mirror of https://github.com/n1nj4sec/pupy.git
wmi/wql: add module to query WMI properties
This commit is contained in:
Oleksii Shevchuk
parent
188cd91f23
commit
8fc49089eb
|
|
@ -0,0 +1,52 @@
|
||||||
|
# -*- encoding: utf-8 -*-
|
||||||
|
|
||||||
|
from argparse import REMAINDER
|
||||||
|
|
||||||
|
from pupylib.PupyOutput import Table, List
|
||||||
|
from pupylib.PupyModule import config, PupyModule, PupyArgumentParser
|
||||||
|
|
||||||
|
__class_name__ = 'WMIC'
|
||||||
|
|
||||||
|
@config(category='admin', compat=['windows'])
|
||||||
|
class WMIC(PupyModule):
|
||||||
|
''' Query WMI using WQL '''
|
||||||
|
|
||||||
|
dependencies = ['wql']
|
||||||
|
|
||||||
|
@classmethod
|
||||||
|
def init_argparse(cls):
|
||||||
|
example = 'SELECT * FROM Win32_Share'
|
||||||
|
cls.arg_parser = PupyArgumentParser(
|
||||||
|
prog='wmi', description=cls.__doc__, epilog=example)
|
||||||
|
cls.arg_parser.add_argument(
|
||||||
|
'-c', '--columns-only', action='store_true', help='Show only column names')
|
||||||
|
cls.arg_parser.add_argument('query', nargs=REMAINDER)
|
||||||
|
|
||||||
|
def run(self, args):
|
||||||
|
wql = self.client.remote('wql', 'execute_final')
|
||||||
|
if args.query:
|
||||||
|
cmdline = ' '.join(args.query)
|
||||||
|
else:
|
||||||
|
cmdline = 'SELECT DatabaseDirectory,BuildVersion,LoggingDirectory '\
|
||||||
|
'FROM Win32_WMISetting'
|
||||||
|
|
||||||
|
try:
|
||||||
|
keys, columns, result = wql(cmdline)
|
||||||
|
except Exception as e:
|
||||||
|
self.error(e.strerror)
|
||||||
|
return
|
||||||
|
|
||||||
|
if args.columns_only:
|
||||||
|
if keys:
|
||||||
|
self.log(List(keys, caption='Keys'))
|
||||||
|
|
||||||
|
self.log(List(columns, caption='Columns'))
|
||||||
|
return
|
||||||
|
|
||||||
|
values = []
|
||||||
|
|
||||||
|
records = [{
|
||||||
|
k:unicode(v) or '' for k,v in record
|
||||||
|
} for record in result]
|
||||||
|
|
||||||
|
self.log(Table(records, columns))
|
||||||
|
|
@ -10,4 +10,36 @@ def execute(query):
|
||||||
pythoncom.CoInitialize()
|
pythoncom.CoInitialize()
|
||||||
client = wmi.WMI()
|
client = wmi.WMI()
|
||||||
|
|
||||||
return tuple(client.query(query))
|
return client.query(query)
|
||||||
|
|
||||||
|
def execute_final(query):
|
||||||
|
response = execute(query)
|
||||||
|
|
||||||
|
columns = set()
|
||||||
|
keys = set()
|
||||||
|
result = []
|
||||||
|
order = None
|
||||||
|
|
||||||
|
for item in response:
|
||||||
|
keys.update(item.keys)
|
||||||
|
columns.update(item.properties.keys())
|
||||||
|
|
||||||
|
result.append(
|
||||||
|
tuple((column, getattr(item, column)) for column in item.properties)
|
||||||
|
)
|
||||||
|
|
||||||
|
_query = query.lower()
|
||||||
|
try:
|
||||||
|
idx_select = _query.index('select') + 7
|
||||||
|
idx_from = _query.index('from')
|
||||||
|
|
||||||
|
fields = query[idx_select:idx_from]
|
||||||
|
if '*' not in fields:
|
||||||
|
maybe_columns = tuple(x.strip() for x in fields.split(','))
|
||||||
|
if all(column in columns for column in maybe_columns):
|
||||||
|
columns = maybe_columns
|
||||||
|
|
||||||
|
except ValueError:
|
||||||
|
pass
|
||||||
|
|
||||||
|
return tuple(keys), tuple(columns), tuple(result)
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue