wmic 常用技巧

作者: admin 分类: 技巧分享 发布时间: 2016-12-26 01:40
wmic process list brief 

#简单列进程
brief 简洁
full 详细

Description 进程名
Name 进程名
ExecutablePath 路径
CommandLine 执行命令
ProcessId 进程id

如查询某进程信息

wmic process where Name="python.exe" get ProcessId,name,commandline

查询某进程 排除

wmic process where "((commandline like '%_nslookup_%') AND NOT (commandline like '%_wmic_%'))" get commandline

获取进程一秒刷新一次

wmic process where Name="feiq.exe" get ProcessId,name,commandline  /every:1
wmic process where "((name ='php.exe')  AND NOT (commandline like '%_wmic_%'))" get  ProcessId,name,commandline /every:1

获取所有进程 相关信息 并将信息 保存至 x.hta
wmic /output:x.hta process get commandline,name,ProcessId /format:htable
/format:hform 另一种格式
/format:textvaluelist 跟list差不多
还有xml

/value
竖着显示

查看服务信息

wmic service where name="mysql5.6" get pathname,startname /value

查看所有开启服务:

wmic service where State="Running" get  StartName,DisplayName, name

查看服务信息

wmic service where state="running" get name,displayname,pathname,startname /format:csv

获取状态为连接状态的物理网卡

wmic nic where "NetConnectionStatus='2' and PNPDeviceID like '%PCI%'" get NetConnectionID

当前系统时间:

wmic path Win32_OperatingSystem get LocalDateTime

程序运行时间

wmic process get CreationDate

获取远程计算机信息:

wmic /node:"192.168.1.20" /user:"domain\administrator" /password:"123456" process list /full

获取电脑产品编号和型号信息
品牌电脑要获取保修 或下载驱动 需要提供 产品编号

这个时候我们可以打开cmd 执行如下命令 来获取

wmic baseboard get Product,SerialNumber
wmic bios get serialnumber

查看安装的软件:

wmic product get name,version
wmic product list brief

外部调用
获取补丁:

select * from Win32_QuickFixEngineering
SELECT * FROM Win32_OperatingSystemQFE

 

获取启动路径有空格且没双引号

wmic service where   "((state='running') and  (pathname like '% %') and not (pathname like '%\"%') and not (pathname like '%system32%') and not (pathname like '%syswow64%'))"  get pathname,name,displayname,startname
标签云