Search This Blog

Thursday, January 2, 2020

WMI to Get Logged on User - VB.NET

Below is the function to get the logged on user using WMI in VB.net.
This function checks for the process explorer.exe and then gets the owner of the process. explorer.exe will be actively running for the user who is currently logged on. Please remember that this WMI query might take cpu upto 3%

 Function GetUserName() As String

        Dim moReturn As Management.ManagementObjectCollection
        Dim moSearch As Management.ManagementObjectSearcher
        Dim mo As Management.ManagementObject
        'This scrolls through all the running processes on the PC to determine who is running the "explorer.exe" process. It then returns the username ready for comparison.
        moSearch = New Management.ManagementObjectSearcher("Select * from Win32_Process")
        moReturn = moSearch.Get
        For Each mo In moReturn
            Dim arOwner(2) As String
            mo.InvokeMethod("GetOwner", arOwner)
            Dim strOut As String
            strOut = String.Format("{0} Owner {1} Domain {2}", mo("Name"), arOwner(0), arOwner(1))
            If (mo("Name") = "explorer.exe") Then
                strCurrentUser = String.Format("{0}", arOwner(0))
            End If
        Next
    End Function

Monday, December 30, 2019

Using WMI in Python

Using WMI in Python

Two steps 
  1. Install pywin32 to support wmi commands 
  2. import wmi in python code

INSTALL PYWIIN32
  1. Open Python Terminal 
  2. Type pip install pywin32 and press enter. This will install pywin32
IMPORT WMI PYTHON

Like anyother import command you just need to use import wmi. Below is the sample code which get the list of services that is in stopped state (not running )

import wmi

c = wmi.WMI ()
for s in c.Win32_Service ():
  if s.State == 'Stopped':
    print(s.Caption, s.State)

Saturday, November 23, 2019

GET USB DRIVE POWERSHELL

 

#/////////////// FINDING USB DRIVES /////////////

    Function USBDrive

    {

        $GPD = Get-PhysicalDisk

        foreach($disk in $GPD)

        {

           if( $disk.BusType -eq "USB")

           {

                #$disk.DeviceId

                $colDisks = Get-WmiObject -Class Win32_LogicalDiskToPartition -ComputerName "."

                foreach ($objDisk in $colDisks)

                {

                    if($objDisk.Antecedent.contains("Disk #" + $disk.DeviceId) )

                    {

                       $USBDrive= $objDisk.Dependent.Split("""")[1]

                       $USB = $disk.FriendlyName + " , " + $USBDrive

                     

                        $global:myArray += $USBDrive

 

                     

                    }

       

                }

       

           }

       

        }

       

        

     }

USBDrive

 $global:myArray

Wednesday, May 4, 2016

How to convert Python script file to Executable (.exe) file

1) Create a setup.py file and put in the same directory as of the .py file you want to convert.

2)Copy paste the following lines in the setup.py and do change the "filename.py" into the filename you specified.

from cx_Freeze import setup, Executable
setup(
    name="GUI PROGRAM",
    version="0.1",
    description="MyEXE",
    executables=[Executable("filename.py", base="Win32GUI")],
    )
3) Run the setup.py "$python setup.py build"

4)A new directory will be there there called "build". Inside it you will get your .exe file to be ready to launced directly. (Make sure you copy paste the images files and other external files into the build directory)

Tuesday, May 3, 2016

Possible Security Breach error when you try to access your netlogon folder or any shared folder? Below is the registry fix. Apply the registry and restart the computer

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters
Dword MaxTokenSize
Value : 48000


Auto Elevate DotNet Applications

Below code will check if the dotnet application is started as administartor. if not then it will auto elevate the application

processinfo = New ProcessStartInfo(Assembly.GetEntryAssembly().CodeBase)
            processinfo.UseShellExecute = True
            processinfo.Verb = "runas"
            Process.Start(processinfo)
            Application.Exit()

Get LogonServer - VBscript

Function GetLogonServer()
 On Error Resume Next
 Dim strComputerDom, objWMIService, colItemsDom, objitemDom, strGetDomain
 strComputerDom = "."
 strGetDomain = "Domain: " & GetDomain
 Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputerDom &  "\root\cimv2")
 Set colItemsDom = objWMIService.ExecQuery("Select Name,DomainName,DomainControllerName from  Win32_NTDomain Where Name='" & strGetDomain & "' ")
 For Each objitemDom In colItemsDom
   GetLogonServer = objitemDom.DomainControllerName
 Exit For
 Next

End Function

Above vbscript gets the Logon Server name. This is tested and confirm to work fine