Commands tagged wmic sorted by votes

Commands tagged wmic (4)

sorted by

Returns the Windows file details for any file using Cygwin bash (actual r-click-properties-info) to the term

Pass the files path to finfo(), can be unix path, dos path, relative or absolute. The file is converted into an absolute nix path, then checked to see if it is in-fact a regular/existing file. Then converted into an absolute windows path and sent to "wmic". Then magic, you have windows file details right in the terminal. Uses: cygwin, cygpath, sed, and awk. Needs Windows WMI "wmic.exe" to be operational. The output is corrected for easy... finfo notepad.exe finfo "C:\windows\system32\notepad.exe" finfo /cygdrive/c/Windows/System32/notepad.exe finfo "/cygdrive/c/Program Files/notepad.exe" finfo ../notepad.exe Show Sample Output
This is sample output - yours may be different.
```
###Full Example Output
AccessMask=18809279
Archive=TRUE
Caption=c:\windows\system32\notepad.exe
Compressed=FALSE
CompressionMethod=
CreationClassName=CIM_LogicalFile
CreationDate=20090713165636.838522-420
CSCreationClassName=Win32_ComputerSystem
CSName=MYCOMPUTERNAME
Description=c:\windows\system32\notepad.exe
Drive=c:
EightDotThreeFileName=c:\windows\system32\notepad.exe
Encrypted=FALSE
EncryptionMethod=
Extension=exe
FileName=notepad
FileSize=193536
FileType=Application
FSCreationClassName=Win32_FileSystem
FSName=NTFS
Hidden=FALSE
InstallDate=20090713165636.838522-420
InUseCount=
LastAccessed=20090713165636.838522-420
LastModified=20090713183925.490000-420
Manufacturer=Microsoft Corporation
Name=c:\windows\system32\notepad.exe
Path=\windows\system32\
Readable=TRUE
Status=OK
System=FALSE
Version=6.1.7600.16385
Writeable=TRUE
```
0

finfo() { [[ -f "$(cygpath "$@")" ]] || { echo "bad-file";return 1;}; echo "$(wmic datafile where name=\""$(echo "$(cygpath -wa "$@")"|sed 's/\\/\\\\/g')"\" get /value)"|sed 's/\r//g;s/^M$//;/^$/d'|awk -F"=" '{print $1"=""\033[1m"$2"\033[0m"}';}

lowjax · 2013-12-30 07:47:41 0
get Windows OS architecture using Cygwin

Using "wmic get * /value" within any Cygwin shell will return lots of Win/Dos newline junk ie "^M$" at the end of found value line, two lines ("$" Unix newline) above, and three below. This makes storing and or evaluating wmic queries as variables a pain. The method i suggest strips the mentioned junk, only returns the value after "OSArchitecture=", and includes only one Unix style newline. Other methods using sed|awk|cut can only handle the output of wmic cleanly when piped or using multiple sed statements. wmic OS get OSArchitecture /value | sed 's/\r//g;s/^M$//;/^$/d;s/.*=//' making wmic OS get OSArchitecture /value | grep -Eo '[^=]*$' a much cleaner and slightly less costly alternative. Show Sample Output
This is sample output - yours may be different.
```
64-bit
```
0

wmic OS get OSArchitecture /value | grep -Eo '[^=]*$'

lowjax · 2014-03-15 02:04:08 0
wmic search systems for running 'exe' to hijack migrate

This is used during pentest to quickly poll all the processes running on a set of systems you have common credentials for the /FAILFAST:ON speeds up the scans. Show Sample Output
This is sample output - yours may be different.
```
Executing (\\MYBOX\ROOT\CIMV2:Win32_Process.Handle="384")->getowner()
Method execution successful.
Out Parameters:
instance of __PARAMETERS
{
	Domain = "NT AUTHORITY";
	ReturnValue = 0;
	User = "SYSTEM";
};
Executing (\\MYBOX\ROOT\CIMV2:Win32_Process.Handle="532")->getowner()
Method execution successful.

Out Parameters:
instance of __PARAMETERS
```
0

FOR /F "delims==" %%A IN ('type ips.txt') DO wmic /Node:%%A wmic /user:username /password:yourpassword /FAILFAST:ON process where "name like '%.exe'" call getowner

operat0r · 2014-06-26 01:53:29 1
wmi

Get windows version with servicepack and hostname Show Sample Output
This is sample output - yours may be different.
```
wmic -U DOMAIN/user --password='password'  //IP_HOST "select Caption,CSDVersion,CSName  from Win32_OperatingSystem" | grep Windows
```
-3

wmic -U DOMAIN/user --password='password' //IP_HOST "select Caption,CSDVersion,CSName from Win32_OperatingSystem" | grep Windows

dr_gogeta86 · 2010-09-20 14:23:37 2

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands

Check These Out

Comma insertions

Insert a comma where necessary when counting large numbers. I needed to separate huge amounts of packets and after 12+ hours of looking in a terminal, I wanted it in readable form.

Ping a URL sending output to file and STDOUT

The tee (as in "T" junction) command is very useful for redirecting output to two places.

distribution specific information

Write comments to your history.

A null operation with the name 'comment', allowing comments to be written to HISTFILE. Prepending '#' to a command will *not* write the command to the history file, although it will be available for the current session, thus '#' is not useful for keeping track of comments past the current session.

locate a filename, make sure it exists and display it with full details

use the locate command to find files on the system and verify they exist (-e) then display each one in full details.

Create a Multi-Part Archive Without Proprietary Junkware

Leave it to a proprietary software vendor to turn a cheap and easy parlor trick into a selling point. "Hey guys, why don't we turn our _collection of multiple files_ into a *collection of multiple files*!!" Extract the ^above with this: $ cat pics.tar.gz.??? | tar xzv ^extract on any Unix - no need to install junkware! (If you must make proprietary software, at least make it do something *new*) if [ -e windows ]; then use 7-Zip

What is my public IP-address?

Very effective, use only DNS protocol. The @ part is optional if you already set opendns servers as default ns servers.

Repeat a command until stopped

In this case it runs the command 'curl localhost:3000/site/sha' waiting the amount of time in sleep, ie: 1 second between runs, appending each run to the console. This works well for any command where the output is less than your line width This is unlike watch, because watch always clears the display.

Get AWS temporary credentials ready to export based on a MFA virtual appliance

You might want to secure your AWS operations requiring to use a MFA token. But then to use API or tools, you need to pass credentials generated with a MFA token. This commands asks you for the MFA code and retrieves these credentials using AWS Cli. To print the exports, you can use: `awk '{ print "export AWS_ACCESS_KEY_ID=\"" $1 "\"\n" "export AWS_SECRET_ACCESS_KEY=\"" $2 "\"\n" "export AWS_SESSION_TOKEN=\"" $3 "\"" }'` You must adapt the command line to include: * $MFA_IDis ARN of the virtual MFA or serial number of the physical one * TTL for the credentials

Using awk to sum/count a column of numbers.

Takes a input file (count.txt) that looks like: 1 2 3 4 5 It will add/sum the first column of numbers.

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for:

» all commands
» commands with 3 up-votes (commandlinefu3)
» commands with 10 up-votes (commandlinefu10)
» commands tagged wmic

Commands tagged wmic (4) the last day the last week the last month all time sorted by date votes

What's this?

Check These Out

Stay in the loop…

Commands tagged wmic (4)

sorted by