Jason Turley JasonTurley

## Arrays_and_Lists.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                JasonTurley
                / Arrays_and_Lists.md
            
            
              Last active
              June 18, 2019 04:34
            
              
                Data Structure and Algorithm guide focused on pros & cons and time & space complexity. This is an ongoing guide and will be updated frequently as I learn more.
              
          
    Data Structures

This guide will use examples from the C/C++ programming language, however many of the information carries over to other areas and languages
Arrays


An array is a collection of elements, all of the same type, accessed by a common name.
Arrays can be either one or two dimensional.

A one-dimensional array is like a list
And a two-dimensional array is like a table, or grid


## brute-forcer.py
"""
This script collects names and department info from the target URL and
uses them to brute-force the "Admin Area" login page.

The lab can be found in INE's Penetration Testing Student course https://my.ine.com/
"""

from bs4 import BeautifulSoup
import requests

## crack-api-key.py
import requests

machine_ip = "10.10.83.105"
host = f"http://{machine_ip}/api/"

# Only attempt odd keys
for key in range(100):
    if key % 2 != 0:
        response = requests.get(host + str(key))

## script.sh
#!/bin/bash
# Run exiftool on each docx file, print the file that was last modified by Jack Frost

for i in $(ls -l ~/*.docx | awk '{ print $9 }'); do
        exiftool $i | grep "Last Modified By" | grep "Jack Frost"

        if [[ $? == 0 ]]; then
                echo $i && exit
        fi
done

## dupscout-exploit.py
#!/usr/bin/env python3
# Dup Scout Enterprise v9.9.14 SEH Overflow

# This is my PoC for the previously discovered Dup Scout Enterprise SEH
# overflow vuln.
#
# The original exploit can be viewed here: https://www.exploit-db.com/exploits/42557

import socket
from struct import pack
	"""
	This script collects names and department info from the target URL and
	uses them to brute-force the "Admin Area" login page.

	The lab can be found in INE's Penetration Testing Student course https://my.ine.com/
	"""

	from bs4 import BeautifulSoup
	import requests
	import requests

	machine_ip = "10.10.83.105"
	host = f"http://{machine_ip}/api/"

	# Only attempt odd keys
	for key in range(100):
	if key % 2 != 0:
	response = requests.get(host + str(key))
	#!/bin/bash
	# Run exiftool on each docx file, print the file that was last modified by Jack Frost

	for i in $(ls -l ~/*.docx \| awk '{ print $9 }'); do
	exiftool $i \| grep "Last Modified By" \| grep "Jack Frost"

	if [[ $? == 0 ]]; then
	echo $i && exit
	fi
	done
	#!/usr/bin/env python3
	# Dup Scout Enterprise v9.9.14 SEH Overflow

	# This is my PoC for the previously discovered Dup Scout Enterprise SEH
	# overflow vuln.
	#
	# The original exploit can be viewed here: https://www.exploit-db.com/exploits/42557

	import socket
	from struct import pack