WMIC: the best command line tool you’ve never used
Some people say command line tools are obsolete, out of date, no longer necessary when you can “point and click”, instead.
But the reality is very different. Every version of Windows sees the command line given new powers and abilities, and if you don’t explore these then you really are missing out.
Take the WMIC command, for instance. It has astonishing scope and a huge set of features: the program can return useful information about your system, control running programs, and generally manage just about every aspect of your PC, all from the command line or a convenient shortcut.
How might this work? Let’s suppose you need to know the model of motherboard used in your PC. You could poke around in a system information program, but it’s easier to open a command window (elevated, on Windows Vista or 7 – click Start, type CMD, right-click the link to cmd.exe and select Run As Administrator) and enter the command
wmic baseboard get product,manufacturer
WMIC will then give you the answer right away.
Or maybe you’re wondering if your BIOS needs an update. How old is it, anyway? Restart your PC and one of the boot-time messages might give you a date, but again it’s easier to enter something like
wmic bios get name
and let WMIC tell you more.
The program can also provide details on many other aspects of your system. Commands like
wmic product list brief
wmic service list brief
wmic process list brief
wmic startup list brief
will list your installed software, services, running processes and Windows startup programs, for instance.
wmic service get /format:hform > c:\folder\services.html
and WMIC will create a formatted HTML page detailing your running services (replace “C:\folder” with an appropriate path for your system). If you have PC problems a few months later you can then look back at this record and see what’s changed.
WMIC isn’t just about reporting on system information, though. Use the appropriate CALL command and it can also carry out a variety of useful maintenance tasks.
Do you regularly have to uninstall and reinstall particular programs, for instance? Doing this manually via Control Panel is tedious, but WMIC can automatically uninstall many applications with a single command. To see how, enter
wmic product get name
and look for the name of the program you’d like to remove. Then enter the name as it appears in that list, in a second command, like this
wmic product where name=”windows live writer” call uninstall
And your specified program will be uninstalled automatically, without you even seeing the uninstall program. (Which is convenient, but also risky as there probably will be no chance to cancel your action – so use this with extreme care.)
WMIC can, say, also close all the instances of a particular program. So if you want to shut down all Internet Explorer windows, for instance, then the command
wmic process where name=”iexplore.exe” call terminate
would do the trick, closing every instance immediately. (Though again, beware, programs closed in this way probably won’t prompt you to save files you’re working on, so use the command carelessly and data may be lost.)
Or maybe you’d prefer to optimise your system by setting your process CPU priorities? WMIC can handle that, too. Entering
wmic process where name=”notepad.exe” call setpriority 64
will set every running Notepad process to the Idle priority, for instance (see MSDN for the numbers to use to set other priorities).
And this is still barely scratching the surface. WMIC can also give you useful information about your PCs user accounts, change the Start mode of particular services, retrieve useful information from your event logs, change a static IP address, reboot or shut down a PC, and a whole lot more.
And best of all, you can even apply the commands to a remote system by applying the NODE switch and a network name, like
wmic /node:steve-pc service list brief
There’s a huge amount of power on offer here, then. See the Tech-Wreck InfoSec Blog for more great WMIC examples, then open a command window and try a few for yourself.