From 63accde4f863979f64cfb3438b0680076772ff9f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christoph=20Kr=C3=A4mer?= Date: Mon, 9 Jan 2023 14:51:35 +0100 Subject: [PATCH] Add: documentation for NASL WMI functions (#1276) --- .../built-in-functions/wmi-functions/index.md | 13 +++ .../wmi-functions/wmi_close.md | 29 +++++++ .../wmi-functions/wmi_connect.md | 85 +++++++++++++++++++ .../wmi-functions/wmi_connect_reg.md | 85 +++++++++++++++++++ .../wmi-functions/wmi_connect_rsop.md | 85 +++++++++++++++++++ .../wmi-functions/wmi_query.md | 32 +++++++ .../wmi-functions/wmi_query_rsop.md | 35 ++++++++ .../wmi-functions/wmi_reg_create_key.md | 27 ++++++ .../wmi-functions/wmi_reg_delete_key.md | 27 ++++++ .../wmi-functions/wmi_reg_enum_key.md | 35 ++++++++ .../wmi-functions/wmi_reg_enum_value.md | 35 ++++++++ .../wmi-functions/wmi_reg_get_bin_val.md | 53 ++++++++++++ .../wmi-functions/wmi_reg_get_dword_val.md | 53 ++++++++++++ .../wmi_reg_get_ex_string_val.md | 53 ++++++++++++ .../wmi_reg_get_mul_string_val.md | 53 ++++++++++++ .../wmi-functions/wmi_reg_get_qword_val.md | 53 ++++++++++++ .../wmi-functions/wmi_reg_get_sz.md | 53 ++++++++++++ .../wmi-functions/wmi_reg_set_dword_val.md | 53 ++++++++++++ .../wmi_reg_set_ex_string_val.md | 53 ++++++++++++ .../wmi-functions/wmi_reg_set_qword_val.md | 53 ++++++++++++ .../wmi-functions/wmi_reg_set_string_val.md | 53 ++++++++++++ .../wmi-functions/wmi_versioninfo.md | 19 +++++ 22 files changed, 1037 insertions(+) create mode 100644 doc/manual/nasl/built-in-functions/wmi-functions/index.md create mode 100644 doc/manual/nasl/built-in-functions/wmi-functions/wmi_close.md create mode 100644 doc/manual/nasl/built-in-functions/wmi-functions/wmi_connect.md create mode 100644 doc/manual/nasl/built-in-functions/wmi-functions/wmi_connect_reg.md create mode 100644 doc/manual/nasl/built-in-functions/wmi-functions/wmi_connect_rsop.md create mode 100644 doc/manual/nasl/built-in-functions/wmi-functions/wmi_query.md create mode 100644 doc/manual/nasl/built-in-functions/wmi-functions/wmi_query_rsop.md create mode 100644 doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_create_key.md create mode 100644 doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_delete_key.md create mode 100644 doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_enum_key.md create mode 100644 doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_enum_value.md create mode 100644 doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_bin_val.md create mode 100644 doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_dword_val.md create mode 100644 doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_ex_string_val.md create mode 100644 doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_mul_string_val.md create mode 100644 doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_qword_val.md create mode 100644 doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_sz.md create mode 100644 doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_set_dword_val.md create mode 100644 doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_set_ex_string_val.md create mode 100644 doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_set_qword_val.md create mode 100644 doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_set_string_val.md create mode 100644 doc/manual/nasl/built-in-functions/wmi-functions/wmi_versioninfo.md diff --git a/doc/manual/nasl/built-in-functions/wmi-functions/index.md b/doc/manual/nasl/built-in-functions/wmi-functions/index.md new file mode 100644 index 000000000..6b83a1305 --- /dev/null +++ b/doc/manual/nasl/built-in-functions/wmi-functions/index.md @@ -0,0 +1,13 @@ +# WMI Functions + +## GENERAL + +Provides WMI (Windows Management Instrumentation) functionalities via calling functions of a appropriate library. +The API offers three groups of functions: +1. WMI_FUNCTIONS: run all-purpose queries +2. WMI_RSOP_FUNCTIONS (RSoP = Resultant Set of Policy): run RSoP queries +3. WMI_REGISTRY_FUNCTIONS: read and write values from/to the registry + +In order to be able to use the WMI functions, **[openvas-smb](https://github.com/greenbone/openvas-smb)** has to be installed before. + +## TOC diff --git a/doc/manual/nasl/built-in-functions/wmi-functions/wmi_close.md b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_close.md new file mode 100644 index 000000000..d8b3956c0 --- /dev/null +++ b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_close.md @@ -0,0 +1,29 @@ +# wmi_close + +## NAME + +**wmi_close** - closes an opened WMI handle + +## SYNOPSIS + +*bool* **wmi_close**(wmi_handle: *int*); + +**wmi_close** takes one named argument + +## DESCRIPTION + +This function closes a before opened WMI handle. A WMI handle can be opened with **[wmi_connect(3)](wmi_connect.md)**. + +The named *wmi_handle* argument is a *int* containing a representation of a WMI handle. + +## RETURN VALUE + +*TRUE* on success, *NULL* on failure or error. + +## ERRORS + +The named argument *wmi_handle* is missing or 0. + +## SEE ALSO + +**[wmi_connect(3)](wmi_connect.md)** diff --git a/doc/manual/nasl/built-in-functions/wmi-functions/wmi_connect.md b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_connect.md new file mode 100644 index 000000000..dbfba3491 --- /dev/null +++ b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_connect.md @@ -0,0 +1,85 @@ +# wmi_connect + +## NAME + +**wmi_connect** - Connect to a WMI service on the current target system + +## SYNOPSIS + +*int* **wmi_connect**(username: *string*, password: *string*, ns: *string*, option: *string*); +*int* **wmi_connect_rsop**(username: *string*, password: *string*, option: *string*); +*int* **wmi_connect_reg**(username: *string*, password: *string*, option: *string*); + +## DESCRIPTION + +**wmi_connect** connects to a WMI service on the current target system into a specified namespace. + +**wmi_connect_rsop** connects to a WMI service on the current target system into the RSOP namespace. + +**wmi_connect_reg** connects to a WMI service on the current target system into the registry namespace. + +A WMI handler is returned, which is used to run commands on the target system. A opened handler must be closed by calling **[wmi_close(3)](wmi_close.md)**. + +The named argument *username* contains the user login. + +The named argument *password* contains the password. + +The optional named argument *ns* contains the namespace to use. The default namespace is *root\\cimv2*. + +The optional named argument *option* is a *string* containing options for the WMI connection. The option must be given in the format "\[opt1, opt2, ...\]". here a list of all options: +- sign: Use RPC integrity authentication level +- seal: Enable RPC privacy (encryption) authentication level +- connect: Use RPC connect level authentication (auth, but no sign or seal) +- spnego: Use SPNEGO instead of NTLMSSP authentication +- ntlm: Use plain NTLM instead of SPNEGO or NTLMSSP +- krb5: Use Kerberos instead of NTLMSSP authentication +- validate: Enable the NDR validator +- print: Enable debug output of packets +- padcheck: Check reply data for non-zero pad bytes +- bigendian: Use big endian for RPC +- smb2: Use SMB2/3 for named pipes + +## RETURN VALUE + +An *int* representing the WMI handle or *NULL* on error. + +## ERRORS + +One of the named arguments *username* or *password* are missing or empty. + +Unable to get IP of target system. + +WMI connection failed or missing WMI support. + +## EXAMPLE +1. Integrated example of an : +```c# +usrname = get_kb_item( "SMB/login" ); +passwd = get_kb_item( "SMB/password" ); + +if(!usrname || !passwd) exit( 0 ); + +domain = get_kb_item( "SMB/domain" ); +if( domain ) usrname = domain + '\\' + usrname; + +opts = "[sign]"; +handle = wmi_connect(username:usrname, password:passwd, options:opts); + +if( ! handle ) exit( 0 ); + +a = wmi_query( wmi_handle:handle, query:"select * from Win32_ComputerSystem"); +display (a); + +wmi_close( wmi_handle:handle ); + +set_kb_item( name:"WMI/access_successful", value:TRUE ); +set_kb_item( name:"SMB_or_WMI/access_successful", value:TRUE ); +``` + +## NOTE + +In order to be able to use the WMI client of the openvas-scanner, **[openvas-smb](https://github.com/greenbone/openvas-smb)** has to be installed. + +## SEE ALSO + +**[wmi_close(3)](wmi_close.md)** diff --git a/doc/manual/nasl/built-in-functions/wmi-functions/wmi_connect_reg.md b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_connect_reg.md new file mode 100644 index 000000000..79c64e5be --- /dev/null +++ b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_connect_reg.md @@ -0,0 +1,85 @@ +# wmi_connect_reg + +## NAME + +**wmi_connect_reg** - Connect to a WMI service on the current target system to the registry namespace + +## SYNOPSIS + +*int* **wmi_connect**(username: *string*, password: *string*, ns: *string*, option: *string*); +*int* **wmi_connect_rsop**(username: *string*, password: *string*, option: *string*); +*int* **wmi_connect_reg**(username: *string*, password: *string*, option: *string*); + +## DESCRIPTION + +**wmi_connect** connects to a WMI service on the current target system into a specified namespace. + +**wmi_connect_rsop** connects to a WMI service on the current target system into the RSOP namespace. + +**wmi_connect_reg** connects to a WMI service on the current target system into the registry namespace. + +A WMI handler is returned, which is used to run commands on the target system. A opened handler must be closed by calling **[wmi_close(3)](wmi_close.md)**. + +The named argument *username* contains the user login. + +The named argument *password* contains the password. + +The optional named argument *ns* contains the namespace to use. The default namespace is *root\\cimv2*. + +The optional named argument *option* is a *string* containing options for the WMI connection. The option must be given in the format "\[opt1, opt2, ...\]". here a list of all options: +- sign: Use RPC integrity authentication level +- seal: Enable RPC privacy (encryption) authentication level +- connect: Use RPC connect level authentication (auth, but no sign or seal) +- spnego: Use SPNEGO instead of NTLMSSP authentication +- ntlm: Use plain NTLM instead of SPNEGO or NTLMSSP +- krb5: Use Kerberos instead of NTLMSSP authentication +- validate: Enable the NDR validator +- print: Enable debug output of packets +- padcheck: Check reply data for non-zero pad bytes +- bigendian: Use big endian for RPC +- smb2: Use SMB2/3 for named pipes + +## RETURN VALUE + +An *int* representing the WMI handle or *NULL* on error. + +## ERRORS + +One of the named arguments *username* or *password* are missing or empty. + +Unable to get IP of target system. + +WMI connection failed or missing WMI support. + +## EXAMPLE +1. Integrated example of an : +```c# +usrname = get_kb_item( "SMB/login" ); +passwd = get_kb_item( "SMB/password" ); + +if(!usrname || !passwd) exit( 0 ); + +domain = get_kb_item( "SMB/domain" ); +if( domain ) usrname = domain + '\\' + usrname; + +opts = "[sign]"; +handle = wmi_connect(username:usrname, password:passwd, options:opts); + +if( ! handle ) exit( 0 ); + +a = wmi_query( wmi_handle:handle, query:"select * from Win32_ComputerSystem"); +display (a); + +wmi_close( wmi_handle:handle ); + +set_kb_item( name:"WMI/access_successful", value:TRUE ); +set_kb_item( name:"SMB_or_WMI/access_successful", value:TRUE ); +``` + +## NOTE + +In order to be able to use the WMI client of the openvas-scanner, **[openvas-smb](https://github.com/greenbone/openvas-smb)** has to be installed. + +## SEE ALSO + +**[wmi_close(3)](wmi_close.md)** diff --git a/doc/manual/nasl/built-in-functions/wmi-functions/wmi_connect_rsop.md b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_connect_rsop.md new file mode 100644 index 000000000..04b2c9b8c --- /dev/null +++ b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_connect_rsop.md @@ -0,0 +1,85 @@ +# wmi_connect_rsop + +## NAME + +**wmi_connect_rsop** - Connect to a WMI service on the current target system to the RSoP namespace + +## SYNOPSIS + +*int* **wmi_connect**(username: *string*, password: *string*, ns: *string*, option: *string*); +*int* **wmi_connect_rsop**(username: *string*, password: *string*, option: *string*); +*int* **wmi_connect_reg**(username: *string*, password: *string*, option: *string*); + +## DESCRIPTION + +**wmi_connect** connects to a WMI service on the current target system into a specified namespace. + +**wmi_connect_rsop** connects to a WMI service on the current target system into the RSoP namespace. + +**wmi_connect_reg** connects to a WMI service on the current target system into the registry namespace. + +A WMI handler is returned, which is used to run commands on the target system. A opened handler must be closed by calling **[wmi_close(3)](wmi_close.md)**. + +The named argument *username* contains the user login. + +The named argument *password* contains the password. + +The optional named argument *ns* contains the namespace to use. The default namespace is *root\\cimv2*. + +The optional named argument *option* is a *string* containing options for the WMI connection. The option must be given in the format "\[opt1, opt2, ...\]". here a list of all options: +- sign: Use RPC integrity authentication level +- seal: Enable RPC privacy (encryption) authentication level +- connect: Use RPC connect level authentication (auth, but no sign or seal) +- spnego: Use SPNEGO instead of NTLMSSP authentication +- ntlm: Use plain NTLM instead of SPNEGO or NTLMSSP +- krb5: Use Kerberos instead of NTLMSSP authentication +- validate: Enable the NDR validator +- print: Enable debug output of packets +- padcheck: Check reply data for non-zero pad bytes +- bigendian: Use big endian for RPC +- smb2: Use SMB2/3 for named pipes + +## RETURN VALUE + +An *int* representing the WMI handle or *NULL* on error. + +## ERRORS + +One of the named arguments *username* or *password* are missing or empty. + +Unable to get IP of target system. + +WMI connection failed or missing WMI support. + +## EXAMPLE +1. Integrated example of an : +```c# +usrname = get_kb_item( "SMB/login" ); +passwd = get_kb_item( "SMB/password" ); + +if(!usrname || !passwd) exit( 0 ); + +domain = get_kb_item( "SMB/domain" ); +if( domain ) usrname = domain + '\\' + usrname; + +opts = "[sign]"; +handle = wmi_connect(username:usrname, password:passwd, options:opts); + +if( ! handle ) exit( 0 ); + +a = wmi_query( wmi_handle:handle, query:"select * from Win32_ComputerSystem"); +display (a); + +wmi_close( wmi_handle:handle ); + +set_kb_item( name:"WMI/access_successful", value:TRUE ); +set_kb_item( name:"SMB_or_WMI/access_successful", value:TRUE ); +``` + +## NOTE + +In order to be able to use the WMI client of the openvas-scanner, **[openvas-smb](https://github.com/greenbone/openvas-smb)** has to be installed. + +## SEE ALSO + +**[wmi_close(3)](wmi_close.md)** diff --git a/doc/manual/nasl/built-in-functions/wmi-functions/wmi_query.md b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_query.md new file mode 100644 index 000000000..2aea233d2 --- /dev/null +++ b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_query.md @@ -0,0 +1,32 @@ +# wmi_query + +## NAME + +**wmi_query** - perform a WQL query + +## SYNOPSIS + +*string* **wmi_query**(wmi_handle: *int*, query: *string*); +*string* **wmi_query_rsop**(wmi_handle: *int*, query: *string*); + +## DESCRIPTION + +This function takes a wmi handle and performs a WQL query on it. WQL is the WMI Query Language. + +The named argument *wmi_handle* is an *int* representing a connection to a WMI server. This connection can be opened with on of the **[wmi_connect(3)](wmi_connect.md)** functions. + +The named argument *query* is a *string* containing the query to perform. + +## RETURN VALUE + +The result of the query as *string*, *NULL* on error. + +## ERRORS + +The named argument *wmi_handle* is missing + +Unable to run query + +## SEE ALSO + +**[wmi_connect(3)](wmi_connect.md)** diff --git a/doc/manual/nasl/built-in-functions/wmi-functions/wmi_query_rsop.md b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_query_rsop.md new file mode 100644 index 000000000..e8737aac8 --- /dev/null +++ b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_query_rsop.md @@ -0,0 +1,35 @@ +# wmi_query + +## NAME + +**wmi_query_rsop** - perform a WQL RSoP query + +## SYNOPSIS + +*string* **wmi_query**(wmi_handle: *int*, query: *string*); +*string* **wmi_query_rsop**(wmi_handle: *int*, query: *string*); + + +## DESCRIPTION + +**wmi_query** performs a WQL query on a WMI connection. WQL is the WMI Query Language. + +**wmi_query_rsop** performs a WQL RSoP query on a WMI connection. + +The named argument *wmi_handle* is an *int* representing a connection to a WMI server. This connection can be opened with on of the **[wmi_connect(3)](wmi_connect.md)** functions. + +The named argument *query* is a *string* containing the query to perform. + +## RETURN VALUE + +The result of the query as *string*, *NULL* on error. + +## ERRORS + +The named argument *wmi_handle* is missing + +Unable to run query + +## SEE ALSO + +**[wmi_connect(3)](wmi_connect.md)** diff --git a/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_create_key.md b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_create_key.md new file mode 100644 index 000000000..4da5e6970 --- /dev/null +++ b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_create_key.md @@ -0,0 +1,27 @@ +# wmi_reg_create_key + +## NAME + +**wmi_reg_create_key** - create registry key + +## SYNOPSIS + +*bool* **wmi_reg_create_key**(wmi_handle: *int*, key: *string*); + +**wmi_reg_create_key** takes two named arguments. + +## DESCRIPTION + +This functions creates a new key in the registry. + +The named argument *wmi_handle* is an *int* representing a connection to a WMI server. This connection can be opened with on of the **[wmi_connect(3)](wmi_connect.md)** functions. + +The named argument *key* is a *string* containing the new key to create. + +## RETURN VALUE + +*TRUE* on success, *FALSE* on failure + +## SEE ALSO + +**[wmi_connect(3)](wmi_connect.md)** diff --git a/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_delete_key.md b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_delete_key.md new file mode 100644 index 000000000..b71cc737e --- /dev/null +++ b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_delete_key.md @@ -0,0 +1,27 @@ +# wmi_reg_delete_key + +## NAME + +**wmi_reg_delete_key** - delete a key in the registry + +## SYNOPSIS + +*bool* **wmi_reg_delete_key**(wmi_handle: *int*, key: *string*); + +**wmi_reg_delete_key** takes 2 named arguments. + +## DESCRIPTION + +This function deletes a key in the registry. + +The named argument *wmi_handle* is an *int* representing a connection to a WMI server. This connection can be opened with on of the **[wmi_connect(3)](wmi_connect.md)** functions. + +The named argument *key* is a *string* containing the key to delete. + +## RETURN VALUE + +*TRUE* und success, *FALSE* on failure. + +## SEE ALSO + +**[wmi_connect(3)](wmi_connect.md)** diff --git a/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_enum_key.md b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_enum_key.md new file mode 100644 index 000000000..6118ec15b --- /dev/null +++ b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_enum_key.md @@ -0,0 +1,35 @@ +# wmi_reg_enum_key + +## NAME + +**wmi_reg_enum_key** - enumerate registry keys + +## SYNOPSIS + +*string* **wmi_reg_enum_key**(wmi_handle: *int*, hive: *int*, key: *string*); + +**wmi_reg_enum_key** takes up to 3 positional arguments. + +## DESCRIPTION + +This function enumerates the registry keys. + +The named argument *wmi_handle* is an *int* representing a connection to a WMI server. This connection can be opened with on of the **[wmi_connect(3)](wmi_connect.md)** functions. + +The optional named argument *hive* is of type *int* and defines which registry hive is used. By default *HKEY_LOCALE_MACHINE* (*2147483650*) is used. + +The named argument *key* is a *string* containing the registry key. This is the location of the keys to enumerate. + +## RETURN VALUE + +A *string* containing all keys. + +## ERRORS + +Missing or invalid *wmi_handle* argument. + +Unable to run WMi query. + +## SEE ALSO + +**[wmi_connect(3)](wmi_connect.md)** diff --git a/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_enum_value.md b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_enum_value.md new file mode 100644 index 000000000..9bcd22758 --- /dev/null +++ b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_enum_value.md @@ -0,0 +1,35 @@ +# wmi_reg_enum_value + +## NAME + +**wmi_reg_enum_value** - enumerate registry values + +## SYNOPSIS + +*string* **wmi_reg_enum_value**(wmi_handle: *int*, hive: *int*, key: *string*); + +**wmi_reg_enum_value** takes up to 3 positional arguments. + +## DESCRIPTION + +This function enumerates the registry values. + +The named argument *wmi_handle* is an *int* representing a connection to a WMI server. This connection can be opened with on of the **[wmi_connect(3)](wmi_connect.md)** functions. + +The optional named argument *hive* is of type *int* and defines which registry hive is used. By default *HKEY_LOCALE_MACHINE* (*2147483650*) is used. + +The named argument *key* is a *string* containing the registry key. This is the location of the values to enumerate. + +## RETURN VALUE + +A *string* containing all values. + +## ERRORS + +Missing or invalid *wmi_handle* argument. + +Unable to run WMi query. + +## SEE ALSO + +**[wmi_connect(3)](wmi_connect.md)** diff --git a/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_bin_val.md b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_bin_val.md new file mode 100644 index 000000000..5413ccf9f --- /dev/null +++ b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_bin_val.md @@ -0,0 +1,53 @@ +# wmi_reg_get_bin_val + +## NAME + +**wmi_reg_get_bin_val** - get registry binary value + +## SYNOPSIS + +*string* **wmi_reg_get_bin_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_dword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_ex_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_mul_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_qword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_sz**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_dword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_ex_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_qword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_string**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); + + +## DESCRIPTION + +All function described here get or set different values in the registry: +- bin: binary data in any form. +- dword: a 32-bit number +- qword: a 64-bit number +- ex_string: a null-terminated string that contains unexpanded references to environment variables (for example, "%PATH%") +- mul_string: a sequence of null-terminated strings, terminated by an empty string (\0). The following is an example: String1\0String2\0String3\0LastString\0\0 The first \0 terminates the first string, the second to the last \0 terminates the last string, and the final \0 terminates the sequence. Note that the final terminator must be factored into the length of the string. +- sz/string: a null-terminated string + +The named argument *wmi_handle* is an *int* representing a connection to a WMI server. This connection can be opened with on of the **[wmi_connect(3)](wmi_connect.md)** functions. + +The optional named argument *hive* is of type *int* and defines which registry hive is used. By default *HKEY_LOCALE_MACHINE* (*2147483650*) is used. + +The named argument *key* is a *string* containing the registry key. This is the location of the values to get or set. + +The named argument *val_name* is a *string* containing the name of the value to set or get. + +## RETURN VALUE + +The set functions return a *bool*. *TRUE* on success, *FALSE* on failure or error. + +The get functions return a *string* containing the desired value or *NULL* on failure or error. + +## ERRORS + +Missing or invalid *wmi_handle* argument. + +Unable to run WMi query. + +## SEE ALSO + +**[wmi_connect(3)](wmi_connect.md)** diff --git a/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_dword_val.md b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_dword_val.md new file mode 100644 index 000000000..42ac2245d --- /dev/null +++ b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_dword_val.md @@ -0,0 +1,53 @@ +# wmi_reg_get_dword_val + +## NAME + +**wmi_reg_get_dword_val** - get dword registry value + +## SYNOPSIS + +*string* **wmi_reg_get_bin_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_dword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_ex_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_mul_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_qword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_sz**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_dword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_ex_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_qword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_string**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); + + +## DESCRIPTION + +All function described here get or set different values in the registry: +- bin: binary data in any form. +- dword: a 32-bit number +- qword: a 64-bit number +- ex_string: a null-terminated string that contains unexpanded references to environment variables (for example, "%PATH%") +- mul_string: a sequence of null-terminated strings, terminated by an empty string (\0). The following is an example: String1\0String2\0String3\0LastString\0\0 The first \0 terminates the first string, the second to the last \0 terminates the last string, and the final \0 terminates the sequence. Note that the final terminator must be factored into the length of the string. +- sz/string: a null-terminated string + +The named argument *wmi_handle* is an *int* representing a connection to a WMI server. This connection can be opened with on of the **[wmi_connect(3)](wmi_connect.md)** functions. + +The optional named argument *hive* is of type *int* and defines which registry hive is used. By default *HKEY_LOCALE_MACHINE* (*2147483650*) is used. + +The named argument *key* is a *string* containing the registry key. This is the location of the values to get or set. + +The named argument *val_name* is a *string* containing the name of the value to set or get. + +## RETURN VALUE + +The set functions return a *bool*. *TRUE* on success, *FALSE* on failure or error. + +The get functions return a *string* containing the desired value or *NULL* on failure or error. + +## ERRORS + +Missing or invalid *wmi_handle* argument. + +Unable to run WMi query. + +## SEE ALSO + +**[wmi_connect(3)](wmi_connect.md)** diff --git a/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_ex_string_val.md b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_ex_string_val.md new file mode 100644 index 000000000..ae6ccb51d --- /dev/null +++ b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_ex_string_val.md @@ -0,0 +1,53 @@ +# wmi_reg_get_ex_string_val + +## NAME + +**wmi_reg_get_ex_string_val** - get a ex_string registry value + +## SYNOPSIS + +*string* **wmi_reg_get_bin_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_dword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_ex_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_mul_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_qword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_sz**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_dword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_ex_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_qword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_string**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); + + +## DESCRIPTION + +All function described here get or set different values in the registry: +- bin: binary data in any form. +- dword: a 32-bit number +- qword: a 64-bit number +- ex_string: a null-terminated string that contains unexpanded references to environment variables (for example, "%PATH%") +- mul_string: a sequence of null-terminated strings, terminated by an empty string (\0). The following is an example: String1\0String2\0String3\0LastString\0\0 The first \0 terminates the first string, the second to the last \0 terminates the last string, and the final \0 terminates the sequence. Note that the final terminator must be factored into the length of the string. +- sz/string: a null-terminated string + +The named argument *wmi_handle* is an *int* representing a connection to a WMI server. This connection can be opened with on of the **[wmi_connect(3)](wmi_connect.md)** functions. + +The optional named argument *hive* is of type *int* and defines which registry hive is used. By default *HKEY_LOCALE_MACHINE* (*2147483650*) is used. + +The named argument *key* is a *string* containing the registry key. This is the location of the values to get or set. + +The named argument *val_name* is a *string* containing the name of the value to set or get. + +## RETURN VALUE + +The set functions return a *bool*. *TRUE* on success, *FALSE* on failure or error. + +The get functions return a *string* containing the desired value or *NULL* on failure or error. + +## ERRORS + +Missing or invalid *wmi_handle* argument. + +Unable to run WMi query. + +## SEE ALSO + +**[wmi_connect(3)](wmi_connect.md)** diff --git a/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_mul_string_val.md b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_mul_string_val.md new file mode 100644 index 000000000..ae886ed90 --- /dev/null +++ b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_mul_string_val.md @@ -0,0 +1,53 @@ +# wmi_reg_get_mul_string_val + +## NAME + +**wmi_reg_get_mul_string_val** - get a mult_string registry value + +## SYNOPSIS + +*string* **wmi_reg_get_bin_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_dword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_ex_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_mul_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_qword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_sz**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_dword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_ex_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_qword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_string**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); + + +## DESCRIPTION + +All function described here get or set different values in the registry: +- bin: binary data in any form. +- dword: a 32-bit number +- qword: a 64-bit number +- ex_string: a null-terminated string that contains unexpanded references to environment variables (for example, "%PATH%") +- mul_string: a sequence of null-terminated strings, terminated by an empty string (\0). The following is an example: String1\0String2\0String3\0LastString\0\0 The first \0 terminates the first string, the second to the last \0 terminates the last string, and the final \0 terminates the sequence. Note that the final terminator must be factored into the length of the string. +- sz/string: a null-terminated string + +The named argument *wmi_handle* is an *int* representing a connection to a WMI server. This connection can be opened with on of the **[wmi_connect(3)](wmi_connect.md)** functions. + +The optional named argument *hive* is of type *int* and defines which registry hive is used. By default *HKEY_LOCALE_MACHINE* (*2147483650*) is used. + +The named argument *key* is a *string* containing the registry key. This is the location of the values to get or set. + +The named argument *val_name* is a *string* containing the name of the value to set or get. + +## RETURN VALUE + +The set functions return a *bool*. *TRUE* on success, *FALSE* on failure or error. + +The get functions return a *string* containing the desired value or *NULL* on failure or error. + +## ERRORS + +Missing or invalid *wmi_handle* argument. + +Unable to run WMi query. + +## SEE ALSO + +**[wmi_connect(3)](wmi_connect.md)** diff --git a/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_qword_val.md b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_qword_val.md new file mode 100644 index 000000000..9ebc01c16 --- /dev/null +++ b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_qword_val.md @@ -0,0 +1,53 @@ +# wmi_reg_get_qword_val + +## NAME + +**wmi_reg_get_qword_val** - get a qword registry value + +## SYNOPSIS + +*string* **wmi_reg_get_bin_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_dword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_ex_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_mul_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_qword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_sz**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_dword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_ex_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_qword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_string**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); + + +## DESCRIPTION + +All function described here get or set different values in the registry: +- bin: binary data in any form. +- dword: a 32-bit number +- qword: a 64-bit number +- ex_string: a null-terminated string that contains unexpanded references to environment variables (for example, "%PATH%") +- mul_string: a sequence of null-terminated strings, terminated by an empty string (\0). The following is an example: String1\0String2\0String3\0LastString\0\0 The first \0 terminates the first string, the second to the last \0 terminates the last string, and the final \0 terminates the sequence. Note that the final terminator must be factored into the length of the string. +- sz/string: a null-terminated string + +The named argument *wmi_handle* is an *int* representing a connection to a WMI server. This connection can be opened with on of the **[wmi_connect(3)](wmi_connect.md)** functions. + +The optional named argument *hive* is of type *int* and defines which registry hive is used. By default *HKEY_LOCALE_MACHINE* (*2147483650*) is used. + +The named argument *key* is a *string* containing the registry key. This is the location of the values to get or set. + +The named argument *val_name* is a *string* containing the name of the value to set or get. + +## RETURN VALUE + +The set functions return a *bool*. *TRUE* on success, *FALSE* on failure or error. + +The get functions return a *string* containing the desired value or *NULL* on failure or error. + +## ERRORS + +Missing or invalid *wmi_handle* argument. + +Unable to run WMi query. + +## SEE ALSO + +**[wmi_connect(3)](wmi_connect.md)** diff --git a/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_sz.md b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_sz.md new file mode 100644 index 000000000..9b562ee39 --- /dev/null +++ b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_get_sz.md @@ -0,0 +1,53 @@ +# wmi_reg_get_sz + +## NAME + +**wmi_reg_get_sz** - get a sz registry value + +## SYNOPSIS + +*string* **wmi_reg_get_bin_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_dword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_ex_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_mul_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_qword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_sz**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_dword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_ex_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_qword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_string**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); + + +## DESCRIPTION + +All function described here get or set different values in the registry: +- bin: binary data in any form. +- dword: a 32-bit number +- qword: a 64-bit number +- ex_string: a null-terminated string that contains unexpanded references to environment variables (for example, "%PATH%") +- mul_string: a sequence of null-terminated strings, terminated by an empty string (\0). The following is an example: String1\0String2\0String3\0LastString\0\0 The first \0 terminates the first string, the second to the last \0 terminates the last string, and the final \0 terminates the sequence. Note that the final terminator must be factored into the length of the string. +- sz/string: a null-terminated string + +The named argument *wmi_handle* is an *int* representing a connection to a WMI server. This connection can be opened with on of the **[wmi_connect(3)](wmi_connect.md)** functions. + +The optional named argument *hive* is of type *int* and defines which registry hive is used. By default *HKEY_LOCALE_MACHINE* (*2147483650*) is used. + +The named argument *key* is a *string* containing the registry key. This is the location