wmi/wql: add module to query WMI properties

2019-03-11 20:08:18 +02:00 · 2019-03-11 20:08:18 +02:00 · 8fc49089eb
parent 188cd91f23
commit 8fc49089eb
2 changed files with 85 additions and 1 deletions
--- a/pupy/modules/wmic.py
+++ b/pupy/modules/wmic.py
@ -0,0 +1,52 @@
+# -*- encoding: utf-8 -*-
+
+from argparse import REMAINDER
+
+from pupylib.PupyOutput import Table, List
+from pupylib.PupyModule import config, PupyModule, PupyArgumentParser
+
+__class_name__ = 'WMIC'
+
+@config(category='admin', compat=['windows'])
+class WMIC(PupyModule):
+    ''' Query WMI using WQL '''
+
+    dependencies = ['wql']
+
+    @classmethod
+    def init_argparse(cls):
+        example = 'SELECT * FROM Win32_Share'
+        cls.arg_parser = PupyArgumentParser(
+            prog='wmi', description=cls.__doc__, epilog=example)
+        cls.arg_parser.add_argument(
+            '-c', '--columns-only', action='store_true', help='Show only column names')
+        cls.arg_parser.add_argument('query', nargs=REMAINDER)
+
+    def run(self, args):
+        wql = self.client.remote('wql', 'execute_final')
+        if args.query:
+            cmdline = ' '.join(args.query)
+        else:
+            cmdline = 'SELECT DatabaseDirectory,BuildVersion,LoggingDirectory '\
+              'FROM Win32_WMISetting'
+
+        try:
+            keys, columns, result = wql(cmdline)
+        except Exception as e:
+            self.error(e.strerror)
+            return
+
+        if args.columns_only:
+            if keys:
+                self.log(List(keys, caption='Keys'))
+
+            self.log(List(columns, caption='Columns'))
+            return
+
+        values = []
+
+        records = [{
+            k:unicode(v) or '' for k,v in record
+        } for record in result]
+
+        self.log(Table(records, columns))
--- a/pupy/packages/windows/all/wql.py
+++ b/pupy/packages/windows/all/wql.py
@ -10,4 +10,36 @@ def execute(query):
        pythoncom.CoInitialize()
        client = wmi.WMI()

-    return tuple(client.query(query))
+    return client.query(query)
+
+def execute_final(query):
+    response = execute(query)
+
+    columns = set()
+    keys = set()
+    result = []
+    order = None
+
+    for item in response:
+        keys.update(item.keys)
+        columns.update(item.properties.keys())
+
+        result.append(
+            tuple((column, getattr(item, column)) for column in item.properties)
+        )
+
+    _query = query.lower()
+    try:
+        idx_select = _query.index('select') + 7
+        idx_from = _query.index('from')
+
+        fields = query[idx_select:idx_from]
+        if '*' not in fields:
+            maybe_columns = tuple(x.strip() for x in fields.split(','))
+            if all(column in columns for column in maybe_columns):
+                columns = maybe_columns
+
+    except ValueError:
+        pass
+
+    return tuple(keys), tuple(columns), tuple(result)