WEBVTT

00:01.280 --> 00:02.600
Okay, friends.

00:02.720 --> 00:03.520
Welcome back.

00:03.640 --> 00:06.880
Now, you see, we are printing here the action.

00:07.880 --> 00:11.880
Now, the main goal is to not to print only the action.

00:11.880 --> 00:14.200
I want to get the full path for this.

00:14.240 --> 00:14.560
Okay.

00:14.560 --> 00:15.400
Like this.

00:16.040 --> 00:22.280
So to do that, we need to pass this action with the URL, the target URL.

00:22.320 --> 00:23.040
Okay.

00:23.080 --> 00:31.880
To do that we are going to use a URL path here that we already used this in one of the script okay.

00:32.560 --> 00:39.640
So I'm going to just import this here and then use it here after the action.

00:39.640 --> 00:46.960
So here I'm going to create a let's name it post URL.

00:47.920 --> 00:49.400
Post URL.

00:49.440 --> 00:52.720
It is going to be equal to just.

00:52.760 --> 00:56.440
We are going to use the method we imported URL join.

00:56.440 --> 01:01.280
And that is here we are uh use we use that too.

01:01.320 --> 01:05.180
So we have Earl join.

01:05.180 --> 01:11.620
And in here, the first thing we are going to give is that target URL.

01:11.620 --> 01:15.620
And the second one that we want to parse with this is the action.

01:16.820 --> 01:17.340
Good.

01:17.380 --> 01:22.500
Now instead of printing just the action, I want to print that post URL.

01:26.140 --> 01:27.780
Now if I.

01:30.540 --> 01:32.340
Execute this once again.

01:36.340 --> 01:39.380
Now you see that we have the full path here.

01:39.420 --> 01:39.980
Okay.

01:40.020 --> 01:41.460
And also we have the post.

01:41.500 --> 01:42.340
We have the target.

01:42.340 --> 01:43.980
Everything ready here.

01:44.820 --> 01:45.180
Okay.

01:45.820 --> 01:47.220
That was for that.

01:47.220 --> 01:56.980
And also into this for loop that we have in the second for loop I want to get more details like name.

01:56.980 --> 02:02.860
We have the name here I want to type I want the type, I want the value and all and everything.

02:02.900 --> 02:03.620
Okay.

02:03.660 --> 02:09.650
So the next one that I want to get is input type.

02:10.050 --> 02:13.290
So that is equal to input dot get.

02:13.330 --> 02:18.290
And here I'm going to just access that type.

02:19.730 --> 02:21.770
The next one is going to be the value.

02:21.810 --> 02:22.250
Okay.

02:23.410 --> 02:28.410
The value is equal to input dot get.

02:28.530 --> 02:31.930
And here we are going to access the value.

02:32.650 --> 02:36.250
So now we have these three things.

02:36.490 --> 02:42.570
And also let me show you something here.

02:45.850 --> 02:47.170
I am going to check.

02:47.530 --> 02:47.930
Okay.

02:51.530 --> 02:56.370
I'm going to check if the type of this input is text.

02:56.650 --> 02:59.810
Then I'm going to change its value to something else.

02:59.850 --> 03:00.050
Okay.

03:00.090 --> 03:04.010
For example we are going to add anything like text or something.

03:04.050 --> 03:05.850
And then we are going to add that.

03:05.850 --> 03:08.650
And then hitting enter we will have a result.

03:08.690 --> 03:15.110
Right now we have no result here, but when we have our own script to exploit, we will be having a

03:15.110 --> 03:16.310
result here.

03:16.350 --> 03:17.790
Now you see, we have a text here.

03:17.790 --> 03:19.150
Result for a test.

03:19.430 --> 03:19.950
Okay.

03:19.990 --> 03:24.590
Now I'm going to check if the type of this input is text.

03:24.630 --> 03:27.270
Then I need to change its value.

03:27.310 --> 03:28.030
What is the value?

03:28.070 --> 03:29.910
Value is something that you enter here.

03:29.950 --> 03:30.590
Okay.

03:30.630 --> 03:31.310
You write here.

03:31.310 --> 03:32.110
That is the value.

03:32.150 --> 03:33.310
It gets that value.

