suraj1291993

remotewmi.cpp

Aug 20th, 2018
121
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #define _WIN32_DCOM
  2. #define UNICODE
  3. #include <iostream>
  4. using namespace std;
  5. #include <comdef.h>
  6. #include <Wbemidl.h>
  7. #pragma comment(lib, "wbemuuid.lib")
  8. #pragma comment(lib, "credui.lib")
  9. #pragma comment(lib, "comsuppw.lib")
  10. #include <wincred.h>
  11. #include <strsafe.h>
  12.  
  13. int __cdecl main(int argc, char **argv)
  14. {
  15. HRESULT hres;
  16.  
  17. // Step 1: --------------------------------------------------
  18. // Initialize COM. ------------------------------------------
  19.  
  20. hres = CoInitializeEx(0, COINIT_MULTITHREADED);
  21. if (FAILED(hres))
  22. {
  23. cout << "Failed to initialize COM library. Error code = 0x"
  24. << hex << hres << endl;
  25. return 1; // Program has failed.
  26. }
  27.  
  28. // Step 2: --------------------------------------------------
  29. // Set general COM security levels --------------------------
  30.  
  31. hres = CoInitializeSecurity(
  32. NULL,
  33. -1, // COM authentication
  34. NULL, // Authentication services
  35. NULL, // Reserved
  36. RPC_C_AUTHN_LEVEL_DEFAULT, // Default authentication
  37. RPC_C_IMP_LEVEL_IDENTIFY, // Default Impersonation
  38. NULL, // Authentication info
  39. EOAC_NONE, // Additional capabilities
  40. NULL // Reserved
  41. );
  42.  
  43.  
  44. if (FAILED(hres))
  45. {
  46. cout << "Failed to initialize security. Error code = 0x"
  47. << hex << hres << endl;
  48. CoUninitialize();
  49. return 1; // Program has failed.
  50. }
  51.  
  52. // Step 3: ---------------------------------------------------
  53. // Obtain the initial locator to WMI -------------------------
  54.  
  55. IWbemLocator *pLoc = NULL;
  56.  
  57. hres = CoCreateInstance(
  58. CLSID_WbemLocator,
  59. 0,
  60. CLSCTX_INPROC_SERVER,
  61. IID_IWbemLocator, (LPVOID *)&pLoc);
  62.  
  63. if (FAILED(hres))
  64. {
  65. cout << "Failed to create IWbemLocator object."
  66. << " Err code = 0x"
  67. << hex << hres << endl;
  68. CoUninitialize();
  69. return 1; // Program has failed.
  70. }
  71.  
  72. // Step 4: -----------------------------------------------------
  73. // Connect to WMI through the IWbemLocator::ConnectServer method
  74.  
  75. // Get the user name and password for the remote computer
  76. wchar_t pszName[CREDUI_MAX_USERNAME_LENGTH + 1] = L"\\administrator";
  77. wchar_t pszPwd[CREDUI_MAX_PASSWORD_LENGTH + 1] = L"Password";
  78.  
  79. wchar_t pszDomain[CREDUI_MAX_USERNAME_LENGTH + 1];
  80. wchar_t pszUserName[CREDUI_MAX_USERNAME_LENGTH + 1];
  81. // wchar_t pszAuthority[CREDUI_MAX_USERNAME_LENGTH + 1];
  82.  
  83. //mbstowcs(pszName, "\\administrator", CREDUI_MAX_USERNAME_LENGTH + 1);
  84. //mbstowcs(pszPwd, "Vembu123", CREDUI_MAX_USERNAME_LENGTH + 1);
  85.  
  86. // Connect to the remote root\cimv2 namespace
  87. // and obtain pointer pSvc to make IWbemServices calls.
  88. //---------------------------------------------------------
  89.  
  90. cout << "Printing" << endl;
  91. IWbemServices *pSvc = NULL;
  92. hres = pLoc->ConnectServer(
  93. _bstr_t(L"\\\\machine\\root\\cimv2"),
  94. _bstr_t(pszName), // User name
  95. _bstr_t(pszPwd), // User password
  96. NULL, // Locale
  97. NULL, // Security flags
  98. NULL,// Authority
  99. NULL, // Context object
  100. &pSvc // IWbemServices proxy
  101. );
  102.  
  103. if (FAILED(hres))
  104. {
  105. cout << "Could not connect. Error code = 0x"
  106. << hex << hres << endl;
  107. pLoc->Release();
  108. CoUninitialize();
  109. return 1; // Program has failed.
  110. }
  111.  
  112. cout << "Connected to ROOT\\CIMV2 WMI namespace" << endl;
  113.  
  114.  
  115. // step 5: --------------------------------------------------
  116. // Create COAUTHIDENTITY that can be used for setting security on proxy
  117.  
  118. COAUTHIDENTITY *userAcct = NULL;
  119. COAUTHIDENTITY authIdent;
  120.  
  121. cout << "!useToken" << endl;
  122. memset(&authIdent, 0, sizeof(COAUTHIDENTITY));
  123. authIdent.PasswordLength = wcslen(pszPwd);
  124. authIdent.Password = (USHORT*)pszPwd;
  125.  
  126. LPWSTR slash = wcschr(pszName, L'\\');
  127. if (slash == NULL)
  128. {
  129. cout << "Could not create Auth identity. No domain specified\n";
  130. pSvc->Release();
  131. pLoc->Release();
  132. CoUninitialize();
  133. return 1; // Program has failed.
  134. }
  135.  
  136. StringCchCopy(pszUserName, CREDUI_MAX_USERNAME_LENGTH + 1, slash + 1);
  137. authIdent.User = (USHORT*)pszUserName;
  138. authIdent.UserLength = wcslen(pszUserName);
  139.  
