private string GetCommandLine(Process process)
{
string cmdLine = null;
using (WmiConnection con = new WmiConnection())
{
foreach (WmiObject obj in con.CreateQuery($"SELECT CommandLine FROM Win32_Process WHERE ProcessId = {process.Id}"))
{
cmdLine = obj["CommandLine"]?.ToString().Trim();
}
}
return(cmdLine);
}
/// <summary>
/// Query host with given list of <see cref="WmiQuery"/> and fire <see cref="OnHostDataReceived(HostDataReceivedEventArgs)"/>
/// for each received <see cref="WmiParameter"/>
/// </summary>
/// <param name="host">Host to query</param>
/// <param name="credential">Administrator credential that is able to run WMI requests</param>
/// <param name="wmiQueries">List of WMI queries to run</param>
public void ScanHostAsync(IPAddress host, NetworkCredential credential, List <WmiQuery> wmiQueries)
{
// Enable encryption for WMI packets for security
var options = new WmiConnectionOptions {
EnablePackageEncryption = true
};
// Initialize new WMI connection
using (var connection = new WmiConnection($"\\\\{host}\\root\\cimv2", credential, options))
{
// For each query in list of queries
Parallel.ForEach(wmiQueries, wmiQuery =>
{
try
{
// This foreach loop runs once, creates and executes WMI query and stores result of it in wmiObject
foreach (var wmiObject in connection.CreateQuery($"SELECT * FROM {wmiQuery.Class}"))
{
// Gets all available properties in WmiObject for current WMI class
var availableProperties = new List <string>(wmiObject.GetPropertyNames());
// For each property in given WMI query
foreach (var property in wmiQuery.Properties)
{
// If current class contains requested property then get it's value, if not - send message that it was not found
var value = availableProperties.Contains(property) ? wmiObject.GetPropertyValue <string>(property) : $"{property} query not found";
// Prepare OnHostDataReceived and fire it
ExecuteOnHostDataReceived(host, property, value);
}
}
}
catch (Exception exception)
{
// Prepare OnHostDataReceived and fire it with NULL parameter and exception message as a value
ExecuteOnHostDataReceived(host, "NULL", exception.Message.Split('.')[0]);
return;
}
});
}
// This host was completely scanned
OnHostScanComplete();
}
static void Main(string[] args)
{
Console.WriteLine("Win32_Process:");
Console.WriteLine("------------------------");
var opt = new WmiConnectionOptions()
{
EnablePackageEncryption = true
};
var cred = new NetworkCredential("USERNAME", "PASSWORD", "DOMAIN");
using (WmiConnection conncetion = new WmiConnection(@"\\MACHINENAME\root\cimv2", cred, opt))
{
foreach (WmiObject partition in conncetion.CreateQuery("SELECT * FROM Win32_DiskPartition"))
{
Console.WriteLine(partition["Name"]);
}
}
Console.WriteLine("");
Console.Write("Press Any Key To Exit...");
Console.ReadKey();
}
public static List <VssInfo> GetVssInfoViaWmi(string driveLetter)
{
if (driveLetter == null)
{
driveLetter = string.Empty;
}
if (driveLetter.Length > 1)
{
driveLetter = driveLetter.Substring(0, 1);
}
var loggerConsole = LogManager.GetLogger("Console");
var vss = new List <VssInfo>();
loggerConsole.Debug("Running WMI queries to get VSC info");
var volInfo = new Dictionary <string, string>();
using (var con = new WmiConnection())
{
foreach (var vol in con.CreateQuery("SELECT caption,DeviceID FROM Win32_volume"))
{
volInfo.Add(vol["DeviceID"].ToString(), vol["caption"].ToString());
}
}
loggerConsole.Trace($"Volume info from WMI: {volInfo.Dump()}");
using (var con = new WmiConnection())
{
foreach (var scInfo in con.CreateQuery(
"SELECT DeviceObject,ID,InstallDate,OriginatingMachine,VolumeName,ServiceMachine FROM Win32_ShadowCopy")
)
{
var devObj = scInfo["DeviceObject"].ToString();
var id = scInfo["ID"].ToString();
var installDate = scInfo["InstallDate"].ToString();
var idd = ManagementDateTimeConverter.ToDateTime(installDate);
idd = DateTime.SpecifyKind(idd, DateTimeKind.Local);
var instDateTimeOffset = new DateTimeOffset(idd).ToUniversalTime();
var origMachine = scInfo["OriginatingMachine"].ToString();
var serviceMachine = scInfo["ServiceMachine"].ToString();
var origVolume = scInfo["VolumeName"].ToString();
var volLetter = volInfo[origVolume].Substring(0, 1);
var vsI = new VssInfo(instDateTimeOffset, id, devObj, origMachine, serviceMachine, volLetter,
origVolume);
if (!volLetter.ToUpperInvariant().StartsWith(driveLetter.ToUpperInvariant()) &&
driveLetter.Trim().Length != 0)
{
continue;
}
loggerConsole.Trace($"Adding VSC: {vsI.Dump()}");
vss.Add(vsI);
}
}
loggerConsole.Debug($"Found {vss.Count:N0} VSCs");
return(vss);
}
private void PopulateInfo()
{
try
{
// Populate owner information.
User.Text = Environment.GetEnvironmentVariable("USERNAME");
// Enable remote access so owner can add all computers on one box.
using (WmiConnection conncetion = new WmiConnection(@"\\" + RemoteDevice.Text + @"\root\cimv2"))
{
string temp = string.Empty;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM Win32_BIOS"))
{
temp += process["Manufacturer"];
}
Manufacturer.Text = temp.Trim();
temp = string.Empty;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM Win32_BIOS"))
{
temp += process["SerialNumber"];
}
SN.Text = temp.Trim();
temp = string.Empty;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM Win32_Processor"))
{
temp += process["Name"] + " - " + process["NumberOfCores"] + " core(s)" + " " + process["NumberOfLogicalProcessors"] + " thread(s)";
}
CPU.Text = temp.Trim();
long value = 0;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM Win32_PhysicalMemory"))
{
value += Convert.ToInt64(process["Capacity"]);
}
RAM.Text = value.ToString();
value = 0;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM Win32_LogicalDisk"))
{
value += Convert.ToInt64(process["Size"]);
}
Disk.Text = value.ToString();
temp = string.Empty;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM Win32_BIOS"))
{
temp += process["ReleaseDate"];
}
SystemDate.Text = temp.Trim();
temp = string.Empty;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM Win32_OperatingSystem"))
{
temp += process["Caption"] + " - Service Pack " + process["ServicePackMajorVersion"] + "." + process["ServicePackMinorVersion"];
}
OS.Text = temp.Trim();
temp = string.Empty;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM Win32_OperatingSystem"))
{
temp += process["InstallDate"];
}
OSInstallDate.Text = temp.Trim();
temp = string.Empty;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM Win32_ComputerSystem"))
{
temp += process["Model"];
}
Model.Text = temp.Trim();
}
}
catch (Exception e)
{
Message.Text = e.Message;
}
}
private void OtherDevices_Click(object sender, RoutedEventArgs e)
{
try
{
// Enable remote access so owner can add all computers on one box.
using (WmiConnection conncetion = new WmiConnection(@"\\" + RemoteDevice.Text + @"\root\WMI"))
{
string temp = string.Empty;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM WmiMonitorID"))
{
int[] tempArray = (int[])process["ManufacturerName"];
foreach (int c in tempArray)
{
if ((char)c == '\0')
{
continue;
}
temp += ((char)c).ToString();
}
temp += ",";
}
Manufacturer.Text = temp.Substring(0, temp.Length - 1);
temp = string.Empty;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM WmiMonitorID"))
{
int[] tempArray = (int[])process["SerialNumberID"];
foreach (int c in tempArray)
{
if ((char)c == '\0')
{
continue;
}
temp += ((char)c).ToString();
}
temp += ",";
}
SN.Text = temp.Substring(0, temp.Length - 1);
temp = string.Empty;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM WmiMonitorID"))
{
int[] tempArray = (int[])process["UserFriendlyName"];
foreach (int c in tempArray)
{
if ((char)c == '\0')
{
continue;
}
temp += ((char)c).ToString();
}
temp += ",";
}
Model.Text = temp.Substring(0, temp.Length - 1);
CPU.Text = string.Empty;
RAM.Text = string.Empty;
Disk.Text = string.Empty;
SystemDate.Text = string.Empty;
OS.Text = string.Empty;
OSInstallDate.Text = string.Empty;
}
}
catch (Exception exception)
{
Message.Text = exception.Message;
}
}
private void OtherDevices_Click(object sender, RoutedEventArgs e)
{
try
{
// Enable remote access so owner can add all computers on one box.
