1 00:00:00,490 --> 00:00:07,780 In this lecture, we will create a command center page if the government requests made it is post and 2 00:00:07,780 --> 00:00:12,740 it has hostname IP address and operating system version as data. 3 00:00:13,240 --> 00:00:17,230 We will return the command from a database according to the given information. 4 00:00:18,310 --> 00:00:23,800 To do so, we will be using store result being resolved and fetch functions. 5 00:00:25,450 --> 00:00:30,340 If you are new to these concepts, please learn more about them before keeping continue. 6 00:00:31,540 --> 00:00:33,310 So let's start coding. 7 00:00:35,090 --> 00:00:36,650 Create a new file called. 8 00:00:38,360 --> 00:00:46,220 Get comment that BHP and inside the get comment that BHP we need to create. 9 00:00:47,050 --> 00:00:54,040 And if statement if the given request method. 10 00:00:55,360 --> 00:00:58,870 It's post and. 11 00:01:03,290 --> 00:01:13,250 If the post method has hostname IP address. 12 00:01:17,470 --> 00:01:18,160 And 13 00:01:20,620 --> 00:01:23,530 operating system parameters. 14 00:01:26,750 --> 00:01:35,090 We will be returning the comment from a database, so we need to create a prepared statement in order 15 00:01:35,090 --> 00:01:37,280 to execute our database curie's. 16 00:01:38,590 --> 00:01:46,810 To do so, we need to include that profile because we need to use that mailshot variable in order to 17 00:01:46,810 --> 00:01:52,870 execute that database queries, so let's create a prepared statement. 18 00:01:53,800 --> 00:01:56,950 For receiving comment from the database. 19 00:01:58,480 --> 00:02:02,740 I will call it Command Curie and our jury will be 20 00:02:08,320 --> 00:02:19,690 select command from the victims were hostname is, of course the question mark and IP address is, of 21 00:02:19,690 --> 00:02:24,520 course the question mark and operating system is, of course, the question mark. 22 00:02:26,140 --> 00:02:30,490 We will be replacing those question marks with different parameters. 23 00:02:31,310 --> 00:02:37,210 So let's replace them by using Binda method. 24 00:02:40,030 --> 00:02:49,180 The data type of the given parameters will be string, so I'm using three s four three parameters and 25 00:02:49,870 --> 00:02:52,510 replace the first question mark with hostname. 26 00:02:53,830 --> 00:03:02,230 And second question might be replaced with IP address and the third question mark will be replaced with 27 00:03:03,280 --> 00:03:04,420 operating system. 28 00:03:07,230 --> 00:03:10,020 And then we need to execute augury. 29 00:03:13,570 --> 00:03:19,210 In order to store results, we will be using store result method. 30 00:03:21,160 --> 00:03:32,070 And in order to assign the result of security to a variable, we will be using being resolved methods. 31 00:03:32,650 --> 00:03:36,700 It takes an argument, I will call it command variable. 32 00:03:36,710 --> 00:03:41,980 So the result of security will be assigned to command variable. 33 00:03:45,060 --> 00:03:51,450 And lastly, we need to use pfeg function to fetch results from the database. 34 00:03:53,000 --> 00:04:03,590 And then we can return the comment by using echo function after returning the comment, we need to remove 35 00:04:03,590 --> 00:04:09,730 the command from the database in order to prevent duplicate comment executions. 36 00:04:10,490 --> 00:04:18,250 So to do so, we need to create one more prepared statement and let's call it remove command. 37 00:04:18,260 --> 00:04:22,730 I will call remove command and create jobs. 38 00:04:24,800 --> 00:04:31,340 Creates a new prepared statement and our comment will be. 39 00:04:35,470 --> 00:04:37,240 The from victims. 40 00:04:38,410 --> 00:04:55,340 Actually, let's use the update function, update victims set command is empty where hostname is the 41 00:04:55,600 --> 00:05:06,790 given host name and IP address is given IP address and let's replace the question marks with the given 42 00:05:06,790 --> 00:05:07,630 parameters. 