Here are the examples of the csharp api System.Management.ManagementScope.Connect() taken from open source projects. By voting up you can indicate which examples are most useful and appropriate.
1717 Examples
19
View Source File : AspNetPipelineModuleLeave.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetPipelineModuleLeave> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : AspNetRoleManagerIsUserInRole.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetRoleManagerIsUserInRole> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : WMI.cs
License : GNU General Public License v3.0
Project Creator : irusanov
License : GNU General Public License v3.0
Project Creator : irusanov
public static ManagementScope Connect(string scope)
{
try
{
var sc = new ServiceController("Winmgmt");
if (sc.Status != ServiceControllerStatus.Running)
throw new ManagementException(@"Windows Management Instrumentation service is not running");
ManagementScope mScope = new ManagementScope([email protected]"{scope}");
mScope.Connect();
if (mScope.IsConnected)
return mScope;
else
throw new ManagementException([email protected]"Failed to connect to {scope}");
}
catch (ManagementException ex)
{
Console.WriteLine(@"WMI: {0}", ex.Message);
throw;
}
}
19
View Source File : AspNetPagePreInitEnter.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetPagePreInitEnter> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : AspNetHttpHandlerLeave.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetHttpHandlerLeave> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : WMIHelper.cs
License : Apache License 2.0
Project Creator : HanJunJun
License : Apache License 2.0
Project Creator : HanJunJun
public static bool RemoteConnectValidate(string host, string userName, string preplacedword)
{
ConnectionOptions connectionOptions = new ConnectionOptions();
connectionOptions.Username = userName;
connectionOptions.Preplacedword = preplacedword;
ManagementScope managementScope = new ManagementScope("\\\\" + host + "\\root\\cimv2", connectionOptions);
try
{
managementScope.Connect();
}
catch (ManagementException ex)
{
Console.WriteLine(ex.ToString());
}
return managementScope.IsConnected;
}
19
View Source File : AspNetRequestQueued.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetRequestQueued> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : SysmonService.cs
License : MIT License
Project Creator : CompassSecurity
License : MIT License
Project Creator : CompassSecurity
public bool IsSysmonRunning(string serviceName, string user, string computerName, string domain)
{
var op = new ConnectionOptions();
var scope = new ManagementScope(@"\\" + computerName +"."+ domain + "\\root\\cimv2", op);
scope.Connect();
var path = new ManagementPath("Win32_Service");
var services = new ManagementClreplaced(scope, path, null);
foreach (var service in services.GetInstances())
{
if (service.GetPropertyValue("Name").ToString().Equals(serviceName) && service.GetPropertyValue("State").ToString().ToLower().Equals("running"))
{
return true;
}
}
return false;
}
19
View Source File : AspNetStartHandler.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetStartHandler> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : Utils.cs
License : MIT License
Project Creator : dvingerh
License : MIT License
Project Creator : dvingerh
public static async Task<bool> IsAudioServiceRunning()
{
return await Task.Run(() =>
{
try
{
bool isRunning = false;
ManagementScope scope = new ManagementScope();
scope.Connect();
ManagementPath path = new ManagementPath("Win32_Service");
ManagementClreplaced services = new ManagementClreplaced(scope, path, null);
foreach (ManagementObject service in services.GetInstances())
{
if (service.GetPropertyValue("Name").ToString().ToLower().Equals("audiosrv"))
{
string state = service.GetPropertyValue("State").ToString();
if (state.Equals("Running"))
isRunning = true;
else
isRunning = false;
}
}
Globals.IsAudioServiceRunning = isRunning;
return isRunning;
}
catch (Exception ex) { Console.WriteLine(ex.Message); Globals.IsAudioServiceRunning = false; return false; }
});
}
19
View Source File : AspNetPageLoadViewstateLeave.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetPageLoadViewstateLeave> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : AspNetMapHandlerLeave.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetMapHandlerLeave> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : Program.cs
License : BSD 3-Clause "New" or "Revised" License
Project Creator : GhostPack
License : BSD 3-Clause "New" or "Revised" License
Project Creator : GhostPack
private static int GetRestrictedAdminRegistryValue(string computerName)
{
/*
* Returns the DisableRestrictedAdmin registry setting for a remote "computerName" using WMI's StdRegProv
*
* Return value == 0 -> RestrictedAdmin is enabled
* Return value == 1 -> RestrictedAdmin is disabled
* Return value == -1 -> RestrictedAdmin value is cleared, so disabled behavior
*
* Note: adapted from https://web.archive.org/web/20200212015446/http://softvernow.com/2018/09/02/using-wmi-and-c-registry-values/
