Пример #1
0
vector_t *get_windows_command_lines(void){

  vector_t *ret = talloc(sizeof(vector_t));

  HRESULT hr = 0;
  IWbemLocator         *WbemLocator  = NULL;
  IWbemServices        *WbemServices = NULL;
  IEnumWbemClassObject *EnumWbem  = NULL;

  //initializate the Windows security
  hr = CoInitializeEx(0, COINIT_MULTITHREADED);
  hr = CoInitializeSecurity(NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_DEFAULT, RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE, NULL);

  hr = CoCreateInstance(&CLSID_WbemLocator, 0, CLSCTX_INPROC_SERVER, &IID_IWbemLocator, (LPVOID *) &WbemLocator);
  if (WbemLocator == NULL)
    goto exit;

  //connect to the WMI
  hr = WbemLocator->lpVtbl->ConnectServer(WbemLocator, L"ROOT\\CIMV2", NULL, NULL, NULL, 0, NULL, NULL, &WbemServices);   
  if (WbemServices == NULL)
    goto exit;

  //Run the WQL Query
  hr = WbemServices->lpVtbl->ExecQuery(WbemServices, L"WQL", L"SELECT ProcessId,CommandLine FROM Win32_Process", WBEM_FLAG_FORWARD_ONLY, NULL, &EnumWbem);
  if (EnumWbem == NULL)
    goto exit;

  // Iterate over the enumerator
  IWbemClassObject *result = NULL;
  ULONG returnedCount = 0;

  while((hr = EnumWbem->lpVtbl->Next(EnumWbem, WBEM_INFINITE, 1, &result, &returnedCount)) == S_OK) {
    VARIANT ProcessId;
    VARIANT CommandLine;
    
    // access the properties
    hr = result->lpVtbl->Get(result, L"ProcessId", 0, &ProcessId, 0, 0);
    hr = result->lpVtbl->Get(result, L"CommandLine", 0, &CommandLine, 0, 0);            
    if (!(CommandLine.vt==VT_NULL)){
      wprintf(L"%u  %s \r\n", ProcessId.uintVal, CommandLine.bstrVal);
      
      VECTOR_push_back(ret, bstr_to_str(CommandLine.bstrVal));
    }
    
    result->lpVtbl->Release(result);
  }


 exit:
  if (EnumWbem != NULL)
    EnumWbem->lpVtbl->Release(EnumWbem);
  if (WbemServices != NULL)
    WbemServices->lpVtbl->Release(WbemServices);
  if (WbemLocator != NULL)
    WbemLocator->lpVtbl->Release(WbemLocator);

  CoUninitialize();    
  //getchar();

  return ret;
}
Пример #2
0
int wtpinfo_print(char *str, struct wtpinfo * wtpinfo)
{
	char hstr[64];

	char *s = str;




	s+=sprintf (s,"\tWTP Name: %s\n", (!wtpinfo->name ? (uint8_t*)"Not set" : wtpinfo->name) );
	s+=sprintf (s,"\tLocation: %s\n", (!wtpinfo->location ? (uint8_t*)"Not set" : wtpinfo->location) );

	s+=sprintf (s,"\tMAC Adress: ");
	if (wtpinfo->macaddress){
		sock_hwaddrtostr(wtpinfo->macaddress,wtpinfo->macaddress_len,hstr,":");
		s+=sprintf(s,"%s\n",hstr);

	}
	else
		s+=sprintf(s,"Not set\n");

	char disctypestr[32];
	switch(wtpinfo->discovery_type){
		case CW_DISCOVERY_TYPE_STATIC:
			sprintf(disctypestr,"Static");
			break;
			
		case CW_DISCOVERY_TYPE_DHCP:
			sprintf(disctypestr,"DHCP");
			break;
			
		case CW_DISCOVERY_TYPE_DNS:
			sprintf(disctypestr,"DNS");
			break;

		case CW_DISCOVERY_TYPE_AC_REFERRAL:
			sprintf(disctypestr,"AC Referral");
			break;

		default:
			sprintf(disctypestr,"Unknown");
			break;

	}
	s+=sprintf (s,"\tDiscovery Type: %s\n",disctypestr);



//	sock_addrtostr((struct sockaddr*)&wtpinfo->local_ip,hstr,64);

/*
int i0;
for (i0=0; i0<10; i0++){
	printf("%d\n", ((char*)(&wtpinfo->local_ip))[i0]  );
}

*/	s+=sprintf (s,"\tLocal IP: %s\n",sock_addr2str(&(wtpinfo->local_ip)));



	s+=sprintf (s,"\tVendor ID: %d, %s\n", wtpinfo->vendor_id,lw_vendor_id_to_str(wtpinfo->vendor_id) );

	s+=sprintf (s,"\tModel No.: "); //, (!wtpinfo->model_no ? (uint8_t*)"Not set" : wtpinfo->model_no) );
	s+=bstr_to_str(s,wtpinfo->model_no,0);
	s+=sprintf(s,"\n");
	

//	s+=sprintf (s,"\tSerial No.: %s\n", (!wtpinfo->serial_no ? (uint8_t*)"Not set" : wtpinfo->serial_no) );



	s+=sprintf (s,"\tSerial No.: "); 
	s+=bstr_to_str(s,wtpinfo->serial_no,0);
	s+=sprintf(s,"\n");

	s+=sprintf (s,"\tBoard ID: "); 
	s+=bstr_to_str(s,wtpinfo->board_id,0);
	s+=sprintf(s,"\n");

	s+=sprintf (s,"\tBoard Revision: "); 
	s+=bstr_to_str(s,wtpinfo->board_revision,0);
	s+=sprintf(s,"\n");


//	s+=sprintf (s,"\tBoard Id: %s\n", (!wtpinfo->board_id ? (uint8_t*)"Not set" : wtpinfo->board_id) );



	s+=sprintf (s,"\tSoftware Version: ");
//	s+=version_print(s,wtpinfo->software_version,wtpinfo->software_version_len,wtpinfo->software_vendor_id);
	s+=cw_format_version(s,wtpinfo->software_version,wtpinfo->software_vendor_id,"Not set");
	s+=sprintf (s,"\n");


	s+=sprintf (s,"\tHardware Version: ");
	s+=version_print(s,wtpinfo->hardware_version,wtpinfo->hardware_version_len,wtpinfo->hardware_vendor_id);
	s+=sprintf (s,"\tBootloader Version: ");
	s+=version_print(s,wtpinfo->bootloader_version,wtpinfo->bootloader_version_len,wtpinfo->bootloader_vendor_id);
		



//, (!wtpinfo->software_version ? (uint8_t*)"Not set" : wtpinfo->software_version) );



//	s+=sprintf (s,"\tHardware Version: %s\n", (!wtpinfo->hardware_version ? (uint8_t*)"Not set" : wtpinfo->hardware_version) );


	s+=sprintf (s,"\tMax Radios: %d\n",wtpinfo->max_radios);
	s+=sprintf (s,"\tRadios in use: %d\n",wtpinfo->radios_in_use);


	s+=sprintf (s,"\tSession ID: ");
	if (wtpinfo->session_id) {
		int i;
		for (i=0; i<bstr_len(wtpinfo->session_id); i++)
			s+=sprintf(s,"%02X",bstr_data(wtpinfo->session_id)[i]);
	}
	else 
		s+=sprintf(s,"Not set");
		s+=sprintf(s,"\n");

	s+=sprintf (s,"\tMAC Type: ");
	switch (wtpinfo->mac_type){
		case WTP_MAC_TYPE_LOCAL:
			s+=sprintf(s,"local");
			break;
		case WTP_MAC_TYPE_SPLIT:
			s+=sprintf(s,"split");
			break;
		case WTP_MAC_TYPE_BOTH:
			s+=sprintf(s,"local, split");
			break;
	}
	s+=sprintf(s,"\n");

	s+=sprintf (s,"\tFrame Tunnel Mode: ");
	s+=sprintf(s,"(%08X)",wtpinfo->frame_tunnel_mode);
	char * c="";
	if (wtpinfo->frame_tunnel_mode & WTP_FRAME_TUNNEL_MODE_N){
		s+=printf (s,"%snative",c);c=", ";
	}

	if (wtpinfo->frame_tunnel_mode & WTP_FRAME_TUNNEL_MODE_E){
		s+=sprintf (s,"%s802.3",c);c=", ";
	}

	if (wtpinfo->frame_tunnel_mode & WTP_FRAME_TUNNEL_MODE_L){
		s+=sprintf (s,"%sLocal bridging",c);c=", ";
	}
	if (wtpinfo->frame_tunnel_mode == 0)
		s+=sprintf(s," None");

	s+=sprintf(s,"\n");

	s+=sprintf(s,"\tRadios: %d\n",wtpinfo->max_radios);	
	int i;

	char ristr[2048];
	char *r = ristr;
	for (i=0; i<wtpinfo->max_radios; i++){
		if (wtpinfo->radioinfo[i].set)
			r+=radioinfo_print(r,&wtpinfo->radioinfo[i]);
	}

	s+=sprintf(s,"%s",ristr);


	s+=sprintf(s,"Encryption: %08x\n",wtpinfo->encryption_cap);

	s+=wtp_reboot_statistics_print(s,&wtpinfo->reboot_statistics);
	return s-str;


}