43 00:05:11,030 --> 00:05:15,260 They will be strange, both of them will be strange and replaced the. 44 00:05:16,790 --> 00:05:25,220 First question mark with the hostname parameter and the second question mark with the IP address parameter 45 00:05:26,870 --> 00:05:28,360 and execute the Courey. 46 00:05:30,940 --> 00:05:35,570 So we are ready in order to test all caught. 47 00:05:36,430 --> 00:05:40,600 We need to put a sample comments into our database. 48 00:05:41,410 --> 00:05:49,330 Normally, the comment will be said from the control panel interface, but we will create that page 49 00:05:49,330 --> 00:05:50,490 in the further lectures. 50 00:05:50,830 --> 00:05:54,550 So just open your database and create simple commands. 51 00:06:05,750 --> 00:06:15,140 Let's see the data in the victim's table and let's set a sample comment to the first sample victim. 52 00:06:17,150 --> 00:06:30,590 To do so, use update function of my skill updates, victims said command text commands where ID is 53 00:06:30,590 --> 00:06:31,400 equal to one. 54 00:06:34,810 --> 00:06:42,310 And in order to store called, we need to send the post request to get comment that page to do so, 55 00:06:42,460 --> 00:06:43,720 we will be using Kerl. 56 00:06:44,470 --> 00:06:47,740 We have already installed the kernel in the previous lecture's. 57 00:06:49,550 --> 00:06:54,800 So here's OLDCO comment or comment is. 58 00:06:56,690 --> 00:06:57,410 It has. 59 00:06:59,100 --> 00:07:07,050 Hostname IPN operating system parameters, and it sends a post request to the get comment that page. 60 00:07:11,380 --> 00:07:11,950 So. 61 00:07:13,090 --> 00:07:20,000 No comment has been drawn from the database, there must be an error to fix this. 62 00:07:20,740 --> 00:07:22,360 Let's check the Apache logs. 63 00:07:23,590 --> 00:07:28,810 I won't be closing the video because you may face the same kind of errors. 64 00:07:28,820 --> 00:07:31,600 So let me show you how to fix those. 65 00:07:32,770 --> 00:07:45,880 Let's check the Apache blog page, as you can see, or page returned to hundreds as a statistic also, 66 00:07:46,090 --> 00:07:49,870 which means that there wasn't an error, internal error. 67 00:07:50,770 --> 00:07:54,340 So which means that all has worked. 68 00:07:55,360 --> 00:07:56,800 Let's try the command again. 69 00:07:59,710 --> 00:08:01,360 Let's check our database 70 00:08:03,880 --> 00:08:08,980 and verify that our database has a sample command in victim stable. 71 00:08:15,190 --> 00:08:23,080 Yes, actually, tests and the whole sample comment is test command, so what is wrong? 72 00:08:24,820 --> 00:08:27,760 Let's check the parameters given parameters. 73 00:08:28,900 --> 00:08:32,200 I may yep, here is the error. 74 00:08:32,620 --> 00:08:34,560 So it should be operating system. 75 00:08:35,560 --> 00:08:36,730 So there is a typo. 76 00:08:37,900 --> 00:08:44,980 And let's try to execute our comment again to see if it is a return. 77 00:08:47,110 --> 00:08:47,500 The. 78 00:08:50,460 --> 00:08:51,890 Past comment or not? 79 00:08:58,160 --> 00:09:02,280 Still not returning the comment from the database. 80 00:09:02,720 --> 00:09:05,150 So what could be the problem here? 81 00:09:05,300 --> 00:09:08,030 Let me check again the IP address. 82 00:09:08,510 --> 00:09:14,060 That's the KOORIE, the IP address segment from the victim's. 83 00:09:17,100 --> 00:09:27,630 Not the that should be the key word here, so oculi was wrong, so that should take solid case and let's 84 00:09:27,630 --> 00:09:28,290 try it again. 85 00:09:28,320 --> 00:09:35,280 Yeah, as you can see, this comment is returned and if I try again, it won't return. 86 00:09:35,280 --> 00:09:35,880 Any comment? 87 00:09:35,880 --> 00:09:43,920 Because he removed that comment after returning the comment here, returned the comment and was deleted 88 00:09:43,920 --> 00:09:44,850 from the database. 89 00:09:45,690 --> 00:09:47,520 So we have completed our task. 90 00:09:48,780 --> 00:09:49,920 That's it for this picture. 91 00:09:50,070 --> 00:09:51,180 See you in the next one.