public static void OSInfo()
{
using (WMI wmi = new WMI("."))
{
if (!wmi.Connect())
{
Console.WriteLine("Unable to Connect");
return;
}
wmi.ExecuteQuery("Select * FROM Win32_OperatingSystem");
ManagementObjectCollection results = wmi.GetResults();
if (null == results)
{
Console.WriteLine("WMI Query Failed");
return;
}
ManagementObject result = results.OfType <ManagementObject>().FirstOrDefault();
Console.WriteLine("OS Information");
Console.WriteLine("--------------");
Console.WriteLine("{0} {1} ({2})", result["Caption"], result["OSArchitecture"], result["BuildNumber"]);
Console.WriteLine("Computer Name : {0}", result["CSName"]);
Console.WriteLine("Free Memory : {0}/{1}", result["FreeVirtualMemory"], result["TotalVirtualMemorySize"]);
Console.WriteLine("Country & Locale : {0} - {1}", result["CountryCode"], result["Locale"]);
Console.WriteLine("System Device : {0}", result["SystemDevice"]);
Console.WriteLine("BitLocker Level : {0}", result["EncryptionLevel"]);
Console.WriteLine("InstallDate : {0}", result["InstallDate"]);
Console.WriteLine("LastBootUpTime : {0}", result["LastBootUpTime"]);
Console.WriteLine("LocalDateTime : {0}", result["LocalDateTime"]);
}
}
internal void AddRegistryRemote(String[] keys, UInt32 hive)
{
using (WMI wmi = new WMI())
{
if (!wmi.Connect())
{
Console.WriteLine("[-] Connection failed");
return;
}
foreach (String key in keys)
{
wmi.ExecuteMethod("StdRegProv", "CreateKey", new Object[] { hive, key });
wmi.ExecuteMethod("StdRegProv", "CreateKey", new Object[] { hive, key, "", registryDefault });
String keyValue2 = String.Format(@"{0}\InprocServer32", key);
wmi.ExecuteMethod("StdRegProv", "CreateKey", new Object[] { hive, keyValue2, "", registryDefault });
wmi.ExecuteMethod("StdRegProv", "CreateKey", new Object[] { hive, keyValue2, "Assembly", registryAssembly });
wmi.ExecuteMethod("StdRegProv", "CreateKey", new Object[] { hive, keyValue2, "Class", registryClass });
wmi.ExecuteMethod("StdRegProv", "CreateKey", new Object[] { hive, keyValue2, "RuntimeVersion", registryRuntimeVersion });
wmi.ExecuteMethod("StdRegProv", "CreateKey", new Object[] { hive, keyValue2, "ThreadingModel", "Both" });
String keyValue3 = String.Format(@"{0}\InprocServer32\{1}", key, "3.5.0.0");
wmi.ExecuteMethod("StdRegProv", "CreateKey", new Object[] { hive, keyValue3, "Assembly", registryAssembly });
wmi.ExecuteMethod("StdRegProv", "CreateKey", new Object[] { hive, keyValue3, "Class", registryClass });
wmi.ExecuteMethod("StdRegProv", "CreateKey", new Object[] { hive, keyValue3, "RuntimeVersion", registryRuntimeVersion });
}
}
}
public static void WMIQuery(String system, String username, String password, String query)
{
using (WMI wmi = new WMI(system))
{
wmi.Connect(username, password);
wmi.ExecuteQuery(query);
}
}
public static void AntivirusProduct()
{
using (WMI wmi = new WMI(".", @"root\SecurityCenter2"))
{
if (!wmi.Connect())
{
Console.WriteLine("Unable to Connect");
return;
}
wmi.ExecuteQuery("Select * FROM AntivirusProduct");
wmi.GetResults();
}
}
public static void WMIMethod(String system, String username, String password, String wmiClass, String wmiMethod, String args, String deliminator)
{
using (WMI wmi = new WMI(system))
{
if (!String.IsNullOrEmpty(username) && String.IsNullOrEmpty(password))
{
wmi.Connect(username, password);
}
else
{
wmi.Connect();
}
wmi.ExecuteMethod(wmiClass, wmiMethod, (Object[])args.Split(new String[] { deliminator }, StringSplitOptions.None));
}
}
public static void MappedDrives()
{
using (WMI wmi = new WMI("."))
{
if (!wmi.Connect())
{
Console.WriteLine("Unable to Connect");
return;
}
wmi.ExecuteQuery("Select * FROM Win32_MappedLogicalDisk");
ManagementObjectCollection results = wmi.GetResults();
if (null == results)
{
Console.WriteLine("WMI Query Failed");
return;
}
try
{
Console.WriteLine("{0,-9} {1,-4} {2,-15} {3,-10} {4}", "Device ID", "Name", "VolumeName", "FileSystem", "FreeSpace");
Console.WriteLine("{0,-9} {1,-4} {2,-15} {3,-10} {4}", "---------", "----", "----------", "----------", "---------");
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
foreach (ManagementObject result in results)
{
try
{
Console.WriteLine("{0,-9} {1,-4} {2,-15} {3,-10} {4}/{5} M {6}",
result["DeviceID"],
result["Name"],
result["VolumeName"],
result["FileSystem"],
(UInt64)result["FreeSpace"] / 1048576,
(UInt64)result["Size"] / 1048576,
result["ProviderName"]);
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
}
}
}
internal void SetPermissions(String sid)
{
WMI wmi = new WMI();
ManagementObject trusteeInstance = wmi.CreateInstance("Win32_Trustee");
trusteeInstance["SidString"] = sid;
ManagementObject aceInstance = wmi.CreateInstance("Win32_ACE");
aceInstance["AceFlags"] = (uint)WMI.AceFlags.CONTAINER_INHERIT_ACE_FLAG + (uint)WMI.AceFlags.OBJECT_INHERIT_ACE_FLAG;
aceInstance["AccessMask"] = WMI.AccessMask.WBEM_METHOD_EXECUTE;
aceInstance["AceType"] = WMI.AceType.ACCESS_ALLOWED_ACE_TYPE;
aceInstance["Trustee"] = trusteeInstance;
ManagementBaseObject aclInstance = (ManagementBaseObject)wmi.ExecuteMethod2("__SystemSecurity", "GetSecurityDescriptor", new Object[] { });
ManagementBaseObject descriptor = aclInstance.Properties["Descriptor"].Value as ManagementBaseObject;
ManagementBaseObject[] dacl = descriptor["DACL"] as ManagementBaseObject[];
Array.Resize(ref dacl, dacl.Length + 1);
dacl[dacl.Length - 1] = aceInstance;
descriptor["DACL"] = dacl;
wmi.ExecuteMethod("__SystemSecurity", "SetSecurityDescriptor", new Object[] { descriptor });
}