of the values to get or set. + +The named argument *val_name* is a *string* containing the name of the value to set or get. + +## RETURN VALUE + +The set functions return a *bool*. *TRUE* on success, *FALSE* on failure or error. + +The get functions return a *string* containing the desired value or *NULL* on failure or error. + +## ERRORS + +Missing or invalid *wmi_handle* argument. + +Unable to run WMi query. + +## SEE ALSO + +**[wmi_connect(3)](wmi_connect.md)** diff --git a/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_set_dword_val.md b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_set_dword_val.md new file mode 100644 index 000000000..05a18561d --- /dev/null +++ b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_set_dword_val.md @@ -0,0 +1,53 @@ +# wmi_reg_set_dword_val + +## NAME + +**wmi_reg_set_dword_val** - set a dword registry value + +## SYNOPSIS + +*string* **wmi_reg_get_bin_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_dword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_ex_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_mul_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_qword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_sz**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_dword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_ex_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_qword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_string**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); + + +## DESCRIPTION + +All function described here get or set different values in the registry: +- bin: binary data in any form. +- dword: a 32-bit number +- qword: a 64-bit number +- ex_string: a null-terminated string that contains unexpanded references to environment variables (for example, "%PATH%") +- mul_string: a sequence of null-terminated strings, terminated by an empty string (\0). The following is an example: String1\0String2\0String3\0LastString\0\0 The first \0 terminates the first string, the second to the last \0 terminates the last string, and the final \0 terminates the sequence. Note that the final terminator must be factored into the length of the string. +- sz/string: a null-terminated string + +The named argument *wmi_handle* is an *int* representing a connection to a WMI server. This connection can be opened with on of the **[wmi_connect(3)](wmi_connect.md)** functions. + +The optional named argument *hive* is of type *int* and defines which registry hive is used. By default *HKEY_LOCALE_MACHINE* (*2147483650*) is used. + +The named argument *key* is a *string* containing the registry key. This is the location of the values to get or set. + +The named argument *val_name* is a *string* containing the name of the value to set or get. + +## RETURN VALUE + +The set functions return a *bool*. *TRUE* on success, *FALSE* on failure or error. + +The get functions return a *string* containing the desired value or *NULL* on failure or error. + +## ERRORS + +Missing or invalid *wmi_handle* argument. + +Unable to run WMi query. + +## SEE ALSO + +**[wmi_connect(3)](wmi_connect.md)** diff --git a/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_set_ex_string_val.md b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_set_ex_string_val.md new file mode 100644 index 000000000..5b9c42d7c --- /dev/null +++ b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_set_ex_string_val.md @@ -0,0 +1,53 @@ +# wmi_reg_set_ex_string_val + +## NAME + +**wmi_reg_set_ex_string_val** - set a ex_string registry value + +## SYNOPSIS + +*string* **wmi_reg_get_bin_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_dword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_ex_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_mul_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_qword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_sz**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_dword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_ex_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_qword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_string**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); + + +## DESCRIPTION + +All function described here get or set different values in the registry: +- bin: binary data in any form. +- dword: a 32-bit number +- qword: a 64-bit number +- ex_string: a null-terminated string that contains unexpanded references to environment variables (for example, "%PATH%") +- mul_string: a sequence of null-terminated strings, terminated by an empty string (\0). The following is an example: String1\0String2\0String3\0LastString\0\0 The first \0 terminates the first string, the second to the last \0 terminates the last string, and the final \0 terminates the sequence. Note that the final terminator must be factored into the length of the string. +- sz/string: a null-terminated string + +The named argument *wmi_handle* is an *int* representing a connection to a WMI server. This connection can be opened with on of the **[wmi_connect(3)](wmi_connect.md)** functions. + +The optional named argument *hive* is of type *int* and defines which registry hive is used. By default *HKEY_LOCALE_MACHINE* (*2147483650*) is used. + +The named argument *key* is a *string* containing the registry key. This is the location of the values to get or set. + +The named argument *val_name* is a *string* containing the name of the value to set or get. + +## RETURN VALUE + +The set functions return a *bool*. *TRUE* on success, *FALSE* on failure or error. + +The get functions return a *string* containing the desired value or *NULL* on failure or error. + +## ERRORS + +Missing or invalid *wmi_handle* argument. + +Unable to run WMi query. + +## SEE ALSO + +**[wmi_connect(3)](wmi_connect.md)** diff --git a/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_set_qword_val.md b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_set_qword_val.md new file mode 100644 index 000000000..d7a22a4fc --- /dev/null +++ b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_set_qword_val.md @@ -0,0 +1,53 @@ +# wmi_reg_set_qword_val + +## NAME + +**wmi_reg_set_qword_val** - set