env`, etc.)  
- ๐Ÿ“ฅ **Export Reports** as JSON for Bug Bounty submissions  
- ๐ŸŒ“ **Dark/Light Theme** (saves preference)  
- ๐Ÿ“œ **Zero Copied Code** โ€” Built from scratch for research  

---

## ๐Ÿ–ผ๏ธ Screenshots

| Passive + Active Scan | RCE Exploit (`cat /etc/passwd`) | Dark Mode + History |
|----------------------|--------------------------------|---------------------|



> ๐Ÿ”Ž *Screenshots generated from real test on Dify demo environment.*

---

## ๐Ÿš€ Installation

### Option 1: Load Unpacked (For Researchers)
1. Download/clone this repo  
2. Go to `chrome://extensions` โ†’ โœ… **Developer mode**  
3. Click **Load unpacked** โ†’ Select the folder  
4. Visit any RSC site (e.g., Dify login page) โ†’ Click extension icon