wmic wrapper for SET

src/defender-control/defender-control.vcxproj

@@ -143,10 +143,12 @@
   <ItemGroup>
     <ClCompile Include="dcontrol.cpp" />
     <ClCompile Include="main.cpp" />
+    <ClCompile Include="util.cpp" />
     <ClCompile Include="wmic.cpp" />
   </ItemGroup>
   <ItemGroup>
     <ClInclude Include="dcontrol.hpp" />
+    <ClInclude Include="util.hpp" />
     <ClInclude Include="wmic.hpp" />
   </ItemGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />

src/defender-control/defender-control.vcxproj.filters

@@ -19,6 +19,9 @@
     <Filter Include="Source Files\defender-control\wmic">
       <UniqueIdentifier>{db30358b-f563-460e-92fb-eacafe3a68cb}</UniqueIdentifier>
     </Filter>
+    <Filter Include="Source Files\defender-control\util">
+      <UniqueIdentifier>{0cabcba0-6285-4ad6-9295-add0563d0d48}</UniqueIdentifier>
+    </Filter>
   </ItemGroup>
   <ItemGroup>
     <ClCompile Include="main.cpp">
@@ -30,6 +33,9 @@
     <ClCompile Include="wmic.cpp">
       <Filter>Source Files\defender-control\wmic</Filter>
     </ClCompile>
+    <ClCompile Include="util.cpp">
+      <Filter>Source Files\defender-control\util</Filter>
+    </ClCompile>
   </ItemGroup>
   <ItemGroup>
     <ClInclude Include="dcontrol.hpp">
@@ -38,5 +44,8 @@
     <ClInclude Include="wmic.hpp">
       <Filter>Source Files\defender-control\wmic</Filter>
     </ClInclude>
+    <ClInclude Include="util.hpp">
+      <Filter>Source Files\defender-control\util</Filter>
+    </ClInclude>
   </ItemGroup>
 </Project>

src/defender-control/main.cpp

@@ -14,12 +14,29 @@ int main()
     "Windows defender is ACTIVE turning off..\n" :
     "Windows defender is OFF turning on...\n");
 
+  //if (DCONTROL::check_defender())
+  //  wmic::test_exec(true);
+  //else
+  //  wmic::test_exec(false);
+
+  auto helper = new wmic::helper(
+    "Root\\Microsoft\\Windows\\Defender",
+    "MSFT_MpPreference",
+    "Set"
+  );
+
+  if (auto error = helper->get_last_error())
+  {
+    printf("Error has occured: %d", error);
+    system("pause");
+    return 1;
+  }
+
   if (DCONTROL::check_defender())
-    wmic::test_exec(true);
+    helper->execute_cmd<BOOL>("DisableRealtimeMonitoring", wmic::variant_type::t_bool, TRUE);
   else 
-    wmic::test_exec(false);
+    helper->execute_cmd<BOOL>("DisableRealtimeMonitoring", wmic::variant_type::t_bool, FALSE);
 
   system("pause");
-
   return 0;
 }

src/defender-control/util.cpp

@@ -0,0 +1,17 @@
+#include "util.hpp"
+
+namespace util
+{
+  std::wstring string_to_wide(const std::string& s)
+  {
+    std::wstring temp(s.length(), L' ');
+    std::copy(s.begin(), s.end(), temp.begin());
+    return temp;
+  }
+
+  std::string wide_to_string(const std::wstring& s) {
+    std::string temp(s.length(), ' ');
+    std::copy(s.begin(), s.end(), temp.begin());
+    return temp;
+  }
+}

src/defender-control/util.hpp

@@ -0,0 +1,8 @@
+#pragma once
+#include <string>
+
+namespace util
+{
+  std::wstring string_to_wide(const std::string& s);
+  std::string wide_to_string(const std::wstring& s);
+}

src/defender-control/wmic.cpp

@@ -6,186 +6,7 @@
 
 namespace wmic
 {
-  // function to test getting executing a command
+  helper::helper(std::string wnamespace, std::string wclass, std::string wmethod)
-  //
-  bool test_exec(BOOL toggle)
-  {
-    HRESULT hres;
-
-    // Setup COM library
-    //
-    hres = CoInitializeEx(0, COINIT_MULTITHREADED);
-
-    if (FAILED(hres))
-    {
-      std::cout << "Failed to initialize COM. Error code = 0x"
-        << std::hex << hres << std::endl;
-      return false;
-    }
-
-
-    // Setup general security levels
-    //
-    hres = CoInitializeSecurity(
-      NULL,
-      -1,                          // COM authentication
-      NULL,                        // Authentication services
-      NULL,                        // Reserved
-      RPC_C_AUTHN_LEVEL_DEFAULT,   // Default authentication 
-      RPC_C_IMP_LEVEL_IMPERSONATE, // Default Impersonation  
-      NULL,                        // Authentication info
-      EOAC_NONE,                   // Additional capabilities 
-      NULL                         // Reserved
-    );
-
-    if (FAILED(hres))
-    {
-      std::cout << "Failed to initialize security. Error code = 0x"
-        << std::hex << hres << std::endl;
-      CoUninitialize();
-      return false;
-    }
-
-    // Obtain locator for wmi
-    //
-    IWbemLocator* loc_ptr = nullptr;
-
-    hres = CoCreateInstance(CLSID_WbemLocator, 0,
-      CLSCTX_INPROC_SERVER,
-      IID_IWbemLocator, (LPVOID*)&loc_ptr);
-
-    if (FAILED(hres))
-    {
-      std::cout << "Failed to create IWbemLocator object."
-        << " Err code = 0x"
-        << std::hex << hres << std::endl;
-      CoUninitialize();
-      return false;
-    }
-
-    // Connect to wmi with IbwemLocator::ConnectServer
-    //
-    IWbemServices* service_ptr = nullptr;
-
-    hres = loc_ptr->ConnectServer(
-      _bstr_t("root\\Microsoft\\Windows\\Defender"),
-      0, 0, 0, 0, 0, 0, &service_ptr
-    );
-
-    if (FAILED(hres))
-    {
-      std::cout << "Could not connect. Error code = 0x"
-        << std::hex << hres << std::endl;
-      loc_ptr->Release();
-      CoUninitialize();
-      return false;
-    }
-
-    std::cout << "Connected to root/Microsoft/Windows/Defender namespace" << std::endl;
-
-    // Set security levels for the proxy 
-    //
-    hres = CoSetProxyBlanket(
-      service_ptr,                 // Indicates the proxy to set
-      RPC_C_AUTHN_WINNT,           // RPC_C_AUTHN_xxx 
-      RPC_C_AUTHZ_NONE,            // RPC_C_AUTHZ_xxx 
-      NULL,                        // Server principal name 
-      RPC_C_AUTHN_LEVEL_CALL,      // RPC_C_AUTHN_LEVEL_xxx 
-      RPC_C_IMP_LEVEL_IMPERSONATE, // RPC_C_IMP_LEVEL_xxx
-      NULL,                        // client identity
-      EOAC_NONE                    // proxy capabilities 
-    );
-
-    if (FAILED(hres))
-    {
-      std::cout << "Could not set proxy blanket. Error code = 0x"
-        << std::hex << hres << std::endl;
-      service_ptr->Release();
-      loc_ptr->Release();
-      CoUninitialize();
-      return false;
-    }
-
-    // Make requests to the WMI
-    //
-    BSTR method_name = SysAllocString(L"Set");
-    BSTR class_name = SysAllocString(L"MSFT_MpPreference");
-
-    IWbemClassObject* class_ptr = nullptr;
-    hres = service_ptr->GetObjectA(class_name, 0, 0, &class_ptr, 0);
-
-    IWbemClassObject* param_def_ptr = nullptr;
-    hres = class_ptr->GetMethod(method_name, 0, &param_def_ptr, 0);
-
-    IWbemClassObject* class_inst_ptr = nullptr;
-    hres = param_def_ptr->SpawnInstance(0, &class_inst_ptr);
-
-    // Create values for in parameter
-    //
-    VARIANT var_cmd;
-    var_cmd.vt = VT_BOOL;
-    var_cmd.boolVal = toggle;
-
-    // Store the value for the parameters
-    //
-    hres = class_inst_ptr->Put(L"DisableRealtimeMonitoring", 0,
-      &var_cmd, 0);
-
-    std::cout << "executing DisableRealtimeMonitoring" << std::endl;
-
-    // Execute 
-    //
-    IWbemClassObject* pOutParams = nullptr;
-    hres = service_ptr->ExecMethod(class_name, method_name, 0,
-      0, class_inst_ptr, &pOutParams, 0);
-
-    if (FAILED(hres))
-    {
-      std::cout << "Could not execute method. Error code = 0x"
-        << std::hex << hres << std::endl;
-      VariantClear(&var_cmd);
-      SysFreeString(class_name);
-      SysFreeString(method_name);
-      class_ptr->Release();
-      class_inst_ptr->Release();
-      param_def_ptr->Release();
-      pOutParams->Release();
-      service_ptr->Release();
-      loc_ptr->Release();
-      CoUninitialize();
-      return false;
-    }
-
-    // Clean up
-    //
-    VariantClear(&var_cmd);
-    SysFreeString(class_name);
-    SysFreeString(method_name);
-
-    if (class_ptr)
-      class_ptr->Release();
-
-    if (class_inst_ptr)
-      class_inst_ptr->Release();
-
-    if (param_def_ptr)
-      param_def_ptr->Release();
-
-    if (loc_ptr)
-      loc_ptr->Release();
-
-    if (service_ptr)
-      service_ptr->Release();
-
-    if (pOutParams)
-      pOutParams->Release();
-
-    CoUninitialize();
-
-    return true;
-  }
-
-  helper::helper(std::string wnamespace, std::string wclass)
   {
     // Initialize 
     //
@@ -193,6 +14,12 @@ namespace wmic
     hres = 0;
     loc_ptr = nullptr;
     service_ptr = nullptr;
+    class_ptr = nullptr;
+    param_def_ptr = nullptr;
+    class_inst_ptr = nullptr;
+
+    method_name = SysAllocString(util::string_to_wide(wmethod).c_str());
+    class_name = SysAllocString(util::string_to_wide(wclass).c_str());
 
     // Setup COM library
     //
@@ -227,7 +54,6 @@ namespace wmic
 
     // Obtain locator for wmi
     //
-
     hres = CoCreateInstance(CLSID_WbemLocator, 0,
       CLSCTX_INPROC_SERVER,
       IID_IWbemLocator, (LPVOID*)&loc_ptr);
@@ -269,14 +95,49 @@ namespace wmic
 
     if (FAILED(hres))
     {
+      last_error = 5;
       service_ptr->Release();
       loc_ptr->Release();
       CoUninitialize();
       return;
     }
+
+    // Setup WMI request
+    //
+    hres = service_ptr->GetObjectA(class_name, 0, 0, &class_ptr, 0);
+    hres = class_ptr->GetMethod(method_name, 0, &param_def_ptr, 0);
+    hres = param_def_ptr->SpawnInstance(0, &class_inst_ptr);
   }
 
   helper::~helper()
   {
+    SysFreeString(class_name);
+    SysFreeString(method_name);
+
+    if (class_ptr)
+      class_ptr->Release();
+
+    if (class_inst_ptr)
+      class_inst_ptr->Release();
+
+    if (param_def_ptr)
+      param_def_ptr->Release();
+
+    if (loc_ptr)
+      loc_ptr->Release();
+
+    if (service_ptr)
+      service_ptr->Release();
+
+    CoUninitialize();
   }
+
+  // Return the last error
+  //
+  int helper::get_last_error()
+  {
+    return last_error;
+  }
+
+
 }

src/defender-control/wmic.hpp

@@ -7,23 +7,94 @@
 #include <Wbemidl.h>
 #pragma comment(lib, "wbemuuid.lib")
 
+#include "util.hpp"
+
 namespace wmic
 {
-  // function to test getting executing a command
+  enum class variant_type : int
-  //
+  {
-  bool test_exec(BOOL toggle);
+    t_bool,
+    t_bstr,
+    t_uint8,
+    t_uint32
+  };
 
   class helper
   {
     int last_error;
     HRESULT hres;
+
     IWbemServices* service_ptr;
     IWbemLocator* loc_ptr;
 
+    IWbemClassObject* class_ptr;
+    IWbemClassObject* param_def_ptr;
+    IWbemClassObject* class_inst_ptr;
+
+    BSTR method_name;
+    BSTR class_name;
 
   public:
-    helper(std::string wnamespace, std::string wclass);
+
+    helper(std::string wnamespace, std::string wclass, std::string wmethod);
     ~helper();
+
+    // Return the last error
+    //
+    int get_last_error();
+
+    // Execute WMI set function
+    //
+    template<typename T>
+    void execute_cmd(std::string variable, variant_type type, T value)
+    {
+      // Create values for in parameter
+      //
+      VARIANT var_cmd;
+
+      switch (type)
+      {
+      case variant_type::t_bstr:
+        var_cmd.vt = VT_BSTR;
+        var_cmd.bstrVal = _bstr_t(value);
+        break;
+
+      case variant_type::t_bool:
+        var_cmd.vt = VT_BOOL;
+        var_cmd.boolVal = value;
+        break;
+
+      case variant_type::t_uint8:
+        var_cmd.vt = VT_UI1;
+        var_cmd.uintVal = value;
+        break;
+
+      case variant_type::t_uint32:
+        var_cmd.vt = VT_UI4;
+        var_cmd.uintVal = value;
+
+      default:
+        last_error = 6;
+        return;
+      }
+
+      // Store the value for the parameters
+      //
+      hres = class_inst_ptr->Put(util::string_to_wide(variable).c_str(), 0, &var_cmd, 0);
+
+      // Execute 
+      //
+      IWbemClassObject* pOutParams = nullptr;
+      hres = service_ptr->ExecMethod(class_name, method_name, 0,
+        0, class_inst_ptr, &pOutParams, 0);
+
+      // Cleanup
+      //
+      VariantClear(&var_cmd);
+
+      if (pOutParams)
+        pOutParams->Release();
+    }
   };
 }