성태의 닷넷 이야기
홈 주인
모아 놓은 자료
프로그래밍
질문/답변
사용자 관리
사용자
메뉴
아티클
외부 아티클
유용한 코드
온라인 기능
MathJax 입력기
최근 덧글
[정성태] VT sequences to "CONOUT$" vs. STD_O...
[정성태] NetCoreDbg is a managed code debugg...
[정성태] Evaluating tail call elimination in...
[정성태] What’s new in System.Text.Json in ....
[정성태] What's new in .NET 9: Cryptography ...
[정성태] 아... 제시해 주신 "https://akrzemi1.wordp...
[정성태] 다시 질문을 정리할 필요가 있을 것 같습니다. 제가 본문에...
[이승준] 완전히 잘못 짚었습니다. 댓글 지우고 싶네요. 검색을 해보...
[정성태] 우선 답글 감사합니다. ^^ 그런데, 사실 저 예제는 (g...
[이승준] 수정이 안되어서... byteArray는 BYTE* 타입입니다...
글쓰기
제목
이름
암호
전자우편
HTML
홈페이지
유형
제니퍼 .NET
닷넷
COM 개체 관련
스크립트
VC++
VS.NET IDE
Windows
Team Foundation Server
디버깅 기술
오류 유형
개발 환경 구성
웹
기타
Linux
Java
DDK
Math
Phone
Graphics
사물인터넷
부모글 보이기/감추기
내용
<div style='display: inline'> <h1 style='font-family: Malgun Gothic, Consolas; font-size: 20pt; color: #006699; text-align: center; font-weight: bold'>WMI 쿼리를 명령행에서 간단하게 수행하는 wmic.exe</h1> <p> 그전에도 그냥 기계적으로 사용했다가 이번에 사용하면서 눈에 들어오더군요. ^^;<br /> <br /> <pre style='margin: 10px 0px 10px 10px; padding: 10px 0px 10px 10px; background-color: #fbedbb; overflow: auto; font-family: Consolas, Verdana;' > Useful WMI(C) commands ; <a target='tab' href='http://virot.eu/useful-wmic-commands/'>http://virot.eu/useful-wmic-commands/</a> </pre> <br /> 그러니까 말 그대로 WMI 쿼리를 명령행에서 쉽게 사용할 수 있도록 도와주는 프로그램입니다. 예를 들어, WMI Provider 중에 Win32_ComputerSystem 클래스의 경우,<br /> <br /> <pre style='margin: 10px 0px 10px 10px; padding: 10px 0px 10px 10px; background-color: #fbedbb; overflow: auto; font-family: Consolas, Verdana;' > Win32_ComputerSystem class ; <a target='tab' href='https://learn.microsoft.com/en-us/windows/desktop/cimwin32prov/win32-computersystem'>https://learn.microsoft.com/en-us/windows/desktop/cimwin32prov/win32-computersystem</a> </pre> <br /> <pre style='margin: 10px 0px 10px 10px; padding: 10px 0px 10px 10px; background-color: #fbedbb; overflow: auto; font-family: Consolas, Verdana;' > [Dynamic, Provider("CIMWin32"), SupportsUpdate, UUID("{8502C4B0-5FBB-11D2-AAC1-006008C78BC7}"), AMENDMENT] class Win32_ComputerSystem : CIM_UnitaryComputerSystem { uint16 AdminPasswordStatus; boolean AutomaticManagedPagefile; boolean AutomaticResetBootOption; boolean AutomaticResetCapability; uint16 BootOptionOnLimit; uint16 BootOptionOnWatchDog; ...[생략]... boolean HypervisorPresent; ...[생략]... string Status; string SupportContactDescription[]; string SystemFamily; string SystemSKUNumber; uint16 SystemStartupDelay; string SystemStartupOptions[]; uint8 SystemStartupSetting; string SystemType; uint16 ThermalState; uint64 TotalPhysicalMemory; string UserName; uint16 WakeUpType; string Workgroup; }; </pre> <br /> 제공하는 값들 중에 HypervisorPresent 속성을 구하려면 (C#에서) 다음과 같은 식의 WMI 쿼리를 작성해야 합니다.<br /> <br /> <pre style='margin: 10px 0px 10px 10px; padding: 10px 0px 10px 10px; background-color: #fbedbb; overflow: auto; font-family: Consolas, Verdana;' > // <a target='tab' href='http://wutils.com/wmi/root/cimv2/win32_computersystem/cs-samples.html'>http://wutils.com/wmi/root/cimv2/win32_computersystem/cs-samples.html</a> ManagementScope scope = new ManagementScope("\\\\.