TechQA.

Using Wildcard with WMIC Version Query

1.2k views Asked by At

I am an InfoSec admin with an okay amount of PowerShell experience. I'll keep it short and sweet:

([WMI] "\\$comp\root\CIMV2:CIM_DataFile.Name='$path'").Version)

I use this for calling file versions instead of using get-item VersionInfo.ProductVersion, since this does not always return an accurate value. It works well. However, when $path is equal to something like this:

C:\Windows\System32\Macromed\Flash\Flash*.ocx

The query doesn't work because the file is not found. I imagine this is due to the single quotes around the variable ignoring the wildcard.

I will admit that I did find a work around to my problem here (the answer posted by JPBlanc):

Powershell get-item VersionInfo.ProductVersion incorrect / different than WMI

However, I want to know if it is possible for me to use a wildcard with my existing script.

powershell wmi-query wmic
Original Q&A
2

There are 2 answers

1
alroc On BEST ANSWER

You can't pass a wildcard directly, but you can query the filesystem with that wildcard and then loop through the results. In both cases here, I'm assuming that you're doing this remotely.

$FlashFiles = invoke-command -computername $comp {Get-ChildItem C:\Windows\System32\Macromed\Flash\Flash*.ocx;};
foreach ($File in $FlashFiles) {
    write-output "$($File.Fullname): $(([WMI] "\\$comp\root\CIMV2:CIM_DataFile.Name='$($File.FullName)'").Version)"
}

Or do it with a single pipeline:

invoke-command -computername $comp {Get-ChildItem C:\Windows\System32\Macromed\Flash\Flash*.ocx||foreach-object {write-output "$($_.Fullname): $(([WMI] "\\$comp\root\CIMV2:CIM_DataFile.Name='$($_.FullName)'").Version)"};

You can make the latter even faster by running the WMI query local to the remote computer (you could do it with the first too, but it's not as pretty)

invoke-command -computername $comp {Get-ChildItem C:\Windows\System32\Macromed\Flash\Flash*.ocx|foreach-object {write-output "$($_.Fullname): $(([WMI] "\\.\root\CIMV2:CIM_DataFile.Name='$($_.FullName)'").Version)"}};
0
Bacon Bits On

The Name property of a CIM_DataFile can't contain wildcards. I don't believe any of them can.

However, you can specify the Drive, Path, and Extension to get a list:

Get-WmiObject -ComputerName $comp -Class CIM_DataFile -Filter "Drive='C:' AND Path='\\Windows\\System32\\Macromed\\Flash\\' AND Extension='ocx'"

The syntax of Path is a bit flaky. You need the trailing backslashes, for example.

You can also pipe to Where-Object for further filtering:

Get-WmiObject -ComputerName $comp -Class CIM_DataFile -Filter "Drive='C:' AND Path='\\Windows\\System32\\Macromed\\Flash\\' AND Extension='ocx'" |`
Where-Object { $_.FileName -like 'Flash*' } |`
ForEach-Object { $_.Name; $_.Version }

Related Questions in POWERSHELL

Related Questions in WMI-QUERY

Related Questions in WMIC

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions