• wmic

    先决条件:
    a. 启动Windows Management Instrumentation服务,开放TCP135端口。
    b. 本地安全策略的“网络访问: 本地帐户的共享和安全模式”应设为“经典-本地用户以自己的身份验证”。

    1. wmic /node:"192.168.1.20" /user:"domainadministrator" /password:"123456"

    2.【硬件管理】:

    获取磁盘资料:
    wmic DISKDRIVE get deviceid,Caption,size,InterfaceType
    获取分区资料:
    wmic LOGICALDISK get name,Description,filesystem,size,freespace
    获取CPU资料:
    wmic cpu get name,addresswidth,processorid
    获取主板资料:
    wmic BaseBoard get Manufacturer,Product,Version,SerialNumber
    获取内存数:
    wmic memlogical get totalphysicalmemory
    获得品牌机的序列号:
    wmic csproduct get IdentifyingNumber
    获取声卡资料:
    wmic SOUNDDEV get ProductName
    获取屏幕分辨率
    wmic DESKTOPMONITOR where Status='ok' get ScreenHeight,ScreenWidth

    3. PROCESS【进程管理】:

    列出进程
    wmic process list brief
    (Full显示所有、Brief显示摘要、Instance显示实例、Status显示状态)

    wmic 获取进程路径: 
    wmic process where name="jqs.exe" get executablepath

    wmic 创建新进程 
    wmic process call create notepad
    wmic process call create "C:Program FilesTencentQQQQ.exe" 
    wmic process call create "shutdown.exe -r -f -t 20"

    wmic 删除指定进程: 
    wmic process where name="qq.exe" call terminate 
    wmic process where processid="2345" delete 
    wmic process 2345 call terminate

    wmic 删除可疑进程
    wmic process where "name='explorer.exe' and executablepath<>'%SystemDrive%\windows\explorer.exe'" delete
    wmic process where "name='svchost.exe' and ExecutablePath<>'C:\WINDOWS\system32\svchost.exe'" call Terminate

    3. USERACCOUNT【账号管理】:

    更改当前用户名 
    WMIC USERACCOUNT where "name='%UserName%'" call rename newUserName 
    WMIC USERACCOUNT create /?

    4. SHARE【共享管理】:

    建立共享
    WMIC SHARE CALL Create "","test","3","TestShareName","","c: est",0
    (可使用 WMIC SHARE CALL Create /? 查看create后的参数类型)

    删除共享
    WMIC SHARE where name="C$" call delete
    WMIC SHARE where path='c:\test' delete


    5. SERVICE【服务管理】:

    更改telnet服务启动类型[Auto|Disabled|Manual]
    wmic SERVICE where name="tlntsvr" set startmode="Auto"

    运行telnet服务
    wmic SERVICE where name="tlntsvr" call startservice

    停止ICS服务
    wmic SERVICE where name="ShardAccess" call stopservice

    删除test服务
    wmic SERVICE where name="test" call delete

    6. FSDIR【目录管理】

    列出c盘下名为test的目录
    wmic FSDIR where "drive='c:' and filename='test'" list
    删除c:good文件夹
    wmic fsdir "c:\test" call delete
    重命名c: est文件夹为abc
    wmic fsdir "c:\test" rename "c:abc"
    wmic fsdir where (name='c:\test') rename "c:abc"
    复制文件夹
    wmic fsdir where name='d:\test' call copy "c:\test"

    7.datafile【文件管理】

    重命名
    wmic datafile "c:\test.txt" call rename c:abc.txt

    8.【任务计划】:
    wmic job call create "notepad.exe",0,0,true,false,********154800.000000+480
    wmic job call create "explorer.exe",0,0,1,0,********154600.000000+480
  • 相关阅读:
    Sqlserver 实际开发中表变量的用法
    Python Day 20 面向对象 (面向对象的组合用法,面向对象的三大特性
    Python Day 19 面向对象(初识面向对象)
    Python Day 18 常用模块(模块和包)
    Python Day 17 常用模块(常用模块一 时间模块,random模块,os模块,sys模块,序列化模块)
    Python Day 15 函数(递归函数、二分查找算法)
    Python Day 14 函数(内置函数,匿名函数(lambda表达式))
    Python Day 13 函数(迭代器,生成器,列表推导式,生成器表达式)
    Python Day 11 + Python Day 12 函数(函数名的应用,闭包,装饰器)
    Python Day 10 函数(名称空间,作用域,作用域链,加载顺序等; 函数的嵌套 global,nonlocal)
  • 原文地址:https://www.cnblogs.com/ruiy/p/7145252.html
Copyright © 2020-2023  润新知