Last active
September 1, 2024 05:14
-
-
Save EvanMcBroom/99ea88304faec38d3ed1deefd1aba6f9 to your computer and use it in GitHub Desktop.
Examples of using an impersonation token instead of explicit credentials to create a process on a remote host via DCOM and MS-WMI.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Copyright (C) 2024 Evan McBroom | |
#include <Windows.h> | |
#include <iostream> | |
#include <vector> | |
#include <WbemCli.h> | |
#include <atlbase.h> | |
#include <iomanip> | |
// The modified, compiled IDL file from: | |
// https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-wmi/ | |
#include "ms_wmi_h.h" | |
#include "ms_wmi_i.c" | |
#pragma comment(lib, "WbemUuid.lib") | |
WCHAR domainName[] = L"DOMAIN NAME"; | |
WCHAR userName[] = L"USER NAME"; | |
WCHAR password[] = L"PASSWORD"; | |
WCHAR address[] = L"IP ADDRESS OR HOST NAME"; | |
WCHAR process[] = L"calc.exe"; | |
// An alternative option to set EOAC_STATIC_CLOAKING or EOAC_DYNAMIC_CLOAKING on an individual | |
// interface instead of on the entire process (e.g., CoInitializeSecurity) if desired. | |
bool SetProxyBlanket(IUnknown* iunknown) { | |
return SUCCEEDED(CoSetProxyBlanket(iunknown, RPC_C_AUTHN_GSS_NEGOTIATE, RPC_C_AUTHZ_NONE, nullptr, RPC_C_AUTHN_LEVEL_PKT_PRIVACY, RPC_C_IMP_LEVEL_IMPERSONATE, nullptr, EOAC_STATIC_CLOAKING)); | |
} | |
int main() { | |
// Set an impersonation token that will use explicit credentials | |
// when doing NTLM authentication to a remote host. Kerberos | |
// tickets may also be added to the logon session via PTT while | |
// the token is being impersonated. | |
HANDLE token; | |
size_t result = LogonUserW(userName, domainName, password, LOGON32_LOGON_NEW_CREDENTIALS, LOGON32_PROVIDER_WINNT50, &token); | |
(void)ImpersonateLoggedOnUser(token); | |
// Start COM and set it to always use the current impersonation token (e.g., EOAC_STATIC_CLOAKING), | |
// and for COM to choose how to authenticate (e.g., authentication service = -1). NTLM and/or kerberos | |
// can be explicitly set via the authentication list parameter if desired. | |
(void)CoInitialize(nullptr); | |
result = CoInitializeSecurity(nullptr, -1, nullptr, nullptr, RPC_C_AUTHN_LEVEL_PKT_PRIVACY, RPC_C_IMP_LEVEL_IMPERSONATE, nullptr, EOAC_STATIC_CLOAKING, nullptr); | |
// Create an object on a remote host. | |
// For the CLSID_WbemLevel1Login object, this requires you to use Administrative credentials. | |
// CLSID_WbemLevel1Login does not allow you to immediately query IWbemLevel1Login so you | |
// must query for IUnknown first. | |
COSERVERINFO serverInfo = { 0 }; | |
serverInfo.pwszName = address; | |
MULTI_QI interfaces = { 0 }; | |
interfaces.pIID = &IID_IUnknown; | |
if (SUCCEEDED(result = CoCreateInstanceEx(CLSID_WbemLevel1Login, nullptr, CLSCTX_REMOTE_SERVER, &serverInfo, 1, &interfaces))) { | |
// Convert IUnknown to IWbemLevel1Login. | |
// This takes a few seconds to complete the first time you do it on the host, | |
// or if you have not called it in a while and the previous instance has been | |
// destroyed (e.g., due to a timeout). | |
CComPtr<IUnknown> iUnknown{ interfaces.pItf }; | |
CComPtr<IWbemLevel1Login> wbemLevel1Login; | |
if (SUCCEEDED(result = iUnknown.QueryInterface(&wbemLevel1Login))) { | |
WCHAR address[] = L"ROOT\\CIMV2"; | |
CComPtr<IWbemServices> wbemServices; | |
if (SUCCEEDED(result = wbemLevel1Login->NTLMLogin(address, nullptr, 0, nullptr, &wbemServices))) { | |
// Get the WMI object | |
CComPtr<IWbemClassObject> win32Process; | |
wbemServices->GetObjectW(CComBSTR{ L"Win32_Process" }, 0, nullptr, &win32Process, nullptr); | |
// Get the signature (e.g., the definition) of the input parameters. | |
CComPtr<IWbemClassObject> inSignature; | |
win32Process->GetMethod(L"Create", 0, &inSignature, nullptr); | |
CComPtr<IWbemClassObject> inParameters; | |
// Create an instance of the input parameters for use to set them to | |
// actual values. | |
inSignature->SpawnInstance(0, &inParameters); | |
CComVariant variant(process); | |
inParameters->Put(L"CommandLine", 0, &variant, 0); | |
// Execute the Win32_Process:Create and show its output parameters. | |
CComPtr<IWbemClassObject> outParameters; | |
wbemServices->ExecMethod(CComBSTR{ "Win32_Process" }, CComBSTR{ "Create" }, 0, nullptr, inParameters, &outParameters, nullptr); | |
outParameters->Get(L"ProcessId", 0, &variant, nullptr, nullptr); | |
std::cout << "ProcessId: " << variant.uintVal << std::endl; | |
outParameters->Get(L"ReturnValue", 0, &variant, nullptr, nullptr); | |
std::cout << "ReturnValue: " << variant.uintVal << std::endl; | |
} | |
std::cout << result; | |
} | |
} | |
if (result) { | |
std::cout << "Result: " << std::hex << result << std::endl; | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Copyright (C) 2024 Evan McBroom | |
using System; | |
using System.Runtime.InteropServices; | |
using System.Security.Principal; | |
namespace ExecRemoteProcess | |
{ | |
class Program | |
{ | |
public enum RPC_AUTHN_LEVEL | |
{ | |
PKT_PRIVACY = 6 | |
} | |
public enum RPC_IMP_LEVEL | |
{ | |
IMPERSONATE = 3 | |
} | |
public enum EOLE_AUTHENTICATION_CAPABILITIES | |
{ | |
DYNAMIC_CLOAKING = 0x40 | |
} | |
// Argument marshaling taking from: | |
// https://learn.microsoft.com/en-us/dotnet/framework/interop/default-marshalling-for-objects | |
[ComImport] | |
[Guid("F309AD18-D86A-11d0-A075-00C04FB68820")] | |
[InterfaceType(ComInterfaceType.InterfaceIsIUnknown)] | |
public interface IWbemLevel1Login | |
{ | |
[return: MarshalAs(UnmanagedType.Interface)] | |
int EstablishPosition(/* ... */); | |
int RequestChallenge(/* ... */); | |
int WBEMLogin(/* ... */); | |
int NTLMLogin([In, MarshalAs(UnmanagedType.LPWStr)] string wszNetworkResource, [In, MarshalAs(UnmanagedType.LPWStr)] string wszPreferredLocale, [In] long lFlags, [In, MarshalAs(UnmanagedType.IUnknown)] Object pCtx, [MarshalAs(UnmanagedType.IUnknown)] ref Object ppNamespace); | |
} | |
[ComImport] | |
[Guid("9556dc99-828c-11cf-a37e-00aa003240c7")] | |
[InterfaceType(ComInterfaceType.InterfaceIsIUnknown)] | |
public interface IWbemServices | |
{ | |
[return: MarshalAs(UnmanagedType.Interface)] | |
int OpenNamespace(/* ... */); | |
int CancelAsyncCall(/* ... */); | |
int QueryObjectSink(/* ... */); | |
int GetObject([MarshalAs(UnmanagedType.BStr)] string strObjectPath, [In] long lFlags, [In, Optional, MarshalAs(UnmanagedType.IUnknown)] Object pCtx, [In, Out, Optional, MarshalAs(UnmanagedType.IUnknown)] ref Object ppObject, [In, Out, Optional, MarshalAs(UnmanagedType.IUnknown)] ref Object ppCallResult); | |
int GetObjectAsync(/* ... */); | |
int PutClass(/* ... */); | |
int PutClassAsync(/* ... */); | |
