I’ve been reading about PWK-Example-Report-v1.pdf at page 7-14 and found that KikChat apps was used in the example.
https://www.offensive-security.com/pwk-online/PWK-Example-Report-v1.pdf
https://www.exploit-db.com/exploits/30235
Copy of the vulnerable apps is available at exploit-db.
https://www.exploit-db.com/apps/1e5d5e719ddcd0568923e6ee58904242-kikchat.zip
However, the actual exploit code/script is no longer there.
http://petitvincent.perso.free.fr/Webmastering/Script%20PHP%20HTML%20JAVASCRIPT/php%20scripts/kikchat.zip
I was wondering what is the content of the exploit code above as I would like to reproduce similar scenario in my lab.
Also, if there is similar vulnhub machine, tryhackme or hackthebox machine, please let me know.