More powerful than the CMD command line WMIC

Recommended for you: Get network issues from WhatsUp Gold. Not end users.

Prerequisites:
a. Windows Management Instrumentation services, open TCP135 port.
b. the local security policy of the “ the network access: sharing and security model for local accounts should be set to ” “ classic - local users to its own authentication”.

1. wmic /node:"192.168.1.20" /user:"domain\administrator" /password:"123456"

2.[Hardware management]:

Access to the disk data:
wmic DISKDRIVE get deviceid,Caption,size,InterfaceType
Gets the partition information:
wmic LOGICALDISK get name,Description,filesystem,size,freespace
Access to CPU data:
wmic cpu get name,addresswidth,processorid
The data acquisition board:
wmic BaseBoard get Manufacturer,Product,Version,SerialNumber
Gets the number of memory:
wmic memlogical get totalphysicalmemory
Sequence number to get the brand machine:
wmic csproduct get IdentifyingNumber
The sound card data acquisition:
wmic SOUNDDEV get ProductName
Access to the screen resolution
wmic DESKTOPMONITOR where Status='ok' get ScreenHeight,ScreenWidth

3. PROCESS[Process management]:

List of processes,
wmic process list brief
(Full display all the Brief display, Instance display, Status display case, state)

Wmic access to the process of path:
wmic process where name="jqs.exe" get executablepath

Wmic to create a new process
wmic process call create notepad
wmic process call create "C:\Program Files\Tencent\QQ\QQ.exe"
wmic process call create "shutdown.exe -r -f -t 20"

Wmic to delete the specified process:
wmic process where name="qq.exe" call terminate
wmic process where processid="2345" delete
wmic process 2345 call terminate

Wmic delete suspicious process
wmic process where "name='explorer.exe' and executablepath<>'%SystemDrive%\\windows\\explorer.exe'" delete
wmic process where "name='svchost.exe' and ExecutablePath<>'C:\\WINDOWS\\system32\\svchost.exe'" call Terminate


3. USERACCOUNT[Account management]:

To change the current user name
WMIC USERACCOUNT where "name='%UserName%'" call rename newUserName
WMIC USERACCOUNT create /?

4. SHARE[Sharing management]:

A
WMIC SHARE CALL Create "sharing", "test", "3", "TestShareName", "", "c:\test", "0
(can use the WMIC SHARE CALL Create /? View create parameter type)

Remove the share
WMIC SHARE where name="C$" call delete
WMIC SHARE where path='c:\\test' delete


5. SERVICE[Service management]:

Change the telnet service startup type[Auto|Disabled|Manual]
wmic SERVICE where name="tlntsvr" set startmode="Auto"

Run the telnet service
wmic SERVICE where name="tlntsvr" call startservice

To stop the ICS service
wmic SERVICE where name="ShardAccess" call stopservice

Remove the test service
wmic SERVICE where name="test" call delete

6. FSDIR[Directory management]

List c test name directory
wmic FSDIR where "drive='c:' and filename='test'" list
Delete the c:\good folder
wmic fsdir "c:\\test" call delete
Rename the c:\test folder for the ABC
wmic fsdir "c:\\test" rename "c:\abc"
wmic fsdir where (name='c:\\test') rename "c:\abc"
Copy the folder
wmic fsdir where name='d:\\test' call copy "c:\\test"

7.datafile[File management]

Rename
wmic datafile "c:\\test.txt" call rename c:\abc.txt

8.[Task plan]:
wmic job call create "notepad.exe",0,0,true,false,********154800.000000+480
wmic job call create "explorer.exe",0,0,1,0,********154600.000000+480

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download

Posted by Christina at November 11, 2013 - 1:34 AM