*
*/
int result = 0;
ManagementScope scope = null;
try
{
ConnectionOptions connection = new ConnectionOptions();
connection.Impersonation = System.Management.ImpersonationLevel.Impersonate;
// optional: explicit credentials
//connection.Username = "userName";
//connection.Preplacedword = "preplacedword";
//connection.Authority = "NTLMDOMAIN:MY_DOMAIN";
// connect to the remote management scope
scope = new ManagementScope($"\\\\{computerName}\\root\\default", connection);
scope.Connect();
// instantiate the StdRegProv clreplaced for remote registry interaction
ManagementClreplaced registry = new ManagementClreplaced(scope, new ManagementPath("StdRegProv"), null);
// grab the DisableRestrictedAdmin value, if it exists
ManagementBaseObject inParams = registry.GetMethodParameters("GetDWORDValue");
inParams["sSubKeyName"] = @"SYSTEM\CurrentControlSet\Control\Lsa";
inParams["sValueName"] = "DisableRestrictedAdmin";
ManagementBaseObject outParams = registry.InvokeMethod("GetDWORDValue", inParams, null);
result = (int)(UInt32)outParams["uValue"];
}
catch (Exception e)
{
if (e.Message.Contains("Object reference not set to an instance of an object"))
{
result = -1;
}
else
{
Console.WriteLine($"\n[X] Error: {e.Message}\n");
result = -2;
}
}
return result;
}
19
View Source File : AspNetPagePreRenderEnter.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetPagePreRenderEnter> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : Program.cs
License : MIT License
Project Creator : chdav
License : MIT License
Project Creator : chdav
static void Main(string[] args)
{
Banner();
BlockingCollection<String> hosts = new BlockingCollection<String>();
List<String> unprotectedHost = new List<String>();
List<String> configuredHost = new List<String>();
List<String> protectedHost = new List<String>();
foreach (var arg in args)
{
if (arg.StartsWith("--host"))
{
string[] components = arg.Split(new string[] { "--host=" }, StringSplitOptions.None);
components[1] = Sanitize(components[1]);
hosts = GenerateList(components[1]);
}
else if (arg.StartsWith("--domain"))
{
string[] components = arg.Split(new string[] { "--domain=" }, StringSplitOptions.None);
var domain = Sanitize(components[1]);
hosts = EnumerateDomain(domain);
}
else if (arg.StartsWith("--help"))
{
Help();
return;
}
}
if (args.Length == 0)
{
hosts.Add(".");
}
var options = new ParallelOptions { MaxDegreeOfParallelism = 1000 };
Parallel.ForEach(hosts, options, host =>
{
string Namespace = "\\\\" + host + "\\root\\Microsoft\\Windows\\DeviceGuard";
var scope = new ManagementScope(Namespace);
var outputHost = host;
if (host == ".")
{
outputHost = "localhost";
}
try
{
scope.Connect();
var query = new ObjectQuery("SELECT * FROM Win32_DeviceGuard");
ManagementObjectCollection info;
ManagementObjectSearcher oSearch = new ManagementObjectSearcher(@scope, query);
info = oSearch.Get();
foreach (var result in info)
{
var config = (int[])result.GetPropertyValue("SecurityServicesConfigured");
var running = (int[])result.GetPropertyValue("SecurityServicesRunning");
uint? vbs = (uint)result.GetPropertyValue("VirtualizationBasedSecurityStatus");
if (config[0] == 1 && running[0] == 1)
{
Console.WriteLine("[-] {0} : Credential Guard is running.", outputHost);
protectedHost.Add(outputHost + "." + vbs.ToString());
}
else if (config[0] == 1 && running[0] != 1)
{
Console.WriteLine("[+] {0} : Credential Guard has been configured, but is not running.", outputHost);
configuredHost.Add(outputHost + "." + vbs.ToString());
}
else
{
Console.WriteLine("[+] {0} : Credential Guard is not configured or running.", outputHost);
unprotectedHost.Add(outputHost + "." + vbs.ToString());
}
}
}
catch (Exception)
{
Console.WriteLine("[-] {0} : Error connecting.", outputHost);
}
});
Console.WriteLine("\n\n-SharpCGHunter Results Summary-\n");
Console.WriteLine("Unprotected Hosts:\n");
if (unprotectedHost.Count == 0)
{
Console.WriteLine("[-] None found.\n");
}
else
{
try
{
unprotectedHost.Sort(CompareIPs);
}
catch (Exception) { }
foreach (var i in unprotectedHost)
{
var status = VbsStatus(i[i.Length - 1]);
Console.WriteLine("[+] {0} :\n\tCredential Guard is not configured or running.\n\tVirtualization-based Security Status : {1}\n", i.Remove(i.Length - 2), status);
}
}
Console.WriteLine("\nConfigured Hosts:\n");
if (configuredHost.Count == 0)
{
Console.WriteLine("[-] None found.\n");
}
else
{
try
{
configuredHost.Sort(CompareIPs);
}
catch (Exception) { }
foreach (var i in configuredHost)
{
var status = VbsStatus(i[i.Length - 1]);
Console.WriteLine("[+] {0} :\n\tCredential Guard has been configured, but is not running.\n\tVirtualization-based Security Status : {1}\n", i.Remove(i.Length - 2), status);
}
}
Console.WriteLine("\nProtected Hosts:\n");
if (protectedHost.Count == 0)
{
Console.WriteLine("[-] None found.\n");
}
else
{
try
{
protectedHost.Sort(CompareIPs);
}
catch (Exception) { }
foreach (var i in protectedHost)
{
var status = VbsStatus(i[i.Length - 1]);
Console.WriteLine("[-] {0} :\n\tCredential Guard is running.\n\tVirtualization-based Security Status : {1}\n", i.Remove(i.Length - 2), status);
