static void ListRunningProcesses(CimSession session)
{
var query = session.QueryInstances(@"root\cimv2", "WQL", "SELECT * FROM Win32_Process");
if (!HideToConsole)
{
Console.WriteLine("{0,-10} {1,-10} {3,-20} {2,4:1}", "PID", "PPID", "Name", "Owner");
}
foreach (CimInstance item in query)
{
try
{
var v1 = item.CimInstanceProperties["ProcessID"].Value;
var v2 = item.CimInstanceProperties["ParentProcessID"].Value;
var v3 = item.CimInstanceProperties["Name"].Value;
var v4 = session.InvokeMethod(item, "GetOwner", null).OutParameters["User"].Value;
if (!HideToConsole)
{
Console.WriteLine("{0,-10} {1,-10} {3,-20} {2,5:1}", v1, v2, v3, v4);
}
}
catch (Exception ex) {
Console.WriteLine("{0}", ex, ConsoleColor.DarkRed);
}
}
}
public static void InvokeMethodSync(CimSession cimSession, string cimNamespace, string cimClassName)
{
try
{
string methodName;
CimInstance inputInstance;
CimMethodParametersCollection methodParameters = InvokeMethodCore(cimSession, cimNamespace, cimClassName, out methodName, out inputInstance);
if (methodParameters == null)
{
Console.WriteLine("Operation InvokeMethod not performed");
return;
}
CimMethodResult methodResult;
if (inputInstance == null)
{
methodResult = cimSession.InvokeMethod(cimNamespace, cimClassName, methodName, methodParameters);
}
else
{
methodResult = cimSession.InvokeMethod(cimNamespace, inputInstance, methodName, methodParameters);
}
// Use the method result
PrintCimMethodResult(methodResult);
}
catch (CimException ex)
{
PrintCimException(ex);
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
}
public void UWFEnable()
{
CimMethodParametersCollection parametersCollection = new CimMethodParametersCollection();
var result = _cimSession.InvokeMethod(_cimInstance, "Enable", parametersCollection);
if ((uint)result.ReturnValue.Value != 0)
{
Logger.Error("Enable UWF Failed. Error code: " + result.ReturnValue.Value);
}
}
public void PowerOff()
{
CimMethodParametersCollection parametersCollection = new CimMethodParametersCollection();
parametersCollection.Add(CimMethodParameter.Create("Flags", 12, CimType.SInt32, 0));
var result = _cimSession.InvokeMethod(_cimInstance, "Win32Shutdown", parametersCollection);
if ((uint)result.ReturnValue.Value != 0)
{
Logger.Error("Power off computer failed. Error code: " + result.ReturnValue.Value);
}
}
public static void AddMembershipRule(string hostName, string userName, string passWord, string domain, string cmSite, string collectionId)
{
CimSession session = Connect(hostName, userName, passWord, domain);
// Get All Collection
// Add Exception catching chain
var collectionInstance = session.EnumerateInstances($"root\\sms\\site_{cmSite}", "SMS_Collection")
.Where(i => i.CimInstanceProperties["CollectionId"].Value.ToString().Contains(collectionId)).ToList();
if (!collectionInstance.Any())
{
return;
}
var ruleInstance = new CimInstance(session.GetClass($"root\\sms\\site_{cmSite}", "SMS_CollectionRuleDirect"));
ruleInstance.CimInstanceProperties["RuleName"].Value = "";
ruleInstance.CimInstanceProperties["ResourceClassName"].Value = "SMS_R_System";
ruleInstance.CimInstanceProperties["ResourceID"].Value = 1;
var parameters = new CimMethodParametersCollection
{
CimMethodParameter.Create("collectionRule", ruleInstance, CimType.Instance, 0)
};
CimMethodResult result = session.InvokeMethod(collectionInstance.FirstOrDefault(), "AddMembershipRule", parameters);
}
internal T InvokeCimMethod <T>(object wmiClass, string methodName,
IDictionary <string, object> methodParameters)
{
var parameters = new CimMethodParametersCollection();
foreach (var methodParameter in methodParameters)
{
parameters.Add(CimMethodParameter.Create(methodParameter.Key, methodParameter.Value, CimFlags.In));
}
var objectInstance = _instances.ContainsKey(wmiClass)
? _instances[wmiClass]
: throw new NotSupportedException("Provided instance of WMI class is not registered!");
return((T)_connection.InvokeMethod(
objectInstance,
methodName,
parameters).ReturnValue.Value);
}
public static CimMethodResult readRegValue(CimSession cimSession, UInt32 hDefKey, string sSubKeyName, string keyName, string method)
{
CimMethodParametersCollection cimParams = new CimMethodParametersCollection
{
CimMethodParameter.Create("hDefKey", hDefKey, CimFlags.In),
CimMethodParameter.Create("sSubKeyName", sSubKeyName, CimFlags.In),
CimMethodParameter.Create("sValueName", keyName, CimFlags.In)
};
CimMethodResult results = cimSession.InvokeMethod(new CimInstance("StdRegProv", Namespace), method, cimParams);
return(results);
}
public static string setRegValue(CimSession cimSession, UInt32 hDefKey, string sSubKeyName, string keyName, UInt32 keyValue)
{
CimMethodParametersCollection cimParams = new CimMethodParametersCollection
{
CimMethodParameter.Create("hDefKey", hDefKey, CimFlags.In),
CimMethodParameter.Create("sSubKeyName", sSubKeyName, CimFlags.In),
CimMethodParameter.Create("sValueName", keyName, CimFlags.In),
CimMethodParameter.Create("uValue", keyValue, CimFlags.In)
};
CimMethodResult result = cimSession.InvokeMethod(new CimInstance("StdRegProv", Namespace), "SetDWORDValue", cimParams);
return(result.ReturnValue.Value.ToString());
}
static void ListRunningProcesses(CimSession session)
{
var query = session.QueryInstances(@"root\cimv2", "WQL", "SELECT * FROM Win32_Process");
Console.WriteLine("{0,-10} {1,-10} {3,-20} {2,4:1}", "PID", "PPID", "Name", "Owner");
foreach (CimInstance item in query)
{
Console.WriteLine("{0,-10} {1,-10} {3,-20} {2,5:1}",
item.CimInstanceProperties["ProcessID"].Value,
item.CimInstanceProperties["ParentProcessID"].Value,
item.CimInstanceProperties["Name"].Value,
session.InvokeMethod(item, "GetOwner", null).OutParameters["User"].Value);
}
}
private async void StartService_Click(object sender, RoutedEventArgs e)
{
try
{
Services s = ((Button)sender).Tag as Services;
string title = $"Deseja iniciar o serviço {s.DisplayName}?";
var dialog = new AlertDialog(title, "Iniciar");
var result = (bool)await MaterialDesignThemes.Wpf.DialogHost.Show(dialog, "MainDialogHost");
if (result)
{
CimInstance service = AllServices.OfType <CimInstance>().Where <CimInstance>(x => x.CimInstanceProperties["Name"].Value.ToString() == s.Name).FirstOrDefault();
Session.InvokeMethod(service, "StartService", null);
snackMessageQueue.Enqueue($"Comando enviado para parar o serviço {s.DisplayName}");
SnackbarNotify.Background = new SolidColorBrush((Color)ColorConverter.ConvertFromString("#01D275"));
}
}
catch (Exception ex)
{
snackMessageQueue.Enqueue($"Erro ao tentar parar o serviço. {ex}");
SnackbarNotify.Background = new SolidColorBrush((Color)ColorConverter.ConvertFromString("#D63031"));
log.Error(ex.Message);
}
}
public static void disable_winrm(CimSession cimSession)
{
CimMethodParametersCollection cimParams = new CimMethodParametersCollection
{
CimMethodParameter.Create("CommandLine", "powershell -nop -w hidden -command 'Disable-PSRemoting -Force'", CimFlags.In)
};
CimMethodResult results = cimSession.InvokeMethod(new CimInstance("Win32_Process", Namespace), "Create", cimParams);
if (results.ReturnValue.Value.ToString() == "0")
{
Console.WriteLine(" [+] WinRm Disabled");
}
else
{
Console.WriteLine(" [-] Failed To Disable WinRm");
}
}
private void KickOffCimAsync(Computer computer, Credential credential, string commandline, CimSessionOptions options)
{
var optionsBuilder = new DbContextOptionsBuilder <ACEWebServiceDbContext>();
optionsBuilder.UseSqlServer("Server=(localdb)\\MSSQLLocalDB;Database=ACEWebService;Trusted_Connection=True;MultipleActiveResultSets=true");
using (ACEWebServiceDbContext context = new ACEWebServiceDbContext(optionsBuilder.Options))
{
// Convert stored password to a secure string
SecureString securePwd = new SecureString();
foreach (char c in _cryptoService.Decrypt(credential.Password))
{
securePwd.AppendChar(c);
}
CimCredential cimCreds = null;
if (credential.UserName.Contains('\\'))
{
// Create a CimCredential object
cimCreds = new CimCredential(PasswordAuthenticationMechanism.Kerberos, credential.UserName.Split('\\')[0], credential.UserName.Split('\\')[1], securePwd);
}
else
{
// Create a CimCredential object
cimCreds = new CimCredential(PasswordAuthenticationMechanism.Default, null, credential.UserName, securePwd);
}
// Create a CimSession with the remote system
options.AddDestinationCredentials(cimCreds);
CimSession session = CimSession.Create(computer.ComputerName, options);
// Create a CimMethodParametersCollection to pass to method invocation
CimMethodParametersCollection collection = new CimMethodParametersCollection();
collection.Add(CimMethodParameter.Create("CommandLine", commandline, CimFlags.None));
CimMethodResult result = session.InvokeMethod("root/cimv2", "Win32_Process", "Create", collection);
if (result.ReturnValue.ToString() == "0")
{
}
else
{
}
session.Dispose();
}
}
private void KickOffCim(Computer computer, Credential credential, string commandline, CimSessionOptions options)
{
// Convert stored password to a secure string
SecureString securePwd = new SecureString();
foreach (char c in _cryptoService.Decrypt(credential.Password))
{
Console.WriteLine("[char]: {0}", c);
securePwd.AppendChar(c);
}
CimCredential cimCreds = null;
if (credential.UserName.Contains('\\'))
{
// Create a CimCredential object
cimCreds = new CimCredential(PasswordAuthenticationMechanism.Kerberos, credential.UserName.Split('\\')[0], credential.UserName.Split('\\')[1], securePwd);
}
else
{
// Create a CimCredential object
cimCreds = new CimCredential(PasswordAuthenticationMechanism.Default, null, credential.UserName, securePwd);
}
// Create a CimSession with the remote system
options.AddDestinationCredentials(cimCreds);
CimSession session = CimSession.Create(computer.ComputerName, options);
// Create a CimMethodParametersCollection to pass to method invocation
CimMethodParametersCollection collection = new CimMethodParametersCollection
{
CimMethodParameter.Create("CommandLine", commandline, CimFlags.None)
};
CimMethodResult result = session.InvokeMethod("root/cimv2", "Win32_Process", "Create", collection);
if (result.ReturnValue.ToString() == "0")
{
}
else
{
}
session.Dispose();
}
public void Execute(object parameter)
{
CimInstance TypedParameter = parameter as CimInstance;
CimSession cimSession = CimSession.Create(TypedParameter.CimInstanceProperties["CSName"].Value.ToString());
uint result = 0;
try
{
result = (uint)cimSession.InvokeMethod(TypedParameter, @"Terminate", null).ReturnValue.Value;
}
catch (CimException e)
{
MessageBox.Show($"{e.Message} ({e.HResult})" + Environment.NewLine + "Das beenden des Prozesses schlug fehl.", "Fehler aufgetreten");
}
if (result != 0)
{
MessageBox.Show($"Das beenden des Prozesses schlug mit Fehlercode {result} fehl.", "Fehler aufgetreten");
}
}
//registry
//https://wutils.com/wmi/root/cimv2/stdregprov/
public static bool regExists(CimSession cimSession, UInt32 hDefKey, string sSubKeyName, string keyName)
{
CimMethodParametersCollection cimParams = new CimMethodParametersCollection
{
CimMethodParameter.Create("hDefKey", hDefKey, CimFlags.In),
CimMethodParameter.Create("sSubKeyName", sSubKeyName, CimFlags.In)
};
CimMethodResult results = cimSession.InvokeMethod(new CimInstance("StdRegProv", Namespace), "EnumValues", cimParams);
if (results.ReturnValue.Value.ToString() != "0")
{
return(false);
}
string value = ((string[])results.OutParameters["sNames"].Value).FirstOrDefault(i => i.Contains(keyName));
if (string.IsNullOrEmpty(value))
{
return(false);
}
return(true);
}
static void Main(string[] args)
{
// Create a CimSession with the remote system
CimSessionOptions options = new DComSessionOptions();
//options.AddDestinationCredentials(cimCreds);
CimSession session = CimSession.Create("localhost", options);
// Create a CimMethodParametersCollection to pass to method invocation
CimMethodParametersCollection collection = new CimMethodParametersCollection();
collection.Add(CimMethodParameter.Create("CommandLine", "calc.exe", CimFlags.None));
// Invoke the Win32_Process classes Create method to start a calc.exe process on a remote system
CimMethodResult result = session.InvokeMethod("root/cimv2", "Win32_Process", "Create", collection);
if (result.ReturnValue.ToString() == "0")
{
}
else
{
}
session.Dispose();
}