Commands tagged wmic (4)

  • Pass the files path to finfo(), can be unix path, dos path, relative or absolute. The file is converted into an absolute nix path, then checked to see if it is in-fact a regular/existing file. Then converted into an absolute windows path and sent to "wmic". Then magic, you have windows file details right in the terminal. Uses: cygwin, cygpath, sed, and awk. Needs Windows WMI "wmic.exe" to be operational. The output is corrected for easy... finfo notepad.exe finfo "C:\windows\system32\notepad.exe" finfo /cygdrive/c/Windows/System32/notepad.exe finfo "/cygdrive/c/Program Files/notepad.exe" finfo ../notepad.exe Show Sample Output


    0
    finfo() { [[ -f "$(cygpath "$@")" ]] || { echo "bad-file";return 1;}; echo "$(wmic datafile where name=\""$(echo "$(cygpath -wa "$@")"|sed 's/\\/\\\\/g')"\" get /value)"|sed 's/\r//g;s/^M$//;/^$/d'|awk -F"=" '{print $1"=""\033[1m"$2"\033[0m"}';}
    lowjax · 2013-12-30 07:47:41 0
  • Using "wmic get * /value" within any Cygwin shell will return lots of Win/Dos newline junk ie "^M$" at the end of found value line, two lines ("$" Unix newline) above, and three below. This makes storing and or evaluating wmic queries as variables a pain. The method i suggest strips the mentioned junk, only returns the value after "OSArchitecture=", and includes only one Unix style newline. Other methods using sed|awk|cut can only handle the output of wmic cleanly when piped or using multiple sed statements. wmic OS get OSArchitecture /value | sed 's/\r//g;s/^M$//;/^$/d;s/.*=//' making wmic OS get OSArchitecture /value | grep -Eo '[^=]*$' a much cleaner and slightly less costly alternative. Show Sample Output


    0
    wmic OS get OSArchitecture /value | grep -Eo '[^=]*$'
    lowjax · 2014-03-15 02:04:08 0
  • This is used during pentest to quickly poll all the processes running on a set of systems you have common credentials for the /FAILFAST:ON speeds up the scans. Show Sample Output


    0
    FOR /F "delims==" %%A IN ('type ips.txt') DO wmic /Node:%%A wmic /user:username /password:yourpassword /FAILFAST:ON process where "name like '%.exe'" call getowner
    operat0r · 2014-06-26 01:53:29 1
  • wmi

    Get windows version with servicepack and hostname Show Sample Output


    -3
    wmic -U DOMAIN/user --password='password' //IP_HOST "select Caption,CSDVersion,CSName from Win32_OperatingSystem" | grep Windows
    dr_gogeta86 · 2010-09-20 14:23:37 2

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands


Check These Out

Comma insertions
Insert a comma where necessary when counting large numbers. I needed to separate huge amounts of packets and after 12+ hours of looking in a terminal, I wanted it in readable form.

Ping a URL sending output to file and STDOUT
The tee (as in "T" junction) command is very useful for redirecting output to two places.

distribution specific information

Write comments to your history.
A null operation with the name 'comment', allowing comments to be written to HISTFILE. Prepending '#' to a command will *not* write the command to the history file, although it will be available for the current session, thus '#' is not useful for keeping track of comments past the current session.

locate a filename, make sure it exists and display it with full details
use the locate command to find files on the system and verify they exist (-e) then display each one in full details.

Create a Multi-Part Archive Without Proprietary Junkware
Leave it to a proprietary software vendor to turn a cheap and easy parlor trick into a selling point. "Hey guys, why don't we turn our _collection of multiple files_ into a *collection of multiple files*!!" Extract the ^above with this: $ cat pics.tar.gz.??? | tar xzv ^extract on any Unix - no need to install junkware! (If you must make proprietary software, at least make it do something *new*) if [ -e windows ]; then use 7-Zip

What is my public IP-address?
Very effective, use only DNS protocol. The @ part is optional if you already set opendns servers as default ns servers.

Repeat a command until stopped
In this case it runs the command 'curl localhost:3000/site/sha' waiting the amount of time in sleep, ie: 1 second between runs, appending each run to the console. This works well for any command where the output is less than your line width This is unlike watch, because watch always clears the display.

Get AWS temporary credentials ready to export based on a MFA virtual appliance
You might want to secure your AWS operations requiring to use a MFA token. But then to use API or tools, you need to pass credentials generated with a MFA token. This commands asks you for the MFA code and retrieves these credentials using AWS Cli. To print the exports, you can use: `awk '{ print "export AWS_ACCESS_KEY_ID=\"" $1 "\"\n" "export AWS_SECRET_ACCESS_KEY=\"" $2 "\"\n" "export AWS_SESSION_TOKEN=\"" $3 "\"" }'` You must adapt the command line to include: * $MFA_IDis ARN of the virtual MFA or serial number of the physical one * TTL for the credentials

Using awk to sum/count a column of numbers.
Takes a input file (count.txt) that looks like: 1 2 3 4 5 It will add/sum the first column of numbers.


Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: