Hi, i'm just starting to learn about WMI (Windows Management Instrumentation) and its classes.
Today, I just wrote some code to print Name of processor, although windows returns error of invalid query after i call IWbemServices->ExecQuery()
code routine is this
mov esi, [service]
lodsd
push offset enumerator
push NULL
push WBEM_FLAG_FORWARD_ONLY
push offset wstrQuery
push offset wstrQueryLanguage
push dword ptr [service]
call dword ptr [eax][IWbemServicesVtbl.ExecQuery]
apologies for not using coinvoke macro, but i will do that later, once i better understand COM in general.
I'm afraid there is no error checking, so please debug this, rather than run it, or atleast point
out what is wrong
the whole source is this
.586
.model flat,stdcall
include <windows.inc>
include <kernel32.inc>
include <ole32.inc>
include <msvcrt.inc>
includelib <kernel32.lib>
includelib <ole32.lib>
includelib <msvcrt.lib>
include <\masm32\macros\macros.asm>
include <\masm32\macros\ucmacros.asm>
; located in ObjIdl.h
EOAC_NONE EQU 0
; located in RpcDce.h
RPC_C_AUTHN_LEVEL_DEFAULT EQU 0
RPC_C_IMP_LEVEL_DEFAULT EQU 0
RPC_C_IMP_LEVEL_IMPERSONATE EQU 3
GUID2 STRUC
dd1 dd ?
dw1 dw ?
dw2 dw ?
db1 db ?
db2 db ?
db3 db ?
db4 db ?
db5 db ?
db6 db ?
db7 db ?
db8 db ?
GUID2 ENDS
IWbemLocator STRUCT
lpVtbl DWORD ?
IWbemLocator ENDS
IWbemLocatorVtbl STRUCT
QueryInterface DWORD ?
AddRef DWORD ?
Release DWORD ?
ConnectServer DWORD ?
IWbemLocatorVtbl ENDS
IWbemServices STRUCT
lpVtbl DWORD ?
IWbemServices ENDS
IWbemServicesVtbl STRUCT
QueryInterface DWORD ?
AddRef DWORD ?
Release DWORD ?
OpenNamespace DWORD ?
CancelAsyncCall DWORD ?
QueryObjectSink DWORD ?
GetObject DWORD ?
GetObjectAsync DWORD ?
PutClass DWORD ?
PutClassAsync DWORD ?
DeleteClass DWORD ?
DeleteClassAsync DWORD ?
CreateClassEnum DWORD ?
CreateClassEnumAsync DWORD ?
PutInstance DWORD ?
PutInstanceAsync DWORD ?
DeleteInstance DWORD ?
DeleteInstanceAsync DWORD ?
CreateInstanceEnum DWORD ?
CreateInstanceEnumAsync DWORD ?
ExecQuery DWORD ?
ExecQueryAsync DWORD ?
ExecNotificationQuery DWORD ?
ExecNotificationQueryAsync DWORD ?
ExecMethod DWORD ?
ExecMethodAsync DWORD ?
IWbemServicesVtbl ENDS
IEnumWbemClassObject STRUCT
lpVtbl DWORD ?
IEnumWbemClassObject ENDS
IEnumWbemClassObjectVtbl STRUCT
QueryInterface DWORD ?
AddRef DWORD ?
Release DWORD ?
Reset DWORD ?
Next DWORD ?
NextAsync DWORD ?
Clone DWORD ?
Skip DWORD ?
IEnumWbemClassObjectVtbl ENDS
IWbemClassObject STRUCT
lpVtbl DWORD ?
IWbemClassObject ENDS
IWbemClassObjectVtbl STRUCT
QueryInterface DWORD ?
AddRef DWORD ?
Release DWORD ?
GetQualifierSet DWORD ?
Get DWORD ?
Put DWORD ?
Delete DWORD ?
GetNames DWORD ?
BeginEnumeration DWORD ?
Next DWORD ?
EndEnumeration DWORD ?
GetPropertyQualifierSet DWORD ?
GetObjectText DWORD ?
SpawnDerivedClass DWORD ?
SpawnInstance DWORD ?
CompareTo DWORD ?
GetPropertyOrigin DWORD ?
InheritsFrom DWORD ?
GetMethod DWORD ?
PutMethod DWORD ?
DeleteMethod DWORD ?
BeginMethodEnumeration DWORD ?
NextMethod DWORD ?
EndMethodEnumeration DWORD ?
GetMethodQualifierSet DWORD ?
GetMethodOrigin DWORD ?
IWbemClassObjectVtbl ENDS
.data
; located in WbemCli.h
WBEM_FLAG_CONNECT_USE_MAX_WAIT EQU 80h
WBEM_FLAG_FORWARD_ONLY EQU 20h
WBEM_INFINITE EQU -1
WBEM_E_INVALID_QUERY EQU 80041017h
WBEM_E_INVALID_QUERY_TYPE EQU 80041018h
IID_IWbemLocator \
GUID2 <0dc12a687h,0737fh,011cfh,088h,04dh,000h,0aah,000h,04bh,02eh,024h>
IID_IEnumWbemClassObject \
GUID2 <027947e1h,0d731h,011ceh,0a3h,057h,000h,000h,000h,000h,000h,001h>
IID_IWbemClassObject \
GUID2 <0dc12a681h,0737fh,011cfh,088h,04dh,000h,0aah,000h,04bh,02eh,024h>
; located in WbemProv.h
CLSID_WbemAdministrativeLocator \
GUID2 <0cb8555cch,09128h,011d1h,0adh,09bh,000h,0c0h,04fh,0d8h,0fdh,0ffh>
locator IWbemLocator <>
service IWbemServices <>
enumerator IEnumWbemClassObject <>
processor IWbemClassObject <>
retCount DWORD ?
var_val DWORD ?
WSTR wstrNameSpace, "root\cimv2"
;WSTR wstrQuery, "SELECT * FROM Win32_Processor"
wstrQuery dw "S","E","L","E","C","T"," ","*"," ","F","R","O","M"," ","W","i","n","3","2","_","P","r","o","c","e","s","s","o","r",00
WSTR wstrQueryLanguage, "WQL"
WSTR wszName, "Name"
wstrCPUName dw "P","r","o","c","e","s","s","o","r"," ","N","a","m","e",":","%","s",00
.code
main:
invoke CoInitializeEx,
NULL,
COINIT_MULTITHREADED
invoke CoInitializeSecurity,
NULL,
-1,
NULL,
NULL,
RPC_C_AUTHN_LEVEL_DEFAULT,
RPC_C_IMP_LEVEL_IMPERSONATE,
NULL,
EOAC_NONE,
NULL
invoke CoCreateInstance,
addr CLSID_WbemAdministrativeLocator,
NULL,
CLSCTX_INPROC_SERVER,
addr IID_IWbemLocator,
addr locator
mov esi, [locator]
lodsd
push offset service
push NULL
push NULL
push WBEM_FLAG_CONNECT_USE_MAX_WAIT
push NULL
push NULL
push NULL
push offset wstrNameSpace
push dword ptr [locator]
call dword ptr [eax][IWbemLocatorVtbl.ConnectServer]
mov esi, [service]
lodsd
push offset enumerator
push NULL
push WBEM_FLAG_FORWARD_ONLY
push offset wstrQuery
push offset wstrQueryLanguage
push dword ptr [service]
call dword ptr [eax][IWbemServicesVtbl.ExecQuery]
mov esi, [enumerator]
lodsd
push offset retCount
push offset processor
push TRUE
push WBEM_INFINITE
push dword ptr [enumerator]
call dword ptr [eax][IEnumWbemClassObjectVtbl.Next]
mov esi, [processor]
lodsd
push NULL
push NULL
push offset var_val
push 0
push offset wszName
push dword ptr [processor]
call dword ptr [eax][IWbemClassObjectVtbl.Get]
mov esi, [var_val]
mov edi, [var_val + 4]
mov ecx, [var_val + 8]
invoke crt_wprintf,
addr wstrCPUName,
ecx
invoke CoUninitialize
invoke ExitProcess,NULL
end main
any ideas at all would help, thanks
OK, i figured out why the Query is invalid, and its because WSTR macro won't handle the '*'
So, now,
mov esi, [processor]
lodsd
push NULL
push NULL
push offset var_val
push 0
push offset wszName
push dword ptr [processor]
call dword ptr [eax][IWbemClassObjectVtbl.Get]
var_val holds the value, 8 on return, but it should be pointer to string, which has name of processor.
any clues?
OK, i got it working! :green
Seems that the 8 returned is possibly length in UNICODE, think it might be UNICODE structure ????
so, any clues for what this is, would be appreciated.
I edited the first message, so that the code should now run on your computer too.
and the source and binary can be downloaded http://homepage.eircom.net/~geek/wmi_example_masm.zip