  140. StringCchCopyN(pszDomain, CREDUI_MAX_USERNAME_LENGTH + 1, pszName, slash - pszName);
  141. authIdent.Domain = (USHORT*)pszDomain;
  142. authIdent.DomainLength = slash - pszName;
  143. authIdent.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
  144.  
  145. cout << "pszName " << pszName << endl;
  146. cout << "pszPwd " << pszPwd << endl;
  147. cout << "pszDomain " << pszDomain << endl;
  148. cout << "pszUserName " << pszUserName << endl;
  149.  
  150. userAcct = &authIdent;
  151.  
  152. // Step 6: --------------------------------------------------
  153. // Set security levels on a WMI connection ------------------
  154.  
  155. hres = CoSetProxyBlanket(
  156. pSvc, // Indicates the proxy to set
  157. RPC_C_AUTHN_DEFAULT, // RPC_C_AUTHN_xxx
  158. RPC_C_AUTHZ_DEFAULT, // RPC_C_AUTHZ_xxx
  159. COLE_DEFAULT_PRINCIPAL, // Server principal name
  160. RPC_C_AUTHN_LEVEL_PKT_PRIVACY, // RPC_C_AUTHN_LEVEL_xxx
  161. RPC_C_IMP_LEVEL_IMPERSONATE, // RPC_C_IMP_LEVEL_xxx
  162. userAcct, // client identity
  163. EOAC_NONE // proxy capabilities
  164. );
  165.  
  166. if (FAILED(hres))
  167. {
  168. cout << "Could not set proxy blanket. Error code = 0x"
  169. << hex << hres << endl;
  170. pSvc->Release();
  171. pLoc->Release();
  172. CoUninitialize();
  173. return 1; // Program has failed.
  174. }
  175.  
  176. // Step 7: --------------------------------------------------
  177. // Use the IWbemServices pointer to make requests of WMI ----
  178.  
  179. // For example, get the name of the operating system
  180. IEnumWbemClassObject* pEnumerator = NULL;
  181. hres = pSvc->ExecQuery(
  182. bstr_t("WQL"),
  183. bstr_t("Select * from Win32_OperatingSystem"),
  184. WBEM_FLAG_FORWARD_ONLY | WBEM_FLAG_RETURN_IMMEDIATELY,
  185. NULL,
  186. &pEnumerator);
  187.  
  188. if (FAILED(hres))
  189. {
  190. cout << "Query for operating system name failed."
  191. << " Error code = 0x"
  192. << hex << hres << endl;
  193. pSvc->Release();
  194. pLoc->Release();
  195. CoUninitialize();
  196. return 1; // Program has failed.
  197. }
  198.  
  199. // Step 8: -------------------------------------------------
  200. // Secure the enumerator proxy
  201. hres = CoSetProxyBlanket(
  202. pEnumerator, // Indicates the proxy to set
  203. RPC_C_AUTHN_DEFAULT, // RPC_C_AUTHN_xxx
  204. RPC_C_AUTHZ_DEFAULT, // RPC_C_AUTHZ_xxx
  205. COLE_DEFAULT_PRINCIPAL, // Server principal name
  206. RPC_C_AUTHN_LEVEL_PKT_PRIVACY, // RPC_C_AUTHN_LEVEL_xxx
  207. RPC_C_IMP_LEVEL_IMPERSONATE, // RPC_C_IMP_LEVEL_xxx
  208. userAcct, // client identity
  209. EOAC_NONE // proxy capabilities
  210. );
  211.  
  212. if (FAILED(hres))
  213. {
  214. cout << "Could not set proxy blanket on enumerator. Error code = 0x"
  215. << hex << hres << endl;
  216. pEnumerator->Release();
  217. pSvc->Release();
  218. pLoc->Release();
  219. CoUninitialize();
  220. return 1; // Program has failed.
  221. }
  222.  
  223. // When you have finished using the credentials,
  224. // erase them from memory.
  225. SecureZeroMemory(pszName, sizeof(pszName));
  226. SecureZeroMemory(pszPwd, sizeof(pszPwd));
  227. SecureZeroMemory(pszUserName, sizeof(pszUserName));
  228. SecureZeroMemory(pszDomain, sizeof(pszDomain));
  229.  
  230.  
  231. // Step 9: -------------------------------------------------
  232. // Get the data from the query in step 7 -------------------
  233.  
  234. IWbemClassObject *pclsObj = NULL;
  235. ULONG uReturn = 0;
  236.  
  237. while (pEnumerator)
  238. {
  239. HRESULT hr = pEnumerator->Next(WBEM_INFINITE, 1,
  240. &pclsObj, &uReturn);
  241.  
  242. if (0 == uReturn)
  243. {
  244. break;
  245. }
  246.  
  247. VARIANT vtProp;
  248.  
  249. // Get the value of the Name property
  250. hr = pclsObj->Get(L"Name", 0, &vtProp, 0, 0);
  251. wcout << " OS Name : " << vtProp.bstrVal << endl;
  252.  
  253. // Get the value of the FreePhysicalMemory property
  254. hr = pclsObj->Get(L"FreePhysicalMemory",
  255. 0, &vtProp, 0, 0);
  256. wcout << " Free physical memory (in kilobytes): "
  257. << vtProp.uintVal << endl;
  258. VariantClear(&vtProp);
  259.  
  260. pclsObj->Release();
  261. pclsObj = NULL;
  262. }
  263.  
  264. // Cleanup
  265. // ========
  266.  
  267. pSvc->Release();
  268. pLoc->Release();
  269. pEnumerator->Release();
  270. if (pclsObj)
  271. {
  272. pclsObj->Release();
  273. }
  274.  
  275. CoUninitialize();
  276.  
  277. return 0; // Program successfully completed.
  278.  
  279. }
RAW Paste Data