int DeleteClass(/* ... */); | |
int DeleteClassAsync(/* ... */); | |
int CreateClassEnum(/* ... */); | |
int CreateClassEnumAsync(/* ... */); | |
int PutInstance(/* ... */); | |
int PutInstanceAsync(/* ... */); | |
int DeleteInstance(/* ... */); | |
int DeleteInstanceAsync(/* ... */); | |
int CreateInstanceEnum(/* ... */); | |
int CreateInstanceEnumAsync(/* ... */); | |
int ExecQuery(/* ... */); | |
int ExecQueryAsync(/* ... */); | |
int ExecNotificationQuery(/* ... */); | |
int ExecNotificationQueryAsync(/* ... */); | |
int ExecMethod([MarshalAs(UnmanagedType.BStr)] string strObjectPath, [MarshalAs(UnmanagedType.BStr)] string strMethodName, [In] long lFlags, [In, Optional, MarshalAs(UnmanagedType.IUnknown)] Object pCtx, [In, Optional, MarshalAs(UnmanagedType.IUnknown)] Object pInParams, [In, Out, Optional, MarshalAs(UnmanagedType.IUnknown)] ref Object ppOutParams, [In, Out, Optional, MarshalAs(UnmanagedType.IUnknown)] ref Object ppCallResult); | |
int ExecMethodAsync(/* ... */); | |
} | |
[ComImport] | |
[Guid("dc12a681-737f-11cf-884d-00aa004b2e24")] | |
[InterfaceType(ComInterfaceType.InterfaceIsIUnknown)] | |
public interface IWbemClassObject | |
{ | |
[return: MarshalAs(UnmanagedType.Interface)] | |
int GetQualifierSet(/* ... */); | |
int Get([In, MarshalAs(UnmanagedType.LPWStr)] string wszName, [In] long lFlags, [In, Out] ref Object pVal, [In, Out, Optional] ref int pType, [In, Out, Optional] ref int plFlavor); | |
int Put([In, MarshalAs(UnmanagedType.LPWStr)] string wszName, [In] long lFlags, [In] ref Object pVal, [In, Optional] int Type); | |
int Delete(/* ... */); | |
int GetNames(/* ... */); | |
int BeginEnumeration(/* ... */); | |
int Next(/* ... */); | |
int EndEnumeration(/* ... */); | |
int GetPropertyQualifierSet(/* ... */); | |
int Clone(/* ... */); | |
int GetObjectText(/* ... */); | |
int SpawnDerivedClass(/* ... */); | |
int SpawnInstance([In] long lFlags, [MarshalAs(UnmanagedType.IUnknown)] ref Object ppNewInstance); | |
int CompareTo(/* ... */); | |
int GetPropertyOrigin(/* ... */); | |
int InheritsFrom(/* ... */); | |
int GetMethod([In, MarshalAs(UnmanagedType.LPWStr)] string wszName, [In] long lFlags, [MarshalAs(UnmanagedType.IUnknown)] ref Object ppInSignature, [MarshalAs(UnmanagedType.IUnknown)] ref Object ppOutSignature); | |
int PutMethod(/* ... */); | |
int DeleteMethod(/* ... */); | |
int BeginMethodEnumeration(/* ... */); | |
int NextMethod(/* ... */); | |
int EndMethodEnumeration(/* ... */); | |
int GetMethodQualifierSet(/* ... */); | |
int GetMethodOrigin(/* ... */); | |
} | |
[DllImport("ole32.dll")] | |
static extern int CoInitializeSecurity(IntPtr pSecDesc, int cAuthSvc, IntPtr asAuthSvc, IntPtr pReserved1, RPC_AUTHN_LEVEL dwAuthnLevel, RPC_IMP_LEVEL dwImpLevel, IntPtr pAuthList, EOLE_AUTHENTICATION_CAPABILITIES dwCapabilities, IntPtr pReserved3); | |
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)] | |
internal static extern bool LogonUser(String username, String domain, String password, int logonType, int logonProvider, ref IntPtr token); | |
static public string domainName = "DOMAIN NAME"; | |
static public string userName = "USER NAME"; | |
static public string password = "PASSWORD"; | |
static public string address = "IP ADDRESS OR HOST NAME"; | |
static public string process = "calc.exe"; | |
static void Main() | |
{ | |
CoInitializeSecurity(IntPtr.Zero, -1, IntPtr.Zero, IntPtr.Zero, RPC_AUTHN_LEVEL.PKT_PRIVACY, RPC_IMP_LEVEL.IMPERSONATE, IntPtr.Zero, EOLE_AUTHENTICATION_CAPABILITIES.DYNAMIC_CLOAKING, IntPtr.Zero); | |
// Set an impersonation token that will use explicit credentials | |
// when doing NTLM authentication to a remote host. Kerberos | |
// tickets may also be added to the logon session via PTT while | |
// the token is being impersonated. | |
var LOGON32_LOGON_NEW_CREDENTIALS = 9; | |
var LOGON32_PROVIDER_WINNT50 = 3; | |
IntPtr token = IntPtr.Zero; | |
LogonUser(userName, domainName, password, LOGON32_LOGON_NEW_CREDENTIALS, LOGON32_PROVIDER_WINNT50, ref token); | |
var context = WindowsIdentity.Impersonate(token); | |
// Create an object on a remote host. | |
// For the CLSID_WbemLevel1Login object, this requires you to use Administrative credentials. | |
// CLSID_WbemLevel1Login does not allow you to immediately query IWbemLevel1Login so you | |
// must query for IUnknown first. | |
var CLSID_WbemLevel1Login = new Guid("8BC3F05E-D86B-11D0-A075-00C04FB68820"); | |
var typeInfo = Type.GetTypeFromCLSID(CLSID_WbemLevel1Login, address, true); | |
var wbemLevel1Login = (IWbemLevel1Login)Activator.CreateInstance(typeInfo); | |
object output = null; | |
var result = wbemLevel1Login.NTLMLogin("ROOT\\CIMV2", null, 0, null, ref output); | |
// Get the WMI object | |
var wbemServices = (IWbemServices)output; | |
result = wbemServices.GetObject("Win32_Process", 0, null, ref output, null); | |
var win32Process = (IWbemClassObject)output; | |
// Get the signature (e.g., the definition) of the input parameters. | |
result = win32Process.GetMethod("Create", 0, ref output, null); | |
var inSignature = (IWbemClassObject)output; | |
// Create an instance of the input parameters for use to set them to | |
// actual values. | |
inSignature.SpawnInstance(0, ref output); | |
var inParameters = (IWbemClassObject)output; | |
var input = (object)process; | |
result = inParameters.Put("CommandLine", 0, ref input); | |
// Execute the Win32_Process:Create and show its output parameters. | |
result = wbemServices.ExecMethod("Win32_Process", "Create", 0, null, inParameters, ref output, null); | |
Object value = null; | |
((IWbemClassObject)output).Get("ProcessId", 0, ref value); | |
Console.Out.WriteLine("ProcessId: " + value.ToString()); | |
((IWbemClassObject)output).Get("ReturnValue", 0, ref value); | |
Console.Out.WriteLine("ReturnValue: " + value.ToString()); | |
Console.In.ReadLine(); | |
} | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// The IDL from the following link, modified to compile cleanly. | |
// https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-wmi/c2ea576a-0a62-4da8-a472-bafde9541f0f | |
import "oaidl.idl"; | |
import "ocidl.idl"; | |
interface IWbemClassObject; | |
interface IWbemServices; | |
interface IWbemObjectSink; | |
interface IEnumWbemClassObject; | |
interface IWbemCallResult; | |
interface IWbemContext; | |
interface IWbemBackupRestore; | |
interface IWbemBackupRestoreEx; | |
interface IWbemLoginClientID; | |
interface IWbemLevel1Login; | |
interface IWbemLoginHelper; | |
[ | |
restricted, | |
uuid(8BC3F05E-D86B-11d0-A075-00C04FB68820) | |
] | |
coclass WbemLevel1Login { | |
interface IWbemLevel1Login; | |
}; | |
[ | |
restricted, | |