}
}
Console.WriteLine("");
}
19
View Source File : AspNetProfileEnd.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetProfileEnd> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : NexonApi.cs
License : GNU General Public License v3.0
Project Creator : Hyddwn
License : GNU General Public License v3.0
Project Creator : Hyddwn
public static string GetDeviceUuid(string tag = "")
{
var deviceId = "";
try
{
var scope = new ManagementScope([email protected]"\\{Environment.MachineName}\root\CIMV2", null);
scope.Connect();
var query = new ObjectQuery("SELECT UUID FROM Win32_ComputerSystemProduct");
var searcher = new ManagementObjectSearcher(scope, query);
foreach (var o in searcher.Get())
{
var wmiObject = (ManagementObject) o;
deviceId += wmiObject["UUID"].ToString();
break;
}
}
catch (Exception ex)
{
Log.Exception(ex, Properties.Resources.FailedToAcquireWMIC);
}
try
{
using (var key = Environment.Is64BitOperatingSystem
? RegistryKey.OpenBaseKey(RegistryHive.LocalMachine, RegistryView.Registry64)
: RegistryKey.OpenBaseKey(RegistryHive.LocalMachine, RegistryView.Registry32))
{
var regKey = key.OpenSubKey("SOFTWARE\\Microsoft\\Cryptography");
if (regKey != null)
{
deviceId += regKey.GetValue("MachineGuid").ToString();
regKey.Close();
}
}
}
catch (Exception ex)
{
Log.Exception(ex, Properties.Resources.FailedToAcquireMachineGUID);
}
if (string.IsNullOrWhiteSpace(deviceId)) return null;
if (!string.IsNullOrWhiteSpace(tag)) deviceId += tag;
deviceId = BitConverter.ToString(Sha256.ComputeHash(Encoding.UTF8.GetBytes(deviceId))).Replace("-", "")
.ToLower();
return deviceId;
}
19
View Source File : AspNetRoleManagerEnd.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetRoleManagerEnd> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : DNSChallengeWinDnsValidator.cs
License : GNU General Public License v3.0
Project Creator : aloopkin
License : GNU General Public License v3.0
Project Creator : aloopkin
public bool PrepareChallengeForValidation(string dnsKeyName, string dnsKeyValue)
{
ManagementScope mgmtScope = new ManagementScope(@"\\" + DNSServerHost + @"\Root\MicrosoftDNS");
if (DNSServerUser != null) mgmtScope.Options = LoginOptions();
mgmtScope.Connect();
ManagementObjectSearcher mgmtSearch = new ManagementObjectSearcher(mgmtScope, new ObjectQuery(string.Format("SELECT * FROM MicrosoftDNS_TXTType WHERE OwnerName = '{0}'", dnsKeyName)));
ManagementObjectCollection mgmtDNSRecords = mgmtSearch.Get();
if (mgmtDNSRecords.Count >= 1) {
foreach (ManagementObject mgmtDNSRecord in mgmtDNSRecords) {
ManagementBaseObject mgmtParams = mgmtDNSRecord.GetMethodParameters("Modify");
mgmtParams["DescriptiveText"] = dnsKeyValue;
mgmtDNSRecord.InvokeMethod("Modify", mgmtParams, null);
break;
}
logger.Debug($"Updated DNS record of type [TXT] with name [{dnsKeyName}]");
return true;
} else if (mgmtDNSRecords.Count == 0) {
ManagementClreplaced mgmtClreplaced = new ManagementClreplaced(mgmtScope, new ManagementPath("MicrosoftDNS_TXTType"), null);
ManagementBaseObject mgmtParams = mgmtClreplaced.GetMethodParameters("CreateInstanceFromPropertyData");
mgmtParams["DnsServerName"] = Environment.MachineName;
if (DNSServerZone == null) DNSServerZone = dnsKeyName.Split('.')[dnsKeyName.Split('.').Count() - 2] + "." + dnsKeyName.Split('.')[dnsKeyName.Split('.').Count() - 1];
mgmtParams["ContainerName"] = DNSServerZone;
mgmtParams["OwnerName"] = dnsKeyName;
mgmtParams["DescriptiveText"] = dnsKeyValue;
mgmtClreplaced.InvokeMethod("CreateInstanceFromPropertyData", mgmtParams, null);
logger.Debug($"Created DNS record of type [TXT] with name [{dnsKeyName}]");
return true;
}
return false;
}
19
View Source File : AspNetSessionStatePartitionStart.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetSessionStateParreplacedionStart> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : ConnectWindow.xaml.cs
License : Apache License 2.0
Project Creator : karpach
License : Apache License 2.0
Project Creator : karpach
private void ConnectOnClick(object sender, RoutedEventArgs e)
{
if (string.IsNullOrEmpty(txtServerName.Text))
{
MessageBox.Show("Server name is required.", "Error", MessageBoxButton.OK, MessageBoxImage.Error);
return;
}
if (PortNumber == -1)
{
MessageBox.Show("Invalid port number.", "Error", MessageBoxButton.OK, MessageBoxImage.Error);
return;
}
Debugger2 db = (Debugger2)DebugAttachManagerPackage.DTE.Debugger;
Transport trans = db.Transports.Item("Default");
try
{
db.GetProcesses(trans, PortNumber == null ? txtServerName.Text : $"{txtServerName.Text}:{_portNumber}");
}
catch
{
MessageBox.Show($"Unable to connect to {txtServerName.Text}", "Error", MessageBoxButton.OK, MessageBoxImage.Error);
return;
}
ConnectionOptions options;
if (string.IsNullOrEmpty(txtUserName.Text) && string.IsNullOrEmpty(txtPreplacedword.Text))
{
options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Default,
EnablePrivileges = true,
Authentication = AuthenticationLevel.PacketPrivacy
};
}
else
{
options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Identify,
EnablePrivileges = true,
Authentication = AuthenticationLevel.PacketPrivacy,
Username = txtUserName.Text,
Preplacedword = txtPreplacedword.Text
};
}
var scope = new ManagementScope([email protected]"\\{txtServerName.Text}\root\cimv2", options);
SuccessWmiConnection = true;
try
{
scope.Connect();
}
catch
{
MessageBoxResult result = MessageBox.Show($"Unable to connect to {txtServerName.Text} WMI service. Please check permissions. You can use WBEMTest.exe to test your WMI access. If you are not in a Domain, UAC on remote machine will prevent remote access.", "Warning", MessageBoxButton.OKCancel, MessageBoxImage.Warning);
if (result == MessageBoxResult.Cancel)
{
return;
}
SuccessWmiConnection = false;
}
DialogResult = true;
_settingsProvider.RemoteServer = txtServerName.Text;
if (string.IsNullOrEmpty(txtPortNumber.Text))
{
_settingsProvider.RemotePort = txtPortNumber.Text;
}
if (SuccessWmiConnection)
{
if (string.IsNullOrEmpty(txtUserName.Text))
{
_settingsProvider.RemoteUserName = txtUserName.Text;
}
}
else
{
txtUserName.Text = string.Empty;
txtPreplacedword.Text = string.Empty;
}
_settingsProvider.Save();
Close();
}
19
View Source File : AspNetHttpHandlerEnter.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetHttpHandlerEnter> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : WMI.cs
License : GNU General Public License v3.0
Project Creator : belowaverage-org
License : GNU General Public License v3.0
Project Creator : belowaverage-org
public static Task<ManagementObjectCollection> Query(string Query, string Host)
{
return Task.Run(() =>
{
try
{
ManagementScope scope = new ManagementScope(GetBestManagementScope(Host));
scope.Connect();
ObjectQuery query = new ObjectQuery(Query);
ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, query);
ManagementObjectCollection collection = searcher.Get();
searcher.Dispose();
return collection;
}
catch (Exception e)
{
Logger.Exception(e, "Failed to query via WMI.");
return null;
}
});
}
19
View Source File : AspNetMapHandlerEnter.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetMapHandlerEnter> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : Ribbon.cs
License : MIT License
Project Creator : Excel-projects
License : MIT License
Project Creator : Excel-projects
public void ShowServerStatus()
{
string FullComputerName = "<Name of Remote Computer>";
ConnectionOptions options = new ConnectionOptions();
ManagementScope scope = new ManagementScope("\\\\" + FullComputerName + "\\root\\cimv2", options);
scope.Connect();
ObjectQuery query = new ObjectQuery("SELECT * FROM Win32_TerminalService");
ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, query);
ManagementObjectCollection queryCollection = searcher.Get();
foreach (ManagementObject queryObj in queryCollection)
{
Console.WriteLine("-----------------------------------");
Console.WriteLine("Win32_TerminalService instance");
Console.WriteLine("-----------------------------------");
Console.WriteLine("Started: {0}", queryObj["Started"]);
Console.WriteLine("State: {0}", queryObj["State"]);
Console.WriteLine("Status: {0}", queryObj["Status"]);
}
}
19
View Source File : AspNetPageLoadPostDataLeave.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetPageLoadPostDataLeave> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : AspNetModuleDiagCriticalEvent.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetModuleDiagCriticalEvent> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : Connector.cs
License : GNU General Public License v3.0
Project Creator : FortyNorthSecurity
License : GNU General Public License v3.0
Project Creator : FortyNorthSecurity
private ManagementScope DoWmiConnection(Planter planter)
{
//Block for connecting to the remote system and returning a ManagementScope object
SystemToConn = planter.System;
Domain = planter.Domain;
Username = planter.User;
Preplacedword = planter.Preplacedword;
ConnectionOptions options = new ConnectionOptions();
if (SystemToConn == null)
SystemToConn = "localhost";
if (Username == null)
Username = Environment.UserName;
switch (SystemToConn)
{
case "127.0.0.1":
case "localhost":
Messenger.GoodMessage("[+] Connecting to local WMI instance using " + Username + "...");
break;
default:
Messenger.GoodMessage("[+] Connecting to remote WMI instance using " + Username + "...");
break;
}
if (!string.IsNullOrEmpty(Preplacedword?.ToString()))
{
options.Username = Username;
options.SecurePreplacedword = Preplacedword;
options.Authority = "ntlmdomain:" + Domain;
options.Impersonation = ImpersonationLevel.Impersonate;
options.EnablePrivileges = true; // This may be ok for all or may not, need to verify
}
else
{
options.Impersonation = ImpersonationLevel.Impersonate;
options.EnablePrivileges = true;
}
ManagementScope scope = new ManagementScope(@"\\" + SystemToConn + @"\root\cimv2", options);
//ManagementScope deviceguard = new ManagementScope(@"\\" + System + @"\root\Microsoft\Windows\DeviceGuard", options);
// Need to create a second MS object since we use a separate namespace.
//! Need to find a more elegant solution to this!
scope.Connect();
//deviceguard.Connect();
// We'll need this when we get the provider going so we can check for DG
//ManagementScope deviceScope = scope.Clone();
//deviceScope.Path = new ManagementPath(@"\\" + System + @"\root\Microsoft\Windows\DeviceGuard");
//if (GetDeviceGuard.CheckDgWmi(scope, planter.System))
// Console.WriteLine("deviceguard enabled");
Messenger.GoodMessage("[+] Connected\n");
//return Tuple.Create(scope, deviceguard);
return scope;
}
19
View Source File : AspNetPagePostDataChangedLeave.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetPagePostDataChangedLeave> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : ComputerInfo.cs
License : MIT License
Project Creator : Cankirism
License : MIT License
Project Creator : Cankirism
public List<string> GetCpuInfo()
{
string computerDomain = System.Configuration.ConfigurationManager.AppSettings["computerDomain"];
ConnectionOptions oConn = new ConnectionOptions();
oConn.Username =computerDomain+"\\"+Giris.UserName;
oConn.Preplacedword = Giris.UserPreplacedword;
List<string> cpuList = new List<string>();
try
{
var oScope = new ManagementScope($"\\\\{_ipAddress}\\root\\CIMV2", oConn);
oScope.Options.EnablePrivileges = true;
oScope.Connect();
var query = new ObjectQuery(" Select * from Win32_Processor");
var ObjSearcher = new ManagementObjectSearcher(oScope, query);
foreach (var obj in ObjSearcher.Get())
{
cpuList.Add(obj["Name"].ToString());
}
}
catch (System.Runtime.InteropServices.COMException comEx)
{
_errState = true;
InfoErr = comEx.Message;
}
catch (Exception err)
{
_errState = true;
InfoErr = err.Message;
}
return cpuList;
}
19
View Source File : AspNetPagePreInitLeave.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetPagePreInitLeave> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : Program.cs
License : BSD 3-Clause "New" or "Revised" License
Project Creator : GhostPack
License : BSD 3-Clause "New" or "Revised" License
Project Creator : GhostPack
private static void SetRestrictedAdminRegistryValue(string computerName, int value)
{
/*
* Sets (or clears) the DisableRestrictedAdmin registry setting on a remote "computerName" using WMI's StdRegProv
*
* value == 0 -> enable RestrictedAdmin (set DisableRestrictedAdmin set to 0)
* value == 1 -> enable RestrictedAdmin (set DisableRestrictedAdmin set to 1)
* value == -1 -> clear DisableRestrictedAdmin value (so disabled behavior)
*
* Note: adapted from https://web.archive.org/web/20200212015446/http://softvernow.com/2018/09/02/using-wmi-and-c-registry-values/
*
*/
ManagementScope scope = null;
try
{
ConnectionOptions connection = new ConnectionOptions();
connection.Impersonation = System.Management.ImpersonationLevel.Impersonate;
// optional: explicit credentials
//connection.Username = "userName";
//connection.Preplacedword = "preplacedword";
//connection.Authority = "NTLMDOMAIN:MY_DOMAIN";
// connect to the remote management scope
scope = new ManagementScope($"\\\\{computerName}\\root\\default", connection);
scope.Connect();
// instantiate the StdRegProv clreplaced for remote registry interaction
ManagementClreplaced registry = new ManagementClreplaced(scope, new ManagementPath("StdRegProv"), null);
if(value == -1)
{
// if we're clearing the value
ManagementBaseObject inParams = registry.GetMethodParameters("DeleteValue");
inParams["sSubKeyName"] = @"SYSTEM\CurrentControlSet\Control\Lsa";
inParams["sValueName"] = @"DisableRestrictedAdmin";
ManagementBaseObject outParams = registry.InvokeMethod("DeleteValue", inParams, null);
}
else
{
// otherwise set the DisableRestrictedAdmin value to what's specified
ManagementBaseObject inParams = registry.GetMethodParameters("SetDWORDValue");
inParams["sSubKeyName"] = @"SYSTEM\CurrentControlSet\Control\Lsa";
inParams["sValueName"] = @"DisableRestrictedAdmin";
inParams["uValue"] = (UInt32)value;
ManagementBaseObject outParams = registry.InvokeMethod("SetDWORDValue", inParams, null);
}
}
catch (Exception e)
{
Console.WriteLine($"[X] Error: {e.Message}");
}
}
19
View Source File : AspNetPageRenderEnter.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetPageRenderEnter> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : FileWrite.cs
License : GNU General Public License v3.0
Project Creator : 0xthirteen
License : GNU General Public License v3.0
Project Creator : 0xthirteen
static void WriteToWMIClreplaced(string host, string username, string preplacedword, string wnamespace, string clreplacedname)
{
ConnectionOptions options = new ConnectionOptions();
Console.WriteLine("[+] Target : {0}", host);
if (!String.IsNullOrEmpty(username))
{
Console.WriteLine("[+] User : {0}", username);
options.Username = username;
options.Preplacedword = preplacedword;
}
Console.WriteLine();
ManagementScope scope = new ManagementScope(String.Format("\\\\{0}\\{1}", host, wnamespace), options);
try
{
scope.Connect();
Console.WriteLine("[+] WMI connection established");
}
catch (Exception ex)
{
Console.WriteLine("[X] Failed to connecto to WMI : {0}", ex.Message);
return;
}
try
{
var nclreplaced = new ManagementClreplaced(scope, new ManagementPath(string.Empty), new ObjectGetOptions());
nclreplaced["__CLreplaced"] = clreplacedname;
nclreplaced.Qualifiers.Add("Static", true);
nclreplaced.Properties.Add("WinVal", CimType.String, false);
nclreplaced.Properties["WinVal"].Qualifiers.Add("read", true);
nclreplaced["WinVal"] = datavals;
//nclreplaced.Properties.Add("Sizeof", CimType.String, false);
//nclreplaced.Properties["Sizeof"].Qualifiers.Add("read", true);
//nclreplaced.Properties["Sizeof"].Qualifiers.Add("Description", "Value needed for Windows");
nclreplaced.Put();
Console.WriteLine("[+] Create WMI Clreplaced : {0} {1}", wnamespace, clreplacedname);
}
catch (Exception ex)
{
Console.WriteLine(String.Format("[X] Error : {0}", ex.Message));
return;
}
}
19
View Source File : AspNetProfileBegin.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetProfileBegin> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : Printer.cs
License : MIT License
Project Creator : huali20040714
License : MIT License
Project Creator : huali20040714
private string GetDefaultPrintName(string printName)
{
var ms = new ManagementScope(ManagementPath.DefaultPath);
ms.Connect();
var sq = new SelectQuery();
sq.QueryString = @"SELECT Name FROM Win32_Printer";
var mos = new ManagementObjectSearcher(ms, sq);
var oObjectCollection = mos.Get();
foreach (var mo in oObjectCollection)
{
if (string.IsNullOrEmpty(printName))
{
if (bool.Parse(mo["Default"].ToString()))
return mo["Name"].ToString();
}
else if (mo["Name"].ToString().IndexOf(printName, StringComparison.OrdinalIgnoreCase) >= 0)
{
return mo["Name"].ToString();
}
}
return "";
}
19
View Source File : AspNetRequestDequeued.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetRequestDequeued> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : Utils.cs
License : GNU General Public License v3.0
Project Creator : CodeDead
License : GNU General Public License v3.0
Project Creator : CodeDead
internal static List<RamStick> GetRamSticks()
{
List<RamStick> ramSticks = new List<RamStick>();
ConnectionOptions connection = new ConnectionOptions { Impersonation = ImpersonationLevel.Impersonate };
ManagementScope scope = new ManagementScope("\\root\\CIMV2", connection);
scope.Connect();
ObjectQuery query = new ObjectQuery(@"SELECT * FROM Win32_PhysicalMemory");
ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, query);
// ReSharper disable once PossibleInvalidCastExceptionInForeachLoop
foreach (ManagementObject queryObj in searcher.Get())
{
RamStick stick = new RamStick();
foreach (PropertyData data in queryObj.Properties)
{
if (data.Value != null)
{
stick.AddRamData(new RamData(data.Name.Trim(), data.Value.ToString().Trim()));
}
}
ramSticks.Add(stick);
}
return ramSticks;
}
19
View Source File : AspNetRoleManagerBegin.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetRoleManagerBegin> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : Connector.cs
License : GNU General Public License v3.0
Project Creator : iomoath
License : GNU General Public License v3.0
Project Creator : iomoath
private ManagementScope DoWmiConnection(Planter planter)
{
//Block for connecting to the remote system and returning a ManagementScope object
SystemToConn = planter.System;
Domain = planter.Domain;
Username = planter.User;
Preplacedword = planter.Preplacedword;
ConnectionOptions options = new ConnectionOptions();
if (string.IsNullOrEmpty(SystemToConn))
SystemToConn = "localhost";
if (string.IsNullOrEmpty(Username))
Username = Environment.UserName;
switch (SystemToConn)
{
case "127.0.0.1":
case "localhost":
Messenger.GoodMessage($"[+] Connecting to local WMI instance using {Username} ...");
break;
default:
Messenger.GoodMessage($"[+] Connecting to remote WMI instance using {Username} ...");
break;
}
if (!string.IsNullOrEmpty(Preplacedword?.ToString()))
{
options.Username = Username;
options.SecurePreplacedword = Preplacedword;
options.Authority = "ntlmdomain:" + Domain;
options.Impersonation = ImpersonationLevel.Impersonate;
options.EnablePrivileges = true; // This may be ok for all or may not, need to verify
}
else
{
options.Impersonation = ImpersonationLevel.Impersonate;
options.EnablePrivileges = true;
}
ManagementScope scope = new ManagementScope(@"\\" + SystemToConn + [email protected]"\{planter.NameSpace}", options);
//ManagementScope deviceguard = new ManagementScope(@"\\" + System + @"\root\Microsoft\Windows\DeviceGuard", options);
// Need to create a second MS object since we use a separate namespace.
//! Need to find a more elegant solution to this!
scope.Connect();
//deviceguard.Connect();
// We'll need this when we get the provider going so we can check for DG
//ManagementScope deviceScope = scope.Clone();
//deviceScope.Path = new ManagementPath(@"\\" + System + @"\root\Microsoft\Windows\DeviceGuard");
//if (GetDeviceGuard.CheckDgWmi(scope, planter.System))
// Console.WriteLine("deviceguard enabled");
Messenger.GoodMessage("[+] Connected");
//return Tuple.Create(scope, deviceguard);
return scope;
}
19
View Source File : AspNetRoleManagerGetUserRoles.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetRoleManagerGetUserRoles> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : Program.cs
License : GNU General Public License v3.0
Project Creator : 0xthirteen
License : GNU General Public License v3.0
Project Creator : 0xthirteen
static void WriteToRegKey(string host, string username, string preplacedword, string keypath, string valuename)
{
if (!keypath.Contains(":"))
{
Console.WriteLine("[-] Please put ':' inbetween hive and path: HKCU:Location\\Of\\Key");
return;
}
string[] reginfo = keypath.Split(':');
string reghive = reginfo[0];
string wmiNameSpace = "root\\CIMv2";
UInt32 hive = 0;
switch (reghive.ToUpper())
{
case "HKCR":
hive = 0x80000000;
break;
case "HKCU":
hive = 0x80000001;
break;
case "HKLM":
hive = 0x80000002;
break;
case "HKU":
hive = 0x80000003;
break;
case "HKCC":
hive = 0x80000005;
break;
default:
Console.WriteLine("[X] Error : Could not get the right reg hive");
return;
}
ConnectionOptions options = new ConnectionOptions();
Console.WriteLine("[+] Target : {0}", host);
if (!String.IsNullOrEmpty(username))
{
Console.WriteLine("[+] User : {0}", username);
options.Username = username;
options.Preplacedword = preplacedword;
}
Console.WriteLine();
ManagementScope scope = new ManagementScope(String.Format("\\\\{0}\\{1}", host, wmiNameSpace), options);
try
{
scope.Connect();
Console.WriteLine("[+] WMI connection established");
}
catch (Exception ex)
{
Console.WriteLine("[X] Failed to connect to to WMI : {0}", ex.Message);
return;
}
try
{
//Probably stay with string value only
ManagementClreplaced registry = new ManagementClreplaced(scope, new ManagementPath("StdRegProv"), null);
ManagementBaseObject inParams = registry.GetMethodParameters("SetStringValue");
inParams["hDefKey"] = hive;
inParams["sSubKeyName"] = reginfo[1];
inParams["sValueName"] = valuename;
inParams["sValue"] = datavals;
ManagementBaseObject outParams = registry.InvokeMethod("SetStringValue", inParams, null);
if(Convert.ToInt32(outParams["ReturnValue"]) == 0)
{
Console.WriteLine("[+] Created {0} {1} and put content inside", keypath, valuename);
}
else
{
Console.WriteLine("[-] An error occured, please check values");
return;
}
}
catch (Exception ex)
{
Console.WriteLine(String.Format("[X] Error : {0}", ex.Message));
return;
}
}
19
View Source File : AspNetSessionStatePartitionEnd.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetSessionStateParreplacedionEnd> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}
19
View Source File : ProcessExt.cs
License : Apache License 2.0
Project Creator : karpach
License : Apache License 2.0
Project Creator : karpach
private static IEnumerable<WmiProcess> GetWmiProcesses(string serverName, string userName, string preplacedword)
{
string key = serverName ?? "localhost";
if (Cache.Contains(key))
{
return Cache[key] as IEnumerable<WmiProcess>;
}
ManagementScope scope = null;
if (serverName != null)
{
ConnectionOptions options;
if (string.IsNullOrEmpty(userName) && string.IsNullOrEmpty(preplacedword))
{
options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
EnablePrivileges = true,
Authentication = AuthenticationLevel.PacketPrivacy
};
}
else
{
options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Identify,
EnablePrivileges = true,
Username = userName,
Preplacedword = preplacedword,
Authentication = AuthenticationLevel.PacketPrivacy
};
}
scope = new ManagementScope($"\\\\{serverName}\\root\\cimv2", options);
try
{
scope.Connect();
}
catch
{
if (Cache.Contains(key))
{
Cache[key] = null;
}
return null;
}
}
ObjectQuery sq = new ObjectQuery("Select CommandLine, ProcessID from Win32_Process");
var result = new List<WmiProcess>();
using (ManagementObjectSearcher searcher = serverName == null ? new ManagementObjectSearcher(sq) : new ManagementObjectSearcher(scope, sq))
{
ManagementObjectCollection objectCollection = searcher.Get();
foreach (ManagementBaseObject obj in objectCollection)
{
IQueryable<PropertyData> properties = obj.Properties.Cast<PropertyData>().AsQueryable();
PropertyData data = properties.FirstOrDefault(p => string.Equals(p.Name, "ProcessId", StringComparison.InvariantCultureIgnoreCase));
if (data == null)
{
continue;
}
result.Add(new WmiProcess
{
ProcessId = (uint)data?.Value,
CommandLine = properties.FirstOrDefault(p => string.Equals(p.Name, "CommandLine"))?.Value?.ToString()
});
}
}
Cache.Add(key, result, DateTime.Now.AddSeconds(5));
return result;
}
19
View Source File : WppComputerServices.cs
License : MIT License
Project Creator : DCourtel
License : MIT License
Project Creator : DCourtel
public void SendCommand(string hostname, string command, Credential credential)
{
ConnectionOptions connectoptions = GetConnectionOptions(hostname, credential);
connectoptions.Impersonation = System.Management.ImpersonationLevel.Impersonate;
System.Management.ManagementScope mgmtScope = new System.Management.ManagementScope(String.Format(@"\\{0}\ROOT\CIMV2", hostname), connectoptions);
mgmtScope.Connect();
System.Management.ObjectGetOptions objectGetOptions = new System.Management.ObjectGetOptions();
System.Management.ManagementPath mgmtPath = new System.Management.ManagementPath("Win32_Process");
System.Management.ManagementClreplaced processClreplaced = new System.Management.ManagementClreplaced(mgmtScope, mgmtPath, objectGetOptions);
System.Management.ManagementBaseObject inParams = processClreplaced.GetMethodParameters("Create");
ManagementClreplaced startupInfo = new ManagementClreplaced("Win32_ProcessStartup");
startupInfo.Properties["ShowWindow"].Value = 0;
inParams["CommandLine"] = command;
inParams["ProcessStartupInformation"] = startupInfo;
processClreplaced.InvokeMethod("Create", inParams, null);
}
19
View Source File : Program.cs
License : GNU General Public License v3.0
Project Creator : 0xthirteen
License : GNU General Public License v3.0
Project Creator : 0xthirteen
static void RemoveRegValue(string host, string username, string preplacedword, string keypath, string keyname)
{
if (!keypath.Contains(":"))
{
Console.WriteLine("[-] Please put ':' inbetween hive and path: HKCU:Location\\Of\\Key");
return;
}
if (!String.IsNullOrEmpty(host))
{
host = "127.0.0.1";
}
string[] reginfo = keypath.Split(':');
string reghive = reginfo[0];
string wmiNameSpace = "root\\CIMv2";
UInt32 hive = 0;
switch (reghive.ToUpper())
{
case "HKCR":
hive = 0x80000000;
break;
case "HKCU":
hive = 0x80000001;
break;
case "HKLM":
hive = 0x80000002;
break;
case "HKU":
hive = 0x80000003;
break;
case "HKCC":
hive = 0x80000005;
break;
default:
Console.WriteLine("[X] Error : Could not get the right reg hive");
return;
}
ConnectionOptions options = new ConnectionOptions();
Console.WriteLine("[+] Target : {0}", host);
if (!String.IsNullOrEmpty(username))
{
Console.WriteLine("[+] User : {0}", username);
options.Username = username;
options.Preplacedword = preplacedword;
}
Console.WriteLine();
ManagementScope scope = new ManagementScope(String.Format("\\\\{0}\\{1}", host, wmiNameSpace), options);
try
{
scope.Connect();
Console.WriteLine("[+] WMI connection established");
}
catch (Exception ex)
{
Console.WriteLine("[X] Failed to connecto to WMI : {0}", ex.Message);
return;
}
try
{
//Probably stay with string value only
ManagementClreplaced registry = new ManagementClreplaced(scope, new ManagementPath("StdRegProv"), null);
ManagementBaseObject inParams = registry.GetMethodParameters("DeleteValue");
inParams["hDefKey"] = hive;
inParams["sSubKeyName"] = keypath;
inParams["sValueName"] = keyname;
ManagementBaseObject outParams1 = registry.InvokeMethod("DeleteValue", inParams, null);
Console.WriteLine("[+] Deleted value at {0} {1}", keypath, keyname);
}
catch (Exception ex)
{
Console.WriteLine(String.Format("[-] {0}", ex.Message));
return;
}
}
19
View Source File : Program.cs
License : GNU General Public License v3.0
Project Creator : 0xthirteen
License : GNU General Public License v3.0
Project Creator : 0xthirteen
static void RemoveWMIClreplaced(string host, string username, string preplacedword, string wnamespace, string clreplacedname)
{
if (!String.IsNullOrEmpty(wnamespace))
{
wnamespace = "root\\CIMv2";
}
if (!String.IsNullOrEmpty(host))
{
host = "127.0.0.1";
}
ConnectionOptions options = new ConnectionOptions();
Console.WriteLine("[+] Target : {0}", host);
if (!String.IsNullOrEmpty(username))
{
Console.WriteLine("[+] User : {0}", username);
options.Username = username;
options.Preplacedword = preplacedword;
}
Console.WriteLine();
ManagementScope scope = new ManagementScope(String.Format("\\\\{0}\\{1}", host, wnamespace), options);
try
{
scope.Connect();
Console.WriteLine("[+] WMI connection established");
}
catch (Exception ex)
{
Console.WriteLine("[X] Failed to connecto to WMI : {0}", ex.Message);
return;
}
try
{
var rmclreplaced = new ManagementClreplaced(scope, new ManagementPath(clreplacedname), new ObjectGetOptions());
rmclreplaced.Delete();
}
catch (Exception ex)
{
Console.WriteLine(String.Format("[-] {0}", ex.Message));
return;
}
}
19
View Source File : WmiHelper.cs
License : BSD 3-Clause "New" or "Revised" License
Project Creator : bitsadmin
License : BSD 3-Clause "New" or "Revised" License
Project Creator : bitsadmin
private static ManagementScope GetScope(string wmiNamespace, string computerName, string username, string preplacedword)
{
// User credentials cannot be used for local connections
if (computerName == ".")
username = preplacedword = null;
ConnectionOptions options = new ConnectionOptions()
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
ManagementScope scope = new ManagementScope(string.Format(@"\\{0}\{1}", computerName, wmiNamespace), options);
scope.Connect();
return scope;
}
19
View Source File : Util.cs
License : GNU General Public License v3.0
Project Creator : fakoua
License : GNU General Public License v3.0
Project Creator : fakoua
public static OsModel GetInfo()
{
var rtnVal = new OsModel();
rtnVal.Memory = GetMemory();
var manScope = new ManagementScope(@"\\.\root\cimv2");
manScope.Options.EnablePrivileges = true;
manScope.Connect();
var query = new ObjectQuery("SELECT * FROM Win32_OperatingSystem");
using (ManagementObjectSearcher mos = new ManagementObjectSearcher(manScope, query))
{
ManagementObjectCollection queryCollection = mos.Get();
foreach (ManagementObject mo in queryCollection)
{
rtnVal.MachineName = mo["CSName"].ToString();
rtnVal.OsName = mo["Caption"].ToString();
rtnVal.Architecture = mo["OSArchitecture"].ToString();
rtnVal.InstallDate = mo["InstallDate"].ToString();
rtnVal.LastBootupTime = mo["LastBootupTime"].ToString();
}
}
query = new ObjectQuery("SELECT * FROM Win32_Processor");
using (ManagementObjectSearcher mp = new ManagementObjectSearcher(manScope, query))
{
ManagementObjectCollection queryCollection = mp.Get();
foreach (ManagementObject mo in queryCollection)
{
rtnVal.Processor = mo["Name"].ToString();
}
}
return rtnVal;
}
19
View Source File : AspNetPageInitLeave.cs
License : MIT License
Project Creator : matteofabbri
License : MIT License
Project Creator : matteofabbri
public static IEnumerable<AspNetPageInitLeave> Retrieve(string remote, string username, string preplacedword)
{
var options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Username = username,
Preplacedword = preplacedword
};
var managementScope = new ManagementScope(new ManagementPath($"\\\\{remote}\\root\\wmi"), options);
managementScope.Connect();
return Retrieve(managementScope);
}See More Examples