03:33.310 --> 03:34.830
And then send it to the server.

03:35.150 --> 03:36.670
So we are going to handle that.

03:37.910 --> 03:41.430
Let's check using an if statement I am going to use.

03:41.430 --> 03:50.470
If input at type is text then I am going to.

03:53.830 --> 03:57.870
I'm going to change the value.

03:58.470 --> 04:01.950
So you see here we get the value okay.

04:03.350 --> 04:08.870
Input value is going to be.

04:10.990 --> 04:13.090
Equal to whatever we want.

04:13.130 --> 04:13.370
Okay.

04:13.410 --> 04:14.250
The script.

04:14.690 --> 04:15.090
Anything.

04:15.130 --> 04:15.570
Okay.

04:15.930 --> 04:19.890
So right now I just searched or I just tested the test.

04:19.890 --> 04:23.610
So right now it is going to be just the test.

04:23.930 --> 04:24.370
Okay.

04:25.650 --> 04:31.410
The next thing is that we need to send them to the server.

04:31.490 --> 04:37.570
So while we're trying to send them to the server, we need to put them into a dictionary.

04:38.250 --> 04:39.410
So here

04:41.250 --> 04:50.970
um let's create a dictionary I'm going to name this post dictionary or post data dictionary.

04:51.290 --> 04:53.530
It is going to be equal to an empty dictionary.

04:53.530 --> 04:56.730
Right now it is an empty dictionary okay.

04:56.770 --> 05:03.770
The next thing that I want to do is to add a key and a value.

05:03.770 --> 05:08.530
So the key is going to be the input name.

05:08.730 --> 05:11.410
And the value is going to be input value.

05:11.410 --> 05:12.890
So this is the input name.

05:12.890 --> 05:16.000
It is going to be equal to the value that we have here.

05:16.040 --> 05:16.440
Okay.

05:17.440 --> 05:18.160
Very easy.

05:18.160 --> 05:20.640
So now we have the post data.

05:23.000 --> 05:26.320
And then the post data.

05:26.360 --> 05:30.880
The key for this is going to be input name.

05:30.880 --> 05:38.200
We already provided this and it is going to be equal to input value okay.

05:39.000 --> 05:39.480
Perfect.

05:39.520 --> 05:40.800
Now we have this.

05:41.000 --> 05:48.800
And the next thing is to use the post method to send them to somewhere we want okay.

05:50.800 --> 05:56.440
And also we need to put this into this for loop okay.

05:59.160 --> 06:06.360
And now in here I need to use the post method.

06:06.360 --> 06:12.560
So let's use request requests dot post.

06:12.600 --> 06:20.340
We have get and also we had post in here I'm going to give the post URL, which is the template URL,

06:20.340 --> 06:24.820
and also the data is going to be the dictionary that we just created.

06:24.820 --> 06:26.740
It is post data.

06:31.500 --> 06:32.180
Perfect.

06:32.780 --> 06:34.180
Now I want to print this.

06:34.220 --> 06:34.460
Okay.

06:34.500 --> 06:35.740
The content of this.

06:36.260 --> 06:41.620
So for that we need to save this into a variable.

06:41.620 --> 06:42.700
It's going to be result.

06:42.700 --> 06:44.220
Result is equal to this.

06:44.900 --> 06:54.300
And here I need to print the result dot content.

06:55.380 --> 06:58.820
Let me save this and let's go here.

07:00.580 --> 07:03.580
And right now I am searching for something like this.

07:03.620 --> 07:03.820
Okay.

07:03.860 --> 07:07.340
When we write test we have result for test.

07:07.340 --> 07:10.380
Let's see if we could find this result for test.

07:10.380 --> 07:16.700
That means that this the text injected to this successfully.

07:16.700 --> 07:19.380
This test injected okay.

07:19.420 --> 07:20.060
If not.

07:20.300 --> 07:21.370
So we will.

07:21.410 --> 07:22.850
We are not able to do that.

07:25.730 --> 07:29.690
Uh, we have the template URL.

07:29.690 --> 07:36.570
We have the post that the second one that is, uh, something.

07:39.770 --> 07:40.210
Uh, okay.

07:40.210 --> 07:43.930
This part is not, I think, completed because it is.

07:43.930 --> 07:44.170
Okay.

07:44.170 --> 07:46.170
It is it looks like it is completed.

07:47.290 --> 07:50.890
And we have a lot of thing here.

07:50.930 --> 07:52.090
Let me see.

07:54.650 --> 07:55.770
I need to re-execute.

07:55.770 --> 07:57.690
This looks like it is.

08:00.690 --> 08:01.570
Done.

08:01.610 --> 08:02.010
Okay.

08:02.810 --> 08:05.650
It is injected the test keyword.

08:06.770 --> 08:09.450
So here I need to find that thing.

08:13.290 --> 08:16.130
Let's see if I am okay.

08:16.130 --> 08:17.490
We have the result.

08:17.490 --> 08:20.370
We have the result dot content.

08:21.490 --> 08:23.490
And in here we have the post URL.

08:23.490 --> 08:23.950
Earl.

08:23.950 --> 08:26.470
And in here we have the input value.

08:26.510 --> 08:27.390
That is good.

08:28.270 --> 08:29.630
Everything looks good here.

08:32.270 --> 08:32.950
Perfect.

08:33.110 --> 08:33.910
Everything good?

08:35.270 --> 08:36.030
Okay, here.

08:36.030 --> 08:38.710
Let's search for something that was.

08:41.230 --> 08:41.630
Okay.

08:41.630 --> 08:46.750
We have a lot of things here, but the thing I want is something.

08:49.390 --> 08:55.910
Uh, okay, I'll find it and I will show it to you.

08:58.750 --> 09:02.430
I created a file here that need this thing.

09:02.470 --> 09:08.150
Okay, I want to find that text, because here, if I look, I will not be able to find that.

09:08.150 --> 09:09.510
So I want to search for it.

09:09.510 --> 09:10.350
Okay.

09:10.390 --> 09:13.110
Let me copy the whole thing.

09:19.150 --> 09:19.510
Okay.

09:19.510 --> 09:22.230
I will start selecting this from here.

09:25.030 --> 09:26.150
Up to.

09:26.150 --> 09:28.490
You here.

09:28.530 --> 09:30.850
Okay, I will just copy that.

09:30.850 --> 09:32.770
And I created this file.

09:32.810 --> 09:34.530
Now I'm going to paste it here.

09:35.290 --> 09:37.290
So it's all in one line.

09:37.290 --> 09:39.050
And let's search for result.

09:41.770 --> 09:44.090
Result.

09:44.130 --> 09:46.050
Looks like we find one.

09:46.290 --> 09:47.250
One of one.

09:47.850 --> 09:51.210
That means it is found.

09:53.370 --> 09:53.890
Okay.

09:53.930 --> 09:56.010
It is exactly what we are looking for.

09:56.010 --> 09:58.730
Results for test.

09:59.330 --> 10:03.330
And that is here results for test.

10:03.370 --> 10:05.250
It has an S at the end.

10:05.290 --> 10:06.330
Let's see if it is.

10:07.090 --> 10:08.410
If it has okay.

10:09.050 --> 10:09.970
That is the same thing.

10:09.970 --> 10:15.050
So now you see that it happened successfully okay.

10:15.090 --> 10:16.930
Result for test.

10:17.450 --> 10:23.130
If I change that to something else like instead of test if I search for.

10:25.290 --> 10:27.290
Name at and hit.

10:29.960 --> 10:34.680
Uh, execution now for a while.

10:34.920 --> 10:39.720
After a while, you will be able to see this kind of information.

10:39.760 --> 10:40.480
Let's see.

10:40.480 --> 10:43.800
Now, what are we going to find for this?

10:47.080 --> 10:49.840
Now you see that result for name it.

10:49.880 --> 10:54.760
And also here if I just copy this and.

11:01.840 --> 11:13.280
Copy selection and then come right in here this control A and then use control V and then use control

11:13.320 --> 11:15.680
F here search for name.

11:15.680 --> 11:23.480
And you see that we have result for name.

11:23.840 --> 11:24.920
That is the same thing okay.

11:24.960 --> 11:28.400
That means our code has been executed successfully.

11:28.600 --> 11:32.520
So thanks for watching and I'll see you in the next lecture.