1

00:00:01,290 --> 00:00:06,420

In this lecture, we will be creating functions to return enumerated information.



2

00:00:08,090 --> 00:00:11,800

To do so, we will set keywords for specific information.



3

00:00:12,960 --> 00:00:20,040

For example, if the given command is hostname, the commandparser function will call gethostname function.



4

00:00:21,400 --> 00:00:24,730

We will be doing it for every information in generalinfo class.



5

00:00:26,250 --> 00:00:27,270

Let's start coding.



6

00:00:29,670 --> 00:00:32,190

Inside your operations class



7

00:00:33,880 --> 00:00:38,590

we will be creating new statements for new keywords.



8

00:00:46,470 --> 00:00:50,190

For example, if the command contains



9

00:00:52,500 --> 00:00:53,010

hostname.



10

00:00:56,390 --> 00:00:58,830

Commandparser, will call a function.



11

00:00:59,990 --> 00:01:02,720

Let's check the information in generalinfo class.



12

00:01:03,960 --> 00:01:04,590

We have



13

00:01:05,930 --> 00:01:11,720

operating system version, username, essetra-essetra, we will be creating methods for returning



14

00:01:11,720 --> 00:01:15,020

all of those information one by one.



15

00:01:17,940 --> 00:01:21,480

Let's start with operating system or hostname.



16

00:01:22,140 --> 00:01:25,620

We already started with hostname, let's keep it continue.



17

00:01:29,800 --> 00:01:39,940

And if your command contains osinfo, you can select your own keywords.



18

00:01:43,580 --> 00:01:50,300

And for the username, if your command contains username.



19

00:01:55,810 --> 00:02:01,840

And if command contains what else we got.



20

00:02:03,510 --> 00:02:05,160

The processname.



21

00:02:10,090 --> 00:02:11,020

processname



22

00:02:17,760 --> 00:02:21,540

Or if command contains processid.



23

00:02:25,990 --> 00:02:27,520

Actually, we can combine



24

00:02:29,240 --> 00:02:30,010

two of them.



25

00:02:31,280 --> 00:02:35,480

Let's do it in this way, will be combining processname and processid information.



26

00:02:36,390 --> 00:02:37,710

one string value.



27

00:02:39,290 --> 00:02:41,300

So let's go to.



28

00:02:42,620 --> 00:02:51,500

If the command contains pwd (print Working Directory) we will be calling getcurrentdirectory method.



29

00:02:52,890 --> 00:02:54,060

And what else we have?



30

00:02:58,270 --> 00:02:59,200

Let's call.



31

00:03:03,010 --> 00:03:05,140

If command contains



32

00:03:06,550 --> 00:03:16,360

IP address, we will be returning IP version four address and if command contains.



33

00:03:22,410 --> 00:03:28,020

privileges we will be returning if our current users, administrator or not.



34

00:03:31,990 --> 00:03:32,900

What else?



35

00:03:34,970 --> 00:03:39,940

We don't need to get the executable path, but let's do it anyway.



36

00:03:41,960 --> 00:03:43,310

And if our command



37

00:03:48,020 --> 00:03:54,480

contains the exepath we will returning the executable path



38

00:03:55,730 --> 00:03:57,680

So let's start creating functions.



39

00:04:06,520 --> 00:04:08,460

All of them will returning a string value.



40

00:04:10,780 --> 00:04:14,080

So our first function will be gethostname.



41

00:04:19,670 --> 00:04:21,110

And it will be returning



42

00:04:23,230 --> 00:04:29,440

the hostname information in generalinfo class.



43

00:04:33,020 --> 00:04:38,870

We have already created an instance of the generalinfo class inside the operations class



44

00:04:38,870 --> 00:04:45,020

by using our constructor, so we can access all of the information inside the general info class



45

00:04:45,020 --> 00:04:46,010

using this instance.



46

00:04:52,560 --> 00:04:57,000

And for the let's call it get.



47

00:04:59,340 --> 00:05:05,190

username, return the value ninstance.



