iamtheky

New Powershell Modules (DISM / CIM)

6 posts in this topic

#1 ·  Posted (edited)

*Requires Win 8 or higher, unless there is someway to import the DISM module in lower versions I am unaware of.

As my last thread of powershell efforts was aimed at AD, so this one will be aimed at the DISM module available in Win 8 and above.  Lets begin:

This is the DISM image info command, via powershell, returning an array.

#RequireAdmin
#include <AutoItConstants.au3>
#include <Array.au3>

$sImagePath = 'C:\Users\username\Desktop\WIMs_2008\install.wim'

$sCommands = "powershell get-WindowsImage -ImagePath " & $sImagePath
$iPID = run($sCommands, "", @SW_HIDE , $stdout_child)

$sOutput = ""

 While 1
        $sOutput &= StdoutRead($iPID)
        If @error Then 
            ExitLoop
        EndIf
 WEnd

$aOutput = stringsplit($sOutput , @CR , 2)

 For $i = ubound($aOutput) - 1 to 0 step - 1
If stringleft(stringstripws($aOutput[$i], 1) , 1) = "" Then _ArrayDelete($aOutput, $i)
Next

_ArrayDisplay($aOutput)

 

Edited by boththose
no need for comspec

,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Share this post


Link to post
Share on other sites



#2 ·  Posted (edited)

You probably want to add  "-ExecutionPolicy Bypass -NoLogo" to the command line so that it will work on machines where the execution policy is restricted (the default).

Edit: Scratch that, you are running a cmdlet not a script. :) 

Edited by Jon

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

I'm working backwards (and slowly), I had high hopes of jumping right into importing your .ps1 and writing powershell scripts that include autoit goodness.  But apparently I suck something fierce at that.  This way it is at least functional.

* An example of using the executionpolicy bypass in this manner to import a custom module, in case someone wants to know more about what Jon was recommending:

 

https://www.autoitscript.com/forum/topic/166618-autoit-ing-the-powershell-command-line/?do=findComment&comment=1242799
Edited by boththose

,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

CIM (building block of WMI) just got a bit easier,  here is just the antecedent property from LoggedOnUser.

#requireadmin

;get all logged on users

$iPid = run("powershell Get-CimInstance -Class Win32_LoggedOnUser | select antecedent" , "" , @SW_HIDE , 0x2)

$sOutput = ""

 While 1
        $sOutput &= StdoutRead($iPID)
        If @error Then
            ExitLoop
        EndIf
    WEnd


msgbox(0, '' , $sOutput)

 

Edited by boththose

,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Share this post


Link to post
Share on other sites

Event log is kind of slow for retrieving a list of all users who have ever accessed a system, so finding other ways:

Quick return of all user/domain strings to access the system

#include<Array.au3>
#RequireAdmin

$iPid = run("powershell get-CimInstance Win32_SystemUsers -Property *" , "" , @SW_HIDE , 0x2)

$sOutput = ""

 While 1
        $sOutput &= StdoutRead($iPID)
        If @error Then
            ExitLoop
        EndIf
    WEnd

$aOutput = stringsplit($sOutput , @CR , 2)
_ArrayDisplay($aOutput)

all local user profiles and the date of their last access

#include<Array.au3>
#RequireAdmin

$iPid = run("powershell get-CimInstance Win32_UserProfile -Property *" , "" , @SW_HIDE , 0x2)

$sOutput = ""

 While 1
        $sOutput &= StdoutRead($iPID)
        If @error Then
            ExitLoop
        EndIf
    WEnd

$aOutput = stringsplit($sOutput , @CR , 2)
_ArrayDisplay($aOutput)

 


,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Share this post


Link to post
Share on other sites

Getting Info from your current windows install, these actions require redirection to be turned off.

WindowsEdition, WindowsDriver, WindowsOptionalFeature, WindowsPackage

#include<Array.au3>
#RequireAdmin

DllCall("kernel32.dll", "int", "Wow64DisableWow64FsRedirection", "int", 1)

$sOutput = ""

$iPid = run("powershell get-WindowsEdition -online" , "" , @SW_HIDE , 0x2)

 While 1
        $sOutput &= StdoutRead($iPID)
        If @error Then
            ExitLoop
        EndIf
 WEnd


$iPid = run("powershell get-WindowsDriver -online" , "" , @SW_HIDE , 0x2)

 While 1
        $sOutput &= StdoutRead($iPID)
        If @error Then
            ExitLoop
        EndIf
 WEnd

 $iPid = run("powershell get-WindowsOptionalFeature -online" , "" , @SW_HIDE , 0x2)

 While 1
        $sOutput &= StdoutRead($iPID)
        If @error Then
            ExitLoop
        EndIf
 WEnd

  $iPid = run("powershell get-WindowsPackage -online" , "" , @SW_HIDE , 0x2)

 While 1
        $sOutput &= StdoutRead($iPID)
        If @error Then
            ExitLoop
        EndIf
 WEnd


 $aOutput = stringsplit($sOutput , @CR , 2)
 _ArrayDisplay($aOutput)

 


,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Similar Content

    • computergroove
      By computergroove
      I am trying to start my script on Windows startup and it doesn't run. I have disabled defender and smartscreen with no luck. There is no antivirus on this machine. I have added the script to shell:startup, shell:common startup and HKLM\Software\Microsoft\Windows\Current Version\Run all with no luck. Im at a loss. Please help.
    • Rickname
      By Rickname
      I want to switch from Windows 7 to Windows 8.1 ( x86 ) but I still want to code in AutoIt. Now I saw in the Description file that is only compatible upto Windows 7, but will it work also on 8 ? And yes Im referring to the latest Autoit version available !