{"id":34724491,"url":"https://github.com/ndr-repo/react2shell","last_synced_at":"2026-03-16T13:45:21.065Z","repository":{"id":329172303,"uuid":"1118442086","full_name":"ndr-repo/react2shell","owner":"ndr-repo","description":"Resources for red team operators to discover \u0026 leverage react2shell vulnerabilities","archived":false,"fork":false,"pushed_at":"2025-12-17T21:11:48.000Z","size":84,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-12-21T07:24:25.929Z","etag":null,"topics":["react2shell","react2shell-scanner"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ndr-repo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-12-17T19:02:38.000Z","updated_at":"2025-12-17T21:11:52.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/ndr-repo/react2shell","commit_stats":null,"previous_names":["ndr-repo/react2shell"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/ndr-repo/react2shell","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ndr-repo%2Freact2shell","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ndr-repo%2Freact2shell/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ndr-repo%2Freact2shell/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ndr-repo%2Freact2shell/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ndr-repo","download_url":"https://codeload.github.com/ndr-repo/react2shell/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ndr-repo%2Freact2shell/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28017200,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-12-25T02:00:05.988Z","response_time":58,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["react2shell","react2shell-scanner"],"created_at":"2025-12-25T02:19:35.139Z","updated_at":"2026-03-16T13:45:21.058Z","avatar_url":"https://github.com/ndr-repo.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# react2shell\nResources for red team operators to discover \u0026amp; exploit react2shell vulnerabilities. For authorized use only. I am not responsible for your actions.\n\n\n## Recon Automation Bookmarklet\n\n![bookmarklet](https://github.com/ndr-repo/react2shell/blob/main/react2shell-bookmarklet-search.png) ![search-result](https://github.com/ndr-repo/react2shell/blob/main/react2shell-bookmarklet-search-results.png)\n\n### Related PoCs\n\n- [maple3142 RCE PoC](https://gist.github.com/maple3142/48bc9393f45e068cf8c90ab865c0f5f3)\n\n## Related Exploit Chain - Trend Micro Research\n\n![TrendMicro-ExploitChain](https://www.trendmicro.com/content/dam/trendmicro/global/en/research/25/l/cve-2025-55182-analysis-poc-itw/React2Shell-Infection-Chain.png)\n\n### base64 encoding bash one-liners\n\n```\necho ā€œ\u003cbash one-liner\u003eā€ | base64\n```\n\n### Running base64 encoded bash one-liners\n\n```\necho ā€œ\u003cbase64 encoded one-liner\u003eā€ | base64 -d | bash\n```\n\n### example - creating a host fingerprinting one-liner: \n```\necho \"uname -a \u0026\u0026 id \u0026\u0026 ip address | grep -oP 'inet.*' \" | base64\n```\n\n### example - running base64 encoded host fingerprinting one-liner:\n\n```\necho \"dW5hbWUgLWEgJiYgaWQgJiYgaXAgYWRkcmVzcyB8ICBncmVwIC1vUCAnaW5ldC4qJyAK\" | base64 -d | bash\n```\n\n## Related Industry Articles\n- [SonicWall Capture Labs](https://www.sonicwall.com/blog/react2shell-cve-2025-55182-critical-unauthenticated-rce)\n- [Trend Micro Research](https://www.trendmicro.com/en_us/research/25/l/CVE-2025-55182-analysis-poc-itw.html)\n- [Splunk Research](https://research.splunk.com/stories/react2shell/)\n\n## Labs\n\n- [TryHackMe](https://tryhackme.com/room/react2shellcve202555182)\n \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fndr-repo%2Freact2shell","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fndr-repo%2Freact2shell","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fndr-repo%2Freact2shell/lists"}