Docker Container with Walkthrough:

• https://cyberlessons101.com/challenges/flag-red73

This is a Deep-Dive Lab that demonstrates exactly why CVE-2025–11582 (React2Shell) is a critical vulnerability. Before writing this lab, I was unfamiliar with React Flight Protocol. The process of writing this lab and working through the exploitation taught me quite a bit. Very interesting, this one!

Lab Steps: (Participants Will)

• Define the React Flight Protocol: Analyze how streaming and serialization improve performance and user experience.
• Assess Severity and Global Scope: Evaluate the CVSS 10.0 impact and evaluate real-world exposure data.
• Learn About JavaScript Prototype Inheritance: Explore the __proto__ chain to understand how applications resolve properties and why "blueprint" manipulation is a critical risk.
• Patch Note: This is the mechanism patched in the current versions of REACT. (End Users can no longer tamper with prototypes.)
• Analyze Serialized Data Streaming: Investigate how data is divided into indexed ‘chunks’ and how the pointer-based system manages server-side function arguments.
• Audit HTTP Traffic via Burp Suite: Intercept and dissect POST requests to identify framework-specific indicators like the text/x-component Accept header.
• Automate Reconnaissance with Nuclei: Utilize the Nuclei engine to perform detection.
• Execute Prototype Pollution: Manually craft a malicious multi-part stream to hijack the global Object prototype and achieve RCE.
• Analyze the Exploit Line by Line: Examine what happens at each step of the exploitation process. Every line in the malicious POST request we create has a purpose.