uuid(674B6698-EE92-11d0-AD71-00C04FD8FDFF) | |
] | |
coclass WbemContext | |
{ | |
interface IWbemContext; | |
}; | |
[ | |
uuid(9A653086-174F-11d2-B5F9-00104B703EFD) | |
] | |
coclass WbemClassObject | |
{ | |
interface IWbemClassObject; | |
}; | |
[ | |
uuid(C49E32C6-BC8B-11d2-85D4-00105A1F8304) | |
] | |
coclass WbemBackupRestore | |
{ | |
interface IWbemBackupRestoreEx; | |
}; | |
#define OPTIONAL in, unique | |
interface IWbemQualifierSet; | |
[ | |
local, | |
restricted, | |
object, | |
uuid(dc12a681-737f-11cf-884d-00aa004b2e24) | |
] | |
interface IWbemClassObject : IUnknown | |
{ | |
}; | |
interface IWbemServices; | |
[ | |
object, | |
restricted, | |
uuid(7c857801-7381-11cf-884d-00aa004b2e24) | |
] | |
interface IWbemObjectSink : IUnknown | |
{ | |
HRESULT Indicate( | |
[in] long lObjectCount, | |
[in, size_is(lObjectCount)] | |
IWbemClassObject** apObjArray | |
); | |
HRESULT SetStatus( | |
[in] long lFlags, | |
[in] HRESULT hResult, | |
[in] BSTR strParam, | |
[in] IWbemClassObject* pObjParam | |
); | |
}; | |
[ | |
object, | |
restricted, | |
uuid(027947e1-d731-11ce-a357-000000000001) | |
] | |
interface IEnumWbemClassObject : IUnknown | |
{ | |
HRESULT Reset(); | |
HRESULT Next( | |
[in] long lTimeout, | |
[in] ULONG uCount, | |
[out, size_is(uCount), length_is(*puReturned)] | |
IWbemClassObject** apObjects, | |
[out] ULONG* puReturned | |
); | |
HRESULT NextAsync( | |
[in] ULONG uCount, | |
[in] IWbemObjectSink* pSink | |
); | |
HRESULT Clone( | |
[out] IEnumWbemClassObject** ppEnum | |
); | |
HRESULT Skip( | |
[in] long lTimeout, | |
[in] ULONG nCount | |
); | |
}; | |
[ | |
object, | |
restricted, | |
local, | |
uuid(44aca674-e8fc-11d0-a07c-00c04fb68820) | |
] | |
interface IWbemContext : IUnknown | |
{ | |
}; | |
[ | |
object, | |
restricted, | |
uuid(44aca675-e8fc-11d0-a07c-00c04fb68820) | |
] | |
interface IWbemCallResult : IUnknown | |
{ | |
HRESULT GetResultObject( | |
[in] long lTimeout, | |
[out] IWbemClassObject** ppResultObject | |
); | |
HRESULT GetResultString( | |
[in] long lTimeout, | |
[out] BSTR* pstrResultString | |
); | |
HRESULT GetResultServices( | |
[in] long lTimeout, | |
[out] IWbemServices** ppServices | |
); | |
HRESULT GetCallStatus( | |
[in] long lTimeout, | |
[out] long* plStatus | |
); | |
}; | |
[ | |
object, | |
restricted, | |
uuid(9556dc99-828c-11cf-a37e-00aa003240c7), | |
pointer_default(unique) | |
] | |
interface IWbemServices : IUnknown | |
{ | |
HRESULT OpenNamespace( | |
[in] const BSTR strNamespace, | |
[in] long lFlags, | |
[in] IWbemContext* pCtx, | |
[out, in, unique] IWbemServices** ppWorkingNamespace, | |
[out, in, unique] IWbemCallResult** ppResult | |
); | |
HRESULT CancelAsyncCall( | |
[in] IWbemObjectSink* pSink | |
); | |
HRESULT QueryObjectSink( | |
[in] long lFlags, | |
[out] IWbemObjectSink** ppResponseHandler | |
); | |
HRESULT GetObject( | |
[in] const BSTR strObjectPath, | |
[in] long lFlags, | |
[in] IWbemContext* pCtx, | |
[out, in, unique] IWbemClassObject** ppObject, | |
[out, in, unique] IWbemCallResult** ppCallResult | |
); | |
HRESULT GetObjectAsync( | |
[in] const BSTR strObjectPath, | |
[in] long lFlags, | |
[in] IWbemContext* pCtx, | |
[in] IWbemObjectSink* pResponseHandler | |
); | |
HRESULT PutClass( | |
[in] IWbemClassObject* pObject, | |
[in] long lFlags, | |
[in] IWbemContext* pCtx, | |