\\ROOT\\cimv2"); ObjectQuery query = new ObjectQuery("SELECT * FROM Win32_ComputerSystem Where Name=\"" + Environment.MachineName + "\""); ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, query); ManagementObjectCollection queryCollection = searcher.Get(); foreach (ManagementObject m in queryCollection) { Console.WriteLine("HypervisorPresent : {0}", m["HypervisorPresent"]); } </pre> <br /> 저 값 하나 보자고 C# 코딩까지 하기에는 좀 그렇죠. ^^ 그래서 (운영체제에 기본 포함된) wmic.exe를 사용하면 "Win32_" 접미사를 떼고 다음과 같이 간단하게 호출할 수 있습니다.<br /> <br /> <pre style='margin: 10px 0px 10px 10px; padding: 10px 0px 10px 10px; background-color: #fbedbb; overflow: auto; font-family: Consolas, Verdana;' > C:\temp> <span style='color: blue; font-weight: bold'>wmic ComputerSystem get HypervisorPresent</span> HypervisorPresent TRUE C:\temp> </pre> <br /> 어떤 쿼리를 지원하는지에 대해서는 wmic 도움말(/?)에 보면 다음과 같이 목록을 확인할 수 있습니다.<br /> <br /> <pre style='height: 400px; margin: 10px 0px 10px 10px; padding: 10px 0px 10px 10px; background-color: #fbedbb; overflow: auto; font-family: Consolas, Verdana;' > ALIAS - Access to the aliases available on the local system BASEBOARD - Base board (also known as a motherboard or system board) management. BIOS - Basic input/output services (BIOS) management. BOOTCONFIG - Boot configuration management. CDROM - CD-ROM management. COMPUTERSYSTEM - Computer system management. CPU - CPU management. CSPRODUCT - Computer system product information from SMBIOS. DATAFILE - DataFile Management. DCOMAPP - DCOM Application management. DESKTOP - User's Desktop management. DESKTOPMONITOR - Desktop Monitor management. DEVICEMEMORYADDRESS - Device memory addresses management. DISKDRIVE - Physical disk drive management. DISKQUOTA - Disk space usage for NTFS volumes. DMACHANNEL - Direct memory access (DMA) channel management. ENVIRONMENT - System environment settings management. FSDIR - Filesystem directory entry management. GROUP - Group account management. IDECONTROLLER - IDE Controller management. IRQ - Interrupt request line (IRQ) management. JOB - Provides access to the jobs scheduled using the schedule service. LOADORDER - Management of system services that define execution dependencies. LOGICALDISK - Local storage device management. LOGON - LOGON Sessions. MEMCACHE - Cache memory management. MEMORYCHIP - Memory chip information. MEMPHYSICAL - Computer system's physical memory management. NETCLIENT - Network Client management. NETLOGIN - Network login information (of a particular user) management. NETPROTOCOL - Protocols (and their network characteristics) management. NETUSE - Active network connection management. NIC - Network Interface Controller (NIC) management. NICCONFIG - Network adapter management. NTDOMAIN - NT Domain management. NTEVENT - Entries in the NT Event Log. NTEVENTLOG - NT eventlog file management. ONBOARDDEVICE - Management of common adapter devices built into the motherboard (system board). OS - Installed Operating System/s management. PAGEFILE - Virtual memory file swapping management. PAGEFILESET - Page file settings management. PARTITION - Management of partitioned areas of a physical disk. PORT - I/O port management. PORTCONNECTOR - Physical connection ports management. PRINTER - Printer device management. PRINTERCONFIG - Printer device configuration management. PRINTJOB - Print job management. PROCESS - Process management. PRODUCT - Installation package task management. QFE - Quick Fix Engineering. QUOTASETTING - Setting information for disk quotas on a volume. RDACCOUNT - Remote Desktop connection permission management. RDNIC - Remote Desktop connection management on a specific network adapter. RDPERMISSIONS - Permissions to a specific Remote Desktop connection. RDTOGGLE - Turning Remote Desktop listener on or off remotely. RECOVEROS - Information that will be gathered from memory when the operating system fails. REGISTRY - Computer system registry management. SCSICONTROLLER - SCSI Controller management. SERVER - Server information management. SERVICE - Service application management. SHADOWCOPY - Shadow copy management. SHADOWSTORAGE - Shadow copy storage area management. SHARE - Shared resource management. SOFTWAREELEMENT - Management of the elements of a software product installed on a system. SOFTWAREFEATURE - Management of software product subsets of SoftwareElement. SOUNDDEV - Sound Device management. STARTUP - Management of commands that run automatically when users log onto the computer system. SYSACCOUNT - System account management. SYSDRIVER - Management of the system driver for a base service. SYSTEMENCLOSURE - Physical system enclosure management. SYSTEMSLOT - Management of physical connection points including ports, slots and peripherals, and proprietary connections points. TAPEDRIVE - Tape drive management. TEMPERATURE - Data management of a temperature sensor (electronic thermometer). TIMEZONE - Time zone data management. UPS - Uninterruptible power supply (UPS) management. USERACCOUNT - User account management. VOLTAGE - Voltage sensor (electronic voltmeter) data management. VOLUME - Local storage volume management. VOLUMEQUOTASETTING - Associates the disk quota setting with a specific disk volume. VOLUMEUSERQUOTA - Per user storage volume quota management. WMISET - WMI service operational parameters management. </pre> <br /> 위의 내용을 보면, "wmic ComputerSystem ..."에서의 "ComputerSystem"은 "Win32_ComputerSystem"에서 "Win32_"를 떼어냈다기보다는 그냥 별칭으로 정의된 것에 불과한 것임을 알 수 있습니다.<br /> <br /> 그런데, 저 목록에 없는 경우는 퀴리를 못하는 걸까요? 예를 들어, 지난 글에 다룬,<br /> <br /> <pre style='margin: 10px 0px 10px 10px; padding: 10px 0px 10px 10px; background-color: #fbedbb; overflow: auto; font-family: Consolas, Verdana;' > C# - Open Hardware Monitor를 이용한 CPU 온도 정보 ; <a target='tab' href='http://www.sysnet.pe.kr/2/0/11904'>http://www.sysnet.pe.kr/2/0/11904</a> </pre> <br /> "root\WMI" 네임스페이스에 속한 "MSAcpi_ThermalZoneTemperature" 클래스의 경우 저 목록에 없습니다. 괜찮습니다. ^^ 다음과 같이 직접 네임스페이스와 "path" 인자의 도움으로 간단하게 해결이 됩니다.<br /> <br /> <pre style='margin: 10px 0px 10px 10px; padding: 10px 0px 10px 10px; background-color: #fbedbb; overflow: auto; font-family: Consolas, Verdana;' > C:\Windows\System32>wmic <span style='color: blue; font-weight: bold'>/NAMESPACE:\\root\WMI path MSAcpi_ThermalZoneTemperature</span> get CurrentTemperature CurrentTemperature 3010 3030 </pre> <br /> 윈도우 10부터 "WMIC is deprecated"라는 문구가 뜨는 걸로 봐서 더 이상 지원이 안 될 듯싶은데 어쨌든 현재 상황에서 유용하게 시스템 조회를 할 수 있는 하나의 도구임에는 분명합니다.<br /> <br /> <hr style='width: 50%' /><br /> <br /> 참고로, 아래의 쿼리들도 한번 봐 두면 좋겠죠! ^^<br /> <br /> <pre style='margin: 10px 0px 10px 10px; padding: 10px 0px 10px 10px; background-color: #fbedbb; overflow: auto; font-family: Consolas, Verdana;' > A Brief Usage Guide for Wmic ; <a target='tab' href='https://www.xorrior.com/wmic-the-enterprise/'>https://www.xorrior.com/wmic-the-enterprise/</a> </pre> <br /> <pre style='margin: 10px 0px 10px 10px; padding: 10px 0px 10px 10px; background-color: #fbedbb; overflow: auto; font-family: Consolas, Verdana;' > Host Enumeration: --- OS Specifics --- wmic os LIST Full (* To obtain the OS Name, use the "caption" property) wmic computersystem LIST full --- Anti-Virus --- wmic /namespace:\\root\securitycenter2 path antivirusproduct --- Peripherals --- wmic path Win32_PnPdevice --- Installed Updates --- wmic gfe list brief --- Directory Listing and File Search --- wmic DATAFILE where "path='\\Users\\test\\Documents\\'" GET Name,readable,size wmic DATAFILE where "drive='C:' AND Name like '%password%'" GET Name,readable,size /VALUE --- Local User Accounts --- wmic USERACCOUNT Get Domain,Name,Sid Domain Enumeration: --- Domain and DC Info --- wmic NTDOMAIN GET DomainControllerAddress,DomainName,Roles /VALUE --- Domain User Info --- wmic /NAMESPACE:\\root\directory\ldap PATH ds_user where "ds_samaccountname='testAccount'" GET --- List All Users --- wmic /NAMESPACE:\\root\directory\ldap PATH ds_user GET ds_samaccountname --- List All Groups --- wmic /NAMESPACE:\\root\directory\ldap PATH ds_group GET ds_samaccountname --- Members of A Group --- wmic /NAMESPACE:\\root\directory\ldap PATH ds_group where "ds_samaccountname='Domain Admins'" Get ds_member /Value --- List All Computers --- wmic /NAMESPACE:\\root\directory\ldap PATH ds_computer GET ds_samaccountname OR wmic /NAMESPACE:\\root\directory\ldap PATH ds_computer GET ds_dnshostname Misc: --- Execute Remote Command --- wmic process call create "cmd.exe /c calc.exe" OR wmic /node:server1 process call create "win32calc.exe" --- Enable Remote Desktop --- wmic rdtoggle where AllowTSConnections="0" call SetAllowTSConnections "1" OR wmic /node:remotehost path Win32_TerminalServiceSetting where AllowTSConnections="0" call SetAllowTSConnections "1" Find partition letters on physical drives using wmic ; <a target='tab' href='https://superuser.com/questions/634842/find-partition-letters-on-physical-drives-using-wmic'>https://superuser.com/questions/634842/find-partition-letters-on-physical-drives-using-wmic</a> --- <a target='tab' href='https://superuser.com/questions/1252565/how-to-get-primary-harddisk-serial-number-only'>how to get primary harddisk serial number only</a> --- wmic logicaldisk where (DeviceID="C:") assoc /assocclass:Win32_LogicalDiskToPartition wmic partition where (DeviceID="Disk #0, Partition #0") assoc /assocclass:Win32_DiskDriveToDiskPartition wmic path win32_diskdrive where deviceid='\\\\.\\PHYSICALDRIVE0' get serialnumber </pre> </p><br /> <br /><hr /><span style='color: Maroon'>[이 글에 대해서 여러분들과 의견을 공유하고 싶습니다. 틀리거나 미흡한 부분 또는 의문 사항이 있으시면 언제든 댓글 남겨주십시오.]</span> </div>
첨부파일
스팸 방지용 인증 번호
1617
(왼쪽의 숫자를 입력해야 합니다.)