kqjy/scripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fa6dad90e5ec494c756df4a96acb8a5d828a9fcf
scripts/nextcheck.sh
kqjy fa6dad90e5 Update nextcheck.sh
2025-12-07 05:19:39 +00:00

52 lines
2.1 KiB
Bash
Raw Blame History

#!/bin/bash
# Counters
TOTAL_SCANNED=0
NODE_CONTAINERS=0
VULNERABLE_COUNT=0
echo "========================================================"
echo " Next.js Vulnerability Scanner (CVE-2025-55182) "
echo "========================================================"
# Get all running container IDs and Names
# We use a while loop to handle spaces in names correctly
docker ps --format '{{.ID}}|{{.Names}}' | while IFS='|' read -r id name; do
((TOTAL_SCANNED++))
# 1. HEURISTIC CHECK: Is this a Node/JS app?
# We check for package.json in common paths (/app is Coolify standard)
# OR if the 'node' binary exists in the path.
is_node=$(docker exec "$id" sh -c "test -f /app/package.json || test -f /usr/src/app/package.json || command -v node" 2>/dev/null && echo "yes" || echo "no")
if [ "$is_node" == "yes" ]; then
((NODE_CONTAINERS++))
# 2. VERSION CHECK
# Check package.json for "next" version
version_check=$(docker exec "$id" grep -Po '"next":\s*"\^?\K[0-9.]+' /app/package.json 2>/dev/null)
# Check for Standalone server (Production builds)
is_standalone=$(docker exec "$id" ls /app/.next/standalone/server.js 2>/dev/null)
if [[ ! -z "$version_check" ]]; then
echo -e "[\033[31mVULN\033[0m] $name \t-> Next.js $version_check"
((VULNERABLE_COUNT++))
elif [[ ! -z "$is_standalone" ]]; then
echo -e "[\033[33mWARN\033[0m] $name \t-> Detected (Standalone Mode) - Check manually"
((VULNERABLE_COUNT++))
else
# Uncomment the line below if you want to see SAFE node apps too
# echo -e "[\033[32mSAFE\033[0m] $name \t-> Node app (No Next.js detected)"
:
fi
fi
done
echo "========================================================"
echo "SCAN COMPLETE"
echo "--------------------------------------------------------"
echo "Total Containers Scanned: $TOTAL_SCANNED"
echo "Node/JS Environments: $NODE_CONTAINERS"
echo "Next.js Apps Found: $VULNERABLE_COUNT"
echo "========================================================"
Reference in New Issue View Git Blame Copy Permalink