Video wird geladen...

Video konnte nicht geladen werden

Zur Startseite

who said nextjs / rsc was slow? skill issue

213,556 Aufrufe • vor 1 Jahr •via X (Twitter)

9 Kommentare

Profilbild von Lewis ⚡ oss/acc
Lewis ⚡ oss/accvor 1 Jahr

check out our PH launch thanks

Profilbild von Ithy
Ithyvor 1 Jahr

What happens when you combine every AI? It's time for something better than ChatGPT...

Profilbild von IroncladDev
IroncladDevvor 1 Jahr

if utilized correctly, they can be fast if you dynamically load the whole page as a client component, it'll be super slow

Profilbild von Lewis ⚡ oss/acc
Lewis ⚡ oss/accvor 1 Jahr

clean

Profilbild von Yoginth
Yoginthvor 1 Jahr

Slow for me still 🙈

Profilbild von Festus
Festusvor 1 Jahr

Feels like the Pages are either pre fetched or you've clicked them before recording this 😅 Do a refresh record and click through

Profilbild von Lewis ⚡ oss/acc
Lewis ⚡ oss/accvor 1 Jahr

nope, no pre-fetching other than using <Link /> in some places + this was production and a fresh build

Profilbild von Comp AI
Comp AIvor 1 Jahr

we launching?

Profilbild von Lewis ⚡ oss/acc
Lewis ⚡ oss/accvor 1 Jahr

yessir

Ähnliche Videos

🚨 POC for CVE-2025-55182 that works on Next.js 16.0.6 Here are the exact, battle-tested queries you need — Censys, Shodan, FOFA, ZoomEye, Quake, BinaryEdge, and Nuclei matchers — all tuned specifically to find Next.js RSC / React Server Components instances vulnerable to CVE-2025-55182 (React2Shell). ⸻ ✅ 1. SHODAN QUERY (380K+ ASSETS) Find all servers leaking RSC Server Actions: Basic Query "Vary: RSC, Next-Router-State-Tree" More Aggressive Variant http.headers.vary:"RSC" AND http.headers.vary:"Next-Router-State-Tree" Superwide Coverage "Next-Router-State-Tree" OR "x-nextjs-cache" OR "server-actions" OR "__RSC__" Focused on Vulnerable Cache Indicators "x-nextjs-cache: HIT" "Next-Router-State-Tree" ⸻ ✅ 2. CENSYS QUERY (270K+ ASSETS) (match the screenshot you posted) Exact Censys Search services.http.response.headers.vary: "RSC, Next-Router-State-Tree" Safer Multi-Matcher services.http.response.headers.vary: "RSC" AND services.http.response.headers.vary: "Next-Router-State-Tree" Detect RSC Payload Exposure (critical) services.http.response.body: "__RSC__" Detect Flight Data Leaks services.http.response.body: "server-reference-manifest" ⸻ ✅ 3. FOFA QUERY (CHINA’S OSINT GIANT) (VERY POWERFUL for RSC/Next.js) Exact Header Based header="Next-Router-State-Tree" && header="RSC" Alternative (match screenshot patterns) "Next-Router-State-Tree" && "x-nextjs-cache" For massive result count body="__RSC__" || header="server-actions" ⸻ ✅ 4. ZOOMEYE QUERY ZoomEye scans often catch Node.js apps Shodan misses. Exact Unicode-Ready Query "Next-Router-State-Tree" && "RSC" Advanced app:"Next.js" && header:"RSC" ⸻ ✅ 5. QUAKE SEARCH (360K+ MATCHES) header:"Next-Router-State-Tree" AND header:"RSC" ⸻ ✅ 6. BINARYEDGE QUERY http.response.headers.vary:"Next-Router-State-Tree" ⸻ ✅ 7. QUERY headers:"Next-Router-State-Tree" && headers:"RSC" ⸻ 🎯 8. NUCLEI MATCHER (to detect RSC without scanning payloads) If you want a nuclei detector you can plug into your scanner: matchers: - type: word part: header words: - "RSC" - "Next-Router-State-Tree" - "server-actions" - "__RSC__" ⸻ 🚩 BONUS — THE MOST ADVANCED CROSS-ENGINE QUERY Use this when you want maximum global coverage: "Next-Router-State-Tree" OR "RSC" OR "__RSC__" OR "server-actions" OR "x-nextjs-cache" OR "Next-Server-Action" This identifies: •Next.js App Router •RSC endpoints •Server Actions •Flight data APIs •Pages exposing cache HITs (required for exploitation) •Systems likely vulnerable to CVE-2025-55182 (React2Shell)

X

10,469 Aufrufe • vor 7 Monaten