public IEnumerable <ComponentGroup> Retrieve() { var cgs = new HashSet <ComponentGroup>(); ManagementObjectCollection col = RetrieverProxy.GetWmiInfo("Select * from Win32_PhysicalMemory"); foreach (ManagementObject mo in col) { string memoryType; if (!_memoryTypes.TryGetValue(long.Parse(mo["MemoryType"].ToString()), out memoryType)) { memoryType = _memoryTypes[0x00]; } cgs.Add(new ComponentGroup("RAM", new PayloadProperty[] { new PayloadProperty("Size", long.Parse(mo["Capacity"].ToString()) / (1024 * 1024 * 1024), false, "GB"), new PayloadProperty("Manufacturer", mo["Manufacturer"]), new PayloadProperty("PartNumber", mo["PartNumber"]), new PayloadProperty("SerialNumber", mo["SerialNumber"], true), new PayloadProperty("Type", memoryType), new PayloadProperty("Speed", mo["Speed"], false, "Mhz"), }) ); } return(cgs); }
public IEnumerable <ComponentGroup> Retrieve() { var cgs = new HashSet <ComponentGroup>(); ManagementObjectCollection col = RetrieverProxy.GetWmiInfo("SELECT InterfaceGuid, DriverDescription FROM MSFT_NetAdapter WHERE HardwareInterface = 'True' AND EndpointInterface = 'False'", "root\\StandardCimv2"); foreach (ManagementObject mo in col) { string macAddress = ""; var col2 = RetrieverProxy.GetWmiInfo("SELECT MACAddress FROM Win32_NetworkAdapterConfiguration WHERE SettingID = '" + mo["InterfaceGuid"] + "'"); foreach (var mo2 in col2) { macAddress = mo2["MACAddress"].ToString().ToUpperInvariant(); } cgs.Add(new ComponentGroup("NIC", new PayloadProperty[] { new PayloadProperty("Name", mo["DriverDescription"].ToString().Replace("(R) ", "").Replace("(TM)", "").Replace("(tm)", "")), new PayloadProperty("MAC address", macAddress, true) //Can be spoofed, do not run in a VM! }) ); } return(cgs); }
public IEnumerable <ComponentGroup> Retrieve() { var cgs = new HashSet <ComponentGroup>(); ManagementObjectCollection col = RetrieverProxy.GetWmiInfo("Select Name from Win32_Processor"); foreach (ManagementObject mo in col) { cgs.Add(new ComponentGroup("CPU", new PayloadProperty[] { new PayloadProperty("Name", mo["Name"]) }) ); } return(cgs); }
public IEnumerable <ComponentGroup> Retrieve() { var cgs = new ComponentGroup[] { new ComponentGroup("Machine") }; var properties = new HashSet <PayloadProperty>(); string hostname = ""; ManagementObjectCollection col = RetrieverProxy.GetWmiInfo("Select CSName from Win32_OperatingSystem"); foreach (ManagementObject mo in col) { hostname = mo["CSName"].ToString(); } col = RetrieverProxy.GetWmiInfo("Select Domain from Win32_ComputerSystem"); foreach (ManagementObject mo in col) { hostname += "." + mo["Domain"]; properties.Add(new PayloadProperty("Hostname", hostname.ToLowerInvariant(), true)); } col = RetrieverProxy.GetWmiInfo("Select IPAddress from Win32_NetworkAdapterConfiguration where IPEnabled='True'"); var ips = new List <string>(); foreach (ManagementObject mo in col) { foreach (string ip in mo["IPAddress"] as string[]) { ips.Add(ip); } } properties.Add(new PayloadProperty("IPs", ips)); col = RetrieverProxy.GetWmiInfo("Select Version, Name, BuildNumber from Win32_OperatingSystem"); foreach (ManagementObject mo in col) { properties.Add(new PayloadProperty("OS", string.Format("{0} {1} Build {2}", mo["Name"].ToString().Split("|".ToCharArray())[0], mo["Version"], mo["BuildNumber"]))); } cgs[0].Properties = properties.ToArray(); return(cgs); }
public IEnumerable <ComponentGroup> Retrieve() { var cgs = new HashSet <ComponentGroup>(); ManagementObjectCollection col = RetrieverProxy.GetWmiInfo("Select Model, SerialNumber from Win32_DiskDrive where InterfaceType != 'USB'"); foreach (ManagementObject mo in col) { cgs.Add(new ComponentGroup("Disk", new PayloadProperty[] { new PayloadProperty("Model", mo["Model"]), new PayloadProperty("SerialNumber", mo["SerialNumber"], true) }) ); } return(cgs); }
static void Main(string[] args) { if (!_namedMutex.WaitOne()) { return; } Console.WriteLine("SIZING SERVERS LAB WINDOWS BEHOLDER AGENT"); Console.WriteLine(" Reporting system information every " + Config.GetInstance().reportEvery + " to " + Config.GetInstance().endpoint); Console.WriteLine(); if (RetrieverProxy.IsVM()) { Console.ForegroundColor = ConsoleColor.Red; Console.WriteLine("Beholder does not work for VMs!"); } else { PayloadReporter.RegisterRetrieverAndStartReporting(PayloadRetriever.GetInstance()); } Console.ReadLine(); }
public IEnumerable <ComponentGroup> Retrieve() { var cgs = new ComponentGroup[] { new ComponentGroup("BaseBoard") }; var properties = new HashSet <PayloadProperty>(); ManagementObjectCollection col = RetrieverProxy.GetWmiInfo("Select Manufacturer, Product, SerialNumber from Win32_BaseBoard"); //Version? foreach (ManagementObject mo in col) { properties.Add(new PayloadProperty("Manufacturer", mo["Manufacturer"])); properties.Add(new PayloadProperty("Model", mo["Product"])); properties.Add(new PayloadProperty("SerialNumber", mo["SerialNumber"], true)); } col = RetrieverProxy.GetWmiInfo("Select Name from Win32_BIOS WHERE PrimaryBIOS='True'"); foreach (ManagementObject mo in col) { properties.Add(new PayloadProperty("BIOS", mo["Name"])); } cgs[0].Properties = properties.ToArray(); return(cgs); }