48

00:05:09,530 --> 00:05:10,190

ninstance.username



49

00:05:13,400 --> 00:05:14,330

and for



50

00:05:18,640 --> 00:05:28,960

IP Version four address, let's create a function called GetIPv4Address, and it will be returning.



51

00:05:34,940 --> 00:05:36,110

Let's remove one line here.



52

00:05:38,570 --> 00:05:39,560

And for



53

00:05:42,240 --> 00:05:51,360

Get process information, we will be returning process name and process id lets call it



54

00:05:51,360 --> 00:05:51,930

processinfo



55

00:05:53,940 --> 00:05:55,050

We'll be returning



56

00:05:57,860 --> 00:06:08,120

process name and a space and  processid so  processname and processid separated by space.



57

00:06:13,160 --> 00:06:13,980

processId



58

00:06:15,920 --> 00:06:28,630

And for privileges, I will call it a function called getprivileges, and it will be returning if our



59

00:06:28,640 --> 00:06:38,120

current users, administrator or not, and it will be actually a boolean, but we can turn it into a



60

00:06:38,120 --> 00:06:39,950

string by using tostring method.



61

00:06:40,730 --> 00:06:46,700

You can do it this way isadmin.tostring().



62

00:06:50,280 --> 00:06:56,860

And what else you need to do is the exepath and pwd.



63

00:07:00,090 --> 00:07:09,960

For the current working directory, we will set a function called getworkingdirectory sometimes I



64

00:07:09,960 --> 00:07:11,770

pronounce directory as directory



65

00:07:12,180 --> 00:07:13,140

sorry about it.



66

00:07:13,420 --> 00:07:15,960

I'm not a native speaker, so please don't mind me.



67

00:07:18,260 --> 00:07:24,240

return ninstance.cdirectory



68

00:07:25,680 --> 00:07:41,310

and for exepath, create a function called getexepath and it will be returning the executable path.



69

00:07:46,160 --> 00:07:51,440

So let's make the function calls inside the else/if statements.



70

00:07:53,840 --> 00:07:56,900

If the command is hostinfo



71

00:07:58,650 --> 00:08:01,590

we will be calling gethostname.



72

00:08:05,270 --> 00:08:14,120

No arguments needed if the command contains osinfo keyword, oops we need to define it first.



73

00:08:17,150 --> 00:08:30,830

Let's call it public string, gethostinfo our function to return the operating system info.



74

00:08:37,550 --> 00:08:48,450

Operating system info and if our command contains username we will be calling  getusername methods and



75

00:08:48,500 --> 00:08:49,580

for the process name.



76

00:08:52,630 --> 00:08:54,400

Let's call it processinfo, actually.



77

00:08:57,270 --> 00:09:00,220

We'll be calling



78

00:09:01,700 --> 00:09:10,670

getprocessinfo method or function, whatever you call, and for the pwd, we will be calling



79

00:09:10,670 --> 00:09:24,260

getworkingdirectory function and for the IP address, we will be calling getIPv4address and for privileges



80

00:09:25,760 --> 00:09:28,640

we will be calling getprivileges.



81

00:09:30,080 --> 00:09:33,200

We will be sending all of those information to attacker server



82

00:09:33,200 --> 00:09:41,870

So we will define one more class and function to send all of those return values to attacker



83

00:09:41,870 --> 00:09:42,410

server.



84

00:09:44,000 --> 00:09:49,880

And for the exepath, we will call it getexecutablepath.



85

00:09:52,220 --> 00:09:53,310

Yep, we are ready.



86

00:09:55,790 --> 00:10:05,270

And from the last lecture, we have printed out the working directorie's files and folders so



87

00:10:05,270 --> 00:10:07,820

just removed that Console.writeline function



88

00:10:13,340 --> 00:10:20,090

Everything seems OK, let's try to compile and execute our program to see if there's any errors.



89

00:10:25,640 --> 00:10:35,400

It seems OK, in the next lecture, we will be executing commands via cmd, so thats it for this lecture.



90

00:10:35,510 --> 00:10:36,550

See you in the next one.