a qword registry value + +## SYNOPSIS + +*string* **wmi_reg_get_bin_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_dword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_ex_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_mul_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_qword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_sz**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_dword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_ex_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_qword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_string**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); + + +## DESCRIPTION + +All function described here get or set different values in the registry: +- bin: binary data in any form. +- dword: a 32-bit number +- qword: a 64-bit number +- ex_string: a null-terminated string that contains unexpanded references to environment variables (for example, "%PATH%") +- mul_string: a sequence of null-terminated strings, terminated by an empty string (\0). The following is an example: String1\0String2\0String3\0LastString\0\0 The first \0 terminates the first string, the second to the last \0 terminates the last string, and the final \0 terminates the sequence. Note that the final terminator must be factored into the length of the string. +- sz/string: a null-terminated string + +The named argument *wmi_handle* is an *int* representing a connection to a WMI server. This connection can be opened with on of the **[wmi_connect(3)](wmi_connect.md)** functions. + +The optional named argument *hive* is of type *int* and defines which registry hive is used. By default *HKEY_LOCALE_MACHINE* (*2147483650*) is used. + +The named argument *key* is a *string* containing the registry key. This is the location of the values to get or set. + +The named argument *val_name* is a *string* containing the name of the value to set or get. + +## RETURN VALUE + +The set functions return a *bool*. *TRUE* on success, *FALSE* on failure or error. + +The get functions return a *string* containing the desired value or *NULL* on failure or error. + +## ERRORS + +Missing or invalid *wmi_handle* argument. + +Unable to run WMi query. + +## SEE ALSO + +**[wmi_connect(3)](wmi_connect.md)** diff --git a/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_set_string_val.md b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_set_string_val.md new file mode 100644 index 000000000..b29444b66 --- /dev/null +++ b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_reg_set_string_val.md @@ -0,0 +1,53 @@ +# wmi_reg_set_string_val + +## NAME + +**wmi_reg_set_string_val** - set a string registry value + +## SYNOPSIS + +*string* **wmi_reg_get_bin_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_dword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_ex_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_mul_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_qword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*string* **wmi_reg_get_sz**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_dword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_ex_string_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_qword_val**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); +*bool* **wmi_reg_set_string**(wmi_handle: *int*, hive: *int*, key: *string*, val_name: *string*); + + +## DESCRIPTION + +All function described here get or set different values in the registry: +- bin: binary data in any form. +- dword: a 32-bit number +- qword: a 64-bit number +- ex_string: a null-terminated string that contains unexpanded references to environment variables (for example, "%PATH%") +- mul_string: a sequence of null-terminated strings, terminated by an empty string (\0). The following is an example: String1\0String2\0String3\0LastString\0\0 The first \0 terminates the first string, the second to the last \0 terminates the last string, and the final \0 terminates the sequence. Note that the final terminator must be factored into the length of the string. +- sz/string: a null-terminated string + +The named argument *wmi_handle* is an *int* representing a connection to a WMI server. This connection can be opened with on of the **[wmi_connect(3)](wmi_connect.md)** functions. + +The optional named argument *hive* is of type *int* and defines which registry hive is used. By default *HKEY_LOCALE_MACHINE* (*2147483650*) is used. + +The named argument *key* is a *string* containing the registry key. This is the location of the values to get or set. + +The named argument *val_name* is a *string* containing the name of the value to set or get. + +## RETURN VALUE + +The set functions return a *bool*. *TRUE* on success, *FALSE* on failure or error. + +The get functions return a *string* containing the desired value or *NULL* on failure or error. + +## ERRORS + +Missing or invalid *wmi_handle* argument. + +Unable to run WMi query. + +## SEE ALSO + +**[wmi_connect(3)](wmi_connect.md)** diff --git a/doc/manual/nasl/built-in-functions/wmi-functions/wmi_versioninfo.md b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_versioninfo.md new file mode 100644 index 000000000..b9481a8f7 --- /dev/null +++ b/doc/manual/nasl/built-in-functions/wmi-functions/wmi_versioninfo.md @@ -0,0 +1,19 @@ +# wmi_versioninfo + +## NAME + +**wmi_versioninfo** - get a version string of the WMI implementation + +## SYNOPSIS + +*string* **wmi_versioninfo**(); + +**wmi_versioninfo** takes no arguments. + +## DESCRIPTION + +This function checks the current version of the WMI implementation and returns it. This can be used to check if functions are available in the current version. Can also be used to check if there is even any implementation for WMI functionality, as these are not mandatory for compiling the openvas-scanner. By default the openvas-scanner implementation just returns a *NULL* value for all functionalities. In order to use WMI **[openvas-smb](https://github.com/greenbone/openvas-smb)** has to be installed before. + +## RETURN VALUE + +The current version of the WMI implementation as *string* or *NULL* if there is none.