使用脚本设置wmi的访问权限

如何设置WMI权限

compmgmt.msc进入Computer Management -> WMI Control,然后右键->Properties

Security标签,可以设置每个路径的权限。

如何导出wmi权限

参考资料 https://docs.microsoft.com/en-us/windows/win32/wmisdk/--systemsecurity-getsd

输入命令,可以导出权限安全描述符(security descriptor)

1
wmic /namespace:\\root\CIMV2  /output:sd.txt path __systemsecurity call getSD

sd.txt的内容大概如下

1
2
3
4
5
6
7
8
Executing (__systemsecurity)->getSD()
Method execution successful.
Out Parameters:
instance of __PARAMETERS
{
ReturnValue = 0;
SD = {1, 0, 4, 129, 160, 0, 0, 0, 176, 0, 0, 0, 0, 0, 0, 0, 20, 0, 0, 0, 2, 0, 140, 0, 6, 0, 0, 0, 0, 0, 24, 0, 33, 0, 2, 0, 1, 2, 0, 0, 0, 0, 0, 5, 32, 0, 0, 0, 46, 2, 0, 0, 0, 0, 24, 0, 33, 0, 2, 0, 1, 2, 0, 0, 0, 0, 0, 5, 32, 0, 0, 0, 47, 2, 0, 0, 0, 18, 24, 0, 63, 0, 6, 0, 1, 2, 0, 0, 0, 0, 0, 5, 32, 0, 0, 0, 32, 2, 0, 0, 0, 18, 20, 0, 19, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 5, 20, 0, 0, 0, 0, 18, 20, 0, 19, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 5, 19, 0, 0, 0, 0, 18, 20, 0, 19, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 5, 11, 0, 0, 0, 1, 2, 0, 0, 0, 0, 0, 5, 32, 0, 0, 0, 32, 2, 0, 0, 1, 2, 0, 0, 0, 0, 0, 5, 32, 0, 0, 0, 32, 2, 0, 0};
};

这其中SD={}內文字內容就是二进制保存的安全描述符

导入wmi权限

参考资料 https://docs.microsoft.com/en-us/windows/win32/wmisdk/--systemsecurity-setsd

新建一个.vbs文件,内容如下。

1
2
3
4
strSD = array(1, 0, 4, 129, 160, 0, 0, 0, 176, 0, 0, 0, 0, 0, 0, 0, 20, 0, 0, 0, 2, 0, 140, 0, 6, 0, 0, 0, 0, 0, 24, 0, 33, 0, 2, 0, 1, 2, 0, 0, 0, 0, 0, 5, 32, 0, 0, 0, 46, 2, 0, 0, 0, 0, 24, 0, 33, 0, 2, 0, 1, 2, 0, 0, 0, 0, 0, 5, 32, 0, 0, 0, 47, 2, 0, 0, 0, 18, 24, 0, 63, 0, 6, 0, 1, 2, 0, 0, 0, 0, 0, 5, 32, 0, 0, 0, 32, 2, 0, 0, 0, 18, 20, 0, 19, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 5, 20, 0, 0, 0, 0, 18, 20, 0, 19, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 5, 19, 0, 0, 0, 0, 18, 20, 0, 19, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 5, 11, 0, 0, 0, 1, 2, 0, 0, 0, 0, 0, 5, 32, 0, 0, 0, 32, 2, 0, 0, 1, 2, 0, 0, 0, 0, 0, 5, 32, 0, 0, 0, 32, 2, 0, 0)
set namespace = createobject(“wbemscripting.swbemlocator").connectserver(,"root\CIMV2″)
set security = namespace.get(“[email protected]")
nStatus = security.setsd(strSD)

就可以通过这个vbs导入安全描述符(security descriptor)