Version 8 of Remote exec with tcom and WMI

Updated 2014-09-13 12:17:23 by Janni

Often one needs to execute a command on a remote Windows computer, WMI & tcom can be used to do just that.

With Jaf, we found out that it works like this:

proc remote_exec {command machine} {
    # The impersonation part execs with your current credentials, far as I understood...
    # if you use "." or "localhost" as machine then the execution is in-situ
    set    wmistr "winmgmts:\{impersonationLevel=impersonate\}!"
    append wmistr "\\\\$machine\\root\\cimv2:Win32_Process"
    # get the Win32_Process class
    if {[catch {::tcom::ref getobject $wmistr} wmiproc]} {
        return -code error -1
    # there is a method called Methods_, get it
    set wmiprocmeth [$wmiproc Methods_]
    # it contains an array, get the Create method out of it
    set wmiprocmethcreat [$wmiprocmeth Item "Create"]
    # get the inparameters
    set inparams [[$wmiprocmethcreat InParameters] SpawnInstance_]
    # The properties_ of inparams are what we are after
    set cmdline [[$inparams Properties_] Item "CommandLine"]
    set cwd     [[$inparams Properties_] Item "CurrentDirectory"] 
    set pstart  [[$inparams Properties_] Item "ProcessStartupInformation"] 
    # Set the properties
    $cmdline Value $command 
    # cwd and pstart contain a NULL upon creation, left "as is"

    # Now exec
    set result [$wmiproc ExecMethod_ "Create" $inparams]
    return [[[$result Properties_] Item "ReturnValue"] Value]

For a list of return values see here: [L1 ]

Description of the Win32_Process class.