using (WmiConnection conncetion = new WmiConnection(@"\\" + RemoteDevice.Text + @"\root\WMI"))
{
string temp = string.Empty;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM WmiMonitorID"))
{
int[] tempArray = (int[])process["ManufacturerName"];
foreach (int c in tempArray)
{
if ((char)c == '\0')
{
continue;
}
temp += ((char)c).ToString();
}
temp += ",";
}
Manufacturer.Text = temp.Substring(0, temp.Length - 1);
temp = string.Empty;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM WmiMonitorID"))
{
int[] tempArray = (int[])process["SerialNumberID"];
foreach (int c in tempArray)
{
if ((char)c == '\0')
{
continue;
}
temp += ((char)c).ToString();
}
temp += ",";
}
SN.Text = temp.Substring(0, temp.Length - 1);
temp = string.Empty;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM WmiMonitorID"))
{
int[] tempArray = (int[])process["UserFriendlyName"];
foreach (int c in tempArray)
{
if ((char)c == '\0')
{
continue;
}
temp += ((char)c).ToString();
}
temp += ",";
}
Model.Text = temp.Substring(0, temp.Length - 1);
CPU.Text = string.Empty;
RAM.Text = string.Empty;
Disk.Text = string.Empty;
SystemDate.Text = string.Empty;
OS.Text = string.Empty;
OSInstallDate.Text = string.Empty;
}
}
catch (Exception exception)
{
Message.Text = exception.Message;
}
}
private void PopulateInfo()
{
try
{
// Populate owner information.
User.Text = Environment.GetEnvironmentVariable("USERNAME");
// Enable remote access so owner can add all computers on one box.
using (WmiConnection conncetion = new WmiConnection(@"\\" + RemoteDevice.Text + @"\root\cimv2"))
{
string temp = string.Empty;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM Win32_BIOS"))
{
temp += process["Manufacturer"];
}
Manufacturer.Text = temp.Trim();
temp = string.Empty;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM Win32_BIOS"))
{
temp += process["SerialNumber"];
}
SN.Text = temp.Trim();
temp = string.Empty;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM Win32_Processor"))
{
temp += process["Name"] + " - " + process["NumberOfCores"] + " core(s)" + " " + process["NumberOfLogicalProcessors"] + " thread(s)";
}
CPU.Text = temp.Trim();
long value = 0;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM Win32_PhysicalMemory"))
{
value += Convert.ToInt64(process["Capacity"]);
}
RAM.Text = value.ToString();
value = 0;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM Win32_LogicalDisk"))
{
value += Convert.ToInt64(process["Size"]);
}
Disk.Text = value.ToString();
temp = string.Empty;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM Win32_BIOS"))
{
temp += process["ReleaseDate"];
}
SystemDate.Text = temp.Trim();
temp = string.Empty;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM Win32_OperatingSystem"))
{
temp += process["Caption"] + " - Service Pack " + process["ServicePackMajorVersion"] + "." + process["ServicePackMinorVersion"];
}
OS.Text = temp.Trim();
temp = string.Empty;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM Win32_OperatingSystem"))
{
temp += process["InstallDate"];
}
OSInstallDate.Text = temp.Trim();
temp = string.Empty;
foreach (WmiObject process in conncetion.CreateQuery("SELECT * FROM Win32_ComputerSystem"))
{
temp += process["Model"];
}
Model.Text = temp.Trim();
}
}
catch (Exception e)
{
Message.Text = e.Message;
}
}