[out, in, unique] IWbemCallResult** ppCallResult | |
); | |
HRESULT PutClassAsync( | |
[in] IWbemClassObject* pObject, | |
[in] long lFlags, | |
[in] IWbemContext* pCtx, | |
[in] IWbemObjectSink* pResponseHandler | |
); | |
HRESULT DeleteClass( | |
[in] const BSTR strClass, | |
[in] long lFlags, | |
[in] IWbemContext* pCtx, | |
[out, in, unique] IWbemCallResult** ppCallResult | |
); | |
HRESULT DeleteClassAsync( | |
[in] const BSTR strClass, | |
[in] long lFlags, | |
[in] IWbemContext* pCtx, | |
[in] IWbemObjectSink* pResponseHandler | |
); | |
HRESULT CreateClassEnum( | |
[in] const BSTR strSuperclass, | |
[in] long lFlags, | |
[in] IWbemContext* pCtx, | |
[out] IEnumWbemClassObject** ppEnum | |
); | |
HRESULT CreateClassEnumAsync( | |
[in] const BSTR strSuperclass, | |
[in] long lFlags, | |
[in] IWbemContext* pCtx, | |
[in] IWbemObjectSink* pResponseHandler | |
); | |
HRESULT PutInstance( | |
[in] IWbemClassObject* pInst, | |
[in] long lFlags, | |
[in] IWbemContext* pCtx, | |
[out, in, unique] IWbemCallResult** ppCallResult | |
); | |
HRESULT PutInstanceAsync( | |
[in] IWbemClassObject* pInst, | |
[in] long lFlags, | |
[in] IWbemContext* pCtx, | |
[in] IWbemObjectSink* pResponseHandler | |
); | |
HRESULT DeleteInstance( | |
[in] const BSTR strObjectPath, | |
[in] long lFlags, | |
[in] IWbemContext* pCtx, | |
[out, in, unique] IWbemCallResult** ppCallResult | |
); | |
HRESULT DeleteInstanceAsync( | |
[in] const BSTR strObjectPath, | |
[in] long lFlags, | |
[in] IWbemContext* pCtx, | |
[in] IWbemObjectSink* pResponseHandler | |
); | |
HRESULT CreateInstanceEnum( | |
[in] const BSTR strSuperClass, | |
[in] long lFlags, | |
[in] IWbemContext* pCtx, | |
[out] IEnumWbemClassObject** ppEnum | |
); | |
HRESULT CreateInstanceEnumAsync( | |
[in] const BSTR strSuperClass, | |
[in] long lFlags, | |
[in] IWbemContext* pCtx, | |
[in] IWbemObjectSink* pResponseHandler | |
); | |
HRESULT ExecQuery( | |
[in] const BSTR strQueryLanguage, | |
[in] const BSTR strQuery, | |
[in] long lFlags, | |
[in] IWbemContext* pCtx, | |
[out] IEnumWbemClassObject** ppEnum | |
); | |
HRESULT ExecQueryAsync( | |
[in] const BSTR strQueryLanguage, | |
[in] const BSTR strQuery, | |
[in] long lFlags, | |
[in] IWbemContext* pCtx, | |
[in] IWbemObjectSink* pResponseHandler | |
); | |
HRESULT ExecNotificationQuery( | |
[in] const BSTR strQueryLanguage, | |
[in] const BSTR strQuery, | |
[in] long lFlags, | |
[in] IWbemContext* pCtx, | |
[out] IEnumWbemClassObject** ppEnum | |
); | |
HRESULT ExecNotificationQueryAsync( | |
[in] const BSTR strQueryLanguage, | |
[in] const BSTR strQuery, | |
[in] long lFlags, | |
[in] IWbemContext* pCtx, | |
[in] IWbemObjectSink* pResponseHandler | |
); | |
HRESULT ExecMethod( | |
[in] const BSTR strObjectPath, | |
[in] const BSTR strMethodName, | |
[in] long lFlags, | |
[in] IWbemContext* pCtx, | |
[in] IWbemClassObject* pInParams, | |
[out, in, unique] IWbemClassObject** ppOutParams, | |
[out, in, unique] IWbemCallResult** ppCallResult | |
); | |
HRESULT ExecMethodAsync( | |
[in] const BSTR strObjectPath, | |
[in] const BSTR strMethodName, | |
[in] long lFlags, | |
[in] IWbemContext* pCtx, | |
[in] IWbemClassObject* pInParams, | |
[in] IWbemObjectSink* pResponseHandler | |
); | |
}; | |
[ | |
object, | |
restricted, | |
uuid(C49E32C7-BC8B-11d2-85D4-00105A1F8304) | |
] | |
interface IWbemBackupRestore : IUnknown | |
{ | |
HRESULT Backup( | |
[in, string] LPCWSTR strBackupToFile, | |
[in] long lFlags | |
); | |
HRESULT Restore( | |
[in, string] LPCWSTR strRestoreFromFile, | |
[in] long lFlags | |
); | |
}; | |
[ | |
object, | |
restricted, | |
uuid(A359DEC5-E813-4834-8A2A-BA7F1D777D76) | |
] | |
interface IWbemBackupRestoreEx : IWbemBackupRestore | |
{ | |
HRESULT Pause(); | |
HRESULT Resume(); | |
}; | |
typedef enum _WBEM_REFR_VERSION_NUMBER { | |
WBEM_REFRESHER_VERSION = 2 | |
} WBEM_REFR_VERSION_NUMBER; | |
typedef [v1_enum] enum _WBEM_INSTANCE_BLOB_TYPE { | |
WBEM_BLOB_TYPE_ALL = 2, | |
WBEM_BLOB_TYPE_ERROR = 3, | |
WBEM_BLOB_TYPE_ENUM = 4 | |
} WBEM_INSTANCE_BLOB_TYPE; | |
typedef struct _WBEM_REFRESHED_OBJECT { | |
long m_lRequestId; | |
WBEM_INSTANCE_BLOB_TYPE m_lBlobType; | |
long m_lBlobLength; | |
[size_is(m_lBlobLength)] byte* m_pbBlob; | |
} WBEM_REFRESHED_OBJECT; | |
[ | |
restricted, | |
uuid(F1E9C5B2-F59B-11d2-B362-00105A1F8177) | |
] | |
interface IWbemRemoteRefresher : IUnknown { | |
HRESULT RemoteRefresh( | |
[in] long lFlags, | |
[out] long* plNumObjects, | |
[out, size_is(, *plNumObjects)] | |
WBEM_REFRESHED_OBJECT** paObjects | |
); | |
HRESULT StopRefreshing( | |
[in] long lNumIds, | |
[in, size_is(lNumIds)] long* aplIds, | |
[in] long lFlags | |
); | |
HRESULT Opnum5NotUsedOnWire( | |
[in] long lFlags, | |
[out] GUID* pGuid | |
); | |
}; | |
typedef struct { | |
IWbemRemoteRefresher* m_pRefresher; | |
IWbemClassObject* m_pTemplate; | |
GUID m_Guid; | |
} _WBEM_REFRESH_INFO_REMOTE; | |
typedef struct { | |
[string] wchar_t* m_wszNamespace; | |
IWbemClassObject* m_pTemplate; | |
} _WBEM_REFRESH_INFO_NON_HIPERF; | |
typedef enum | |
{ | |
WBEM_REFRESH_TYPE_INVALID = 0, | |
WBEM_REFRESH_TYPE_REMOTE = 3, | |
WBEM_REFRESH_TYPE_NON_HIPERF = 6 | |
}WBEM_REFRESH_TYPE; | |
typedef [switch_type(long)] union { | |
[case (WBEM_REFRESH_TYPE_REMOTE)] | |
_WBEM_REFRESH_INFO_REMOTE m_Remote; | |
[case (WBEM_REFRESH_TYPE_NON_HIPERF)] | |
_WBEM_REFRESH_INFO_NON_HIPERF m_NonHiPerf; | |
[case (WBEM_REFRESH_TYPE_INVALID)] | |
HRESULT m_hres; | |
} WBEM_REFRESH_INFO_UNION; | |
typedef struct { | |
long m_lType; | |
[switch_is(m_lType)] WBEM_REFRESH_INFO_UNION m_Info; | |
long m_lCancelId; | |
} _WBEM_REFRESH_INFO; | |
typedef struct { | |
[string] LPSTR m_szMachineName; | |
DWORD m_dwProcessId; | |
GUID m_guidRefresherId; | |
} _WBEM_REFRESHER_ID; | |
typedef enum { | |
WBEM_RECONNECT_TYPE_OBJECT = 0, | |
WBEM_RECONNECT_TYPE_ENUM = 1, | |
WBEM_RECONNECT_TYPE_LAST = 2 | |
}WBEM_RECONNECT_TYPE; | |
typedef struct { | |
long m_lType; | |
[string] LPCWSTR m_pwcsPath; | |
} _WBEM_RECONNECT_INFO; | |
typedef struct { | |
long m_lId; | |
HRESULT m_hr; | |
} _WBEM_RECONNECT_RESULTS; | |
[ | |
restricted, | |
uuid(2C9273E0-1DC3-11d3-B364-00105A1F8177) | |
] | |
interface IWbemRefreshingServices : IUnknown | |
{ | |
HRESULT AddObjectToRefresher( | |
[in] _WBEM_REFRESHER_ID* pRefresherId, | |
[in, string] LPCWSTR wszPath, | |
[in] long lFlags, | |
[in] IWbemContext* pContext, | |
[in] DWORD dwClientRefrVersion, | |
[out] _WBEM_REFRESH_INFO* pInfo, | |
[out] DWORD* pdwSvrRefrVersion | |
); | |
HRESULT AddObjectToRefresherByTemplate( | |
[in] _WBEM_REFRESHER_ID* pRefresherId, | |
[in] IWbemClassObject* pTemplate, | |
[in] long lFlags, | |
[in] IWbemContext* pContext, | |
[in] DWORD dwClientRefrVersion, | |
[out] _WBEM_REFRESH_INFO* pInfo, | |
[out] DWORD* pdwSvrRefrVersion | |
); | |
HRESULT AddEnumToRefresher( | |
[in] _WBEM_REFRESHER_ID* pRefresherId, | |
[in, string] LPCWSTR wszClass, | |
[in] long lFlags, | |
[in] IWbemContext* pContext, | |
[in] DWORD dwClientRefrVersion, | |
[out] _WBEM_REFRESH_INFO* pInfo, | |
[out] DWORD* pdwSvrRefrVersion | |
); | |
HRESULT RemoveObjectFromRefresher( | |
[in] _WBEM_REFRESHER_ID* pRefresherId, | |
[in] long lId, | |
[in] long lFlags, | |
[in] DWORD dwClientRefrVersion, | |
[out] DWORD* pdwSvrRefrVersion | |
); | |
HRESULT GetRemoteRefresher( | |
[in] _WBEM_REFRESHER_ID* pRefresherId, | |
[in] long lFlags, | |
[in] DWORD dwClientRefrVersion, | |
[out] IWbemRemoteRefresher** ppRemRefresher, | |
[out] GUID* pGuid, | |
[out] DWORD* pdwSvrRefrVersion | |
); | |
HRESULT ReconnectRemoteRefresher( | |
[in] _WBEM_REFRESHER_ID* pRefresherId, | |
[in] long lFlags, | |
[in] long lNumObjects, | |
[in] DWORD dwClientRefrVersion, | |
[in, size_is(lNumObjects)] | |
_WBEM_RECONNECT_INFO* apReconnectInfo, | |
[in, out, size_is(lNumObjects)] | |
_WBEM_RECONNECT_RESULTS* apReconnectResults, | |
[out] DWORD* pdwSvrRefrVersion | |
); | |
}; | |
[ | |
restricted, | |
object, | |
uuid(423EC01E-2E35-11d2-B604-00104B703EFD) | |
] | |
interface IWbemWCOSmartEnum : IUnknown | |
{ | |
HRESULT Next( | |
[in] REFGUID proxyGUID, | |
[in] long lTimeout, | |
[in] ULONG uCount, | |
[out] ULONG* puReturned, | |
[out] ULONG* pdwBuffSize, | |
[out, size_is(, *pdwBuffSize)] byte** pBuffer | |
); | |
}; | |
[ | |
restricted, | |
object, | |
uuid(1C1C45EE-4395-11d2-B60B-00104B703EFD) | |
] | |
interface IWbemFetchSmartEnum : IUnknown | |
{ | |
HRESULT GetSmartEnum( | |
[out] IWbemWCOSmartEnum** ppSmartEnum | |
); | |
}; | |
[ | |
restricted, | |
object, | |
uuid(d4781cd6-e5d3-44df-ad94-930efe48a887) | |
] | |
interface IWbemLoginClientID : IUnknown | |
{ | |
HRESULT SetClientInfo( | |
[in, unique, string] LPWSTR wszClientMachine, | |
[in] long lClientProcId, | |
[in] long lReserved | |
); | |
}; | |
[ | |
object, | |
restricted, | |
uuid(F309AD18-D86A-11d0-A075-00C04FB68820), | |
pointer_default(unique) | |
] | |
interface IWbemLevel1Login : IUnknown | |
{ | |
HRESULT EstablishPosition( | |
[in, unique, string] wchar_t* reserved1, | |
[in] DWORD reserved2, | |
[out] DWORD* LocaleVersion | |
); | |
HRESULT RequestChallenge( | |
[in, unique, string] wchar_t* reserved1, | |
[in, unique, string] wchar_t* reserved2, | |
[out, size_is(16), length_is(16)] unsigned char* reserved3 | |
); | |
HRESULT WBEMLogin( | |
[in, unique, string] wchar_t* reserved1, | |
[in, size_is(16), length_is(16), unique] | |
unsigned char* reserved2, | |
[in] long reserved3, | |
[in] IWbemContext* reserved4, | |
[out] IWbemServices** reserved5 | |
); | |
HRESULT NTLMLogin( | |
[in, unique, string] LPWSTR wszNetworkResource, | |
[in, unique, string] LPWSTR wszPreferredLocale, | |
[in] long lFlags, | |
[in] IWbemContext* pCtx, | |
[out] IWbemServices** ppNamespace | |
); | |
}; | |
[ | |
restricted, | |
object, | |
uuid(541679AB-2E5F-11d3-B34E-00104BCC4B4A) | |
] | |
interface IWbemLoginHelper : IUnknown | |
{ | |
HRESULT SetEvent( | |
[in] LPCSTR sEventToSet | |
); | |
}; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment