What to use WMI(Windows Management Instrumentation) from remote Linux server?

What to use WMI(Windows Management Instrumentation) from remote Linux server?

Usually, I can access and run some command with SSH. In this case, I used "Paramiko" module. This is sample code which I create. However, I have some questions from here. It is if is possible to access and run some command with RDP. At this time. I can not found any solution for this. But I have found about "WMI (Windows Management Instrucmentation)". It make I can get some information which is offered by Window OS with WMI.

1. Install python-wmi-client-wrapper.

In this "Git", there is the way how to installation for this. 

pip install wmi-client-wrapper

2. Install WMI

"WMI" is the package for Window OS. Therefore, the wrapper is necessary. The first step is to obtain these wrapper. Thus, I still need "WMI" main module. In my case, I used Ubuntu 16.04 LTS, and I will install WMI 1.3.16.

ulimit -n 100000 cd /tmp mkdir wmic cd wmic apt install autoconf gcc libdatetime-perl make build-essential g++ python-dev wget http://www.opsview.com/sites/default/files/wmi-1.3.16.tar_.bz2 bunzip2 wmi-1.3.16.tar_.bz2 tar -xvf wmi-1.3.16.tar_ cd wmi-1.3.16/

After above, I need edit some line of file to make and build this WMI.

vim Samba/source/pidl/pidl :583 (to jump to line 583) remove the word defined before @$pidl :wq ========= Look here ============= $pidl = Parse::Pidl::IDL::parse_file($idl_file, \@opt_incdirs); defined @$pidl || die "Failed to parse $idl_file";  >>>> @$pidl || die "Failed to parse $idl_file"; require Parse::Pidl::Typelist; =============================

And I need export some values also.

export ZENHOME=/usr make "CPP=gcc -E -ffreestanding" cp Samba/source/bin/wmic /bin

Now, I can use WMI and WMI-wrapper. From now, I will do some sample code. 

3. Create the sample code.

I will create some sample code to obtain the Window Processor Information.

import wmi_client_wrapper as wmi wmic = wmi.WmiClientWrapper(     username="Administrator",     password="password",     host="172.22.0.123", ) output = wmic.query("SELECT * FROM Win32_Processor")

After run this command, I will get some result with JSON format.

# ./sample.py [{'L2CacheSize': '0', 'VMMonitorModeExtensions': False, 'ConfigManagerErrorCode': '0', 'VoltageCaps': '0', 'PowerManagementSupported': False, 'LoadPercentage': '12', 'SerialNumber': '', 'ThreadCount': '0', 'Version': '', 'MaxClockSpeed': '2400', 'CpuStatus': '1', 'PartNumber': '', 'SecondLevelAddressTranslationExtensions': False, 'Revision': '16130', 'Status': 'OK', 'PNPDeviceID': None, 'L2CacheSpeed': '0', 'AddressWidth': '64', 'ConfigManagerUserConfig': False, 'ErrorCleared': False, 'ProcessorId': '1789FBFF000306F2', 'ProcessorType': '3', 'DeviceID': 'CPU0', 'CurrentVoltage': '0', 'CurrentClockSpeed': '2400', 'Manufacturer': 'GenuineIntel', 'Name': 'Intel(R) Xeon(R) CPU E5-2676 v3 @ 2.40GHz', 'InstallDate': None, 'Level': '6', 'AssetTag': '', 'SocketDesignation': 'CPU 1', 'NumberOfCores': '1', 'Caption': 'Intel64 Family 6 Model 63 Stepping 2', 'StatusInfo': '3', 'Architecture': '9', 'UniqueId': None, 'PowerManagementCapabilities': 'NULL', 'OtherFamilyDescription': None, 'Description': 'Intel64 Family 6 Model 63 Stepping 2', 'CreationClassName': 'Win32_Processor', 'NumberOfLogicalProcessors': '1', 'Family': '5', 'ErrorDescription': None, 'Characteristics': '2816', 'UpgradeMethod': '1', 'SystemName': 'EC2AMAZ-JC32MSV', 'NumberOfEnabledCore': '108', 'LastErrorCode': '0', 'ExtClock': '0', 'Stepping': None, 'VirtualizationFirmwareEnabled': False, 'Role': 'CPU', 'L3CacheSize': '0', 'L3CacheSpeed': '0', 'Availability': '3', 'SystemCreationClassName': 'Win32_ComputerSystem', 'DataWidth': '64'}]

4. Troubleshooting

During I try this, I do not open any security rule for this. I am question for this. I want to know if what port is used for this running. I dump the packet on my host. "135" Port are used. This port is RPC for Window. It is default opened.

04:19:44.298786 IP 172.22.0.216.46372 > 172.22.0.123.135: Flags [S], seq 2010311507, win 26883, options [mss 8961,sackOK,TS val 2762852 ecr 0,nop,wscale 7], length 0 04:19:44.299089 IP 172.22.0.123.135 > 172.22.0.216.46372: Flags [S.], seq 1265146297, ack 2010311508, win 8192, options [mss 8961,nop,w cale 8,sackOK,TS val 1122704139 ecr 2762852], length 0 04:19:44.299098 IP 172.22.0.216.46372 > 172.22.0.123.135: Flags [.], ack 1, win 211, options [nop,nop,TS val 2762853 ecr 1122704139], length 0

I run "netstat -an" on Window. The result is look like below.

TCP    172.22.0.123:59796     52.23.123.168:443      ESTABLISHED   TCP    172.22.0.123:60018     198.252.206.25:443     ESTABLISHED   TCP    [::]:135               [::]:0                 LISTENING   TCP    [::]:445               [::]:0                 LISTENING

Reference 

[ 1 ] https://www.shellandco.net/wmic-command-ubuntu-16-04-lts/

[ 2 ] https://askubuntu.com/questions/885407/installing-wmic-on-ubuntu-16-04-lts

[ 3 ] https://github.com/kanzure/python-wmi-client-wrapper