WMIDump

WMIDump dumps all instances of a given WMIClass and is to be used as an information collector. It can be used to collect information about e.g;

– OS, Accounts, Hotfixes, Scheduled Jobs, Services, Processes, Shares
– Hardware, Modems, Network Interfaces, Serial ports, Logical Disks

Running the tool
WMIDump.exe -c [-C] [-d] [-b] [-t|-T] [-u] [-p] [-n]

  -b basedir
  -c configfile
  -C output to console
  -d delimiter
  -u username
  -p password
  -t hostname
  -T hostfile
  -n ThreadCount
  -v verbose

WMIDump.exe -c confighardware.config -u user -p password -t host1

Username and password are optional and can be ommited if an already established connection is to be used.

Output
A folder with the name of each host is created under the current directory in which the results are stored.

Config file
The config file format specifies what class, and optionally what properties are to be dumped.

eg;
Win32_Service;Name;DisplayName;PathName;StartName;CreationClassName

or simply;
Win32_Service

Please report bugs to patrik@cqure.net

Downloads
wmidump-dotnet-1_3_0.zip

Author
WMIDump was developed by Patrik Karlsson.