Right click Option with WMIC

Hi,

I’ve been struggling trying to create a right-click option in BigFix Console to execute WMIC commands on remote machines.

Unfortunately, I’m restricted from using PS tools or any other third-party utilities, which limits my options to native tools like WMIC.

My primary goal is to either open a CMD session on a remote computer or run gpupdate /force. I’ve attempted various approaches using the ShellCommandRelevance field, but I haven’t had any luck getting it to work.

Here are some examples of what I’ve tried:

Opening a remote CMD session:

“ShellCommandRelevance”=wmic.exe /node:" & (value of property results whose (name of property of it = "DNS Name") of current computer) & " process call create \"cmd.exe\""

Running GPUpdate on a remote machine:

“ShellCommandRelevance”=wmic.exe /node:" & (value of property results whose (name of property of it = "DNS Name") of current computer) & " process call create \"cmd.exe /c gpupdate /force\""

If anyone has successfully implemented a similar solution or has ideas on what might be going wrong, I’d greatly appreciate your input. Specifically:

Am I missing something in the syntax or escaping of the commands?

Are there alternative approaches to achieve the same goal with the right-click option in BigFix Console?

I’m open to suggestions, tips, or even a different way to approach this problem. Your help would mean a lot as I’ve hit a roadblock and could use some fresh ideas.

Thank you

Do you have a working command-line example you can share? That should help us figure out what needs to be escaped

I worked out a little bit myself. I’m not sure how useful ‘cmd.exe’ is - I run this on the command line from one domain computer:

C:\windows\system32>wmic /node:win11 process call create "cmd.exe"
Executing (Win32_Process)->Create()
Method execution successful.
Out Parameters:
instance of __PARAMETERS
{
        ProcessId = 8488;
        ReturnValue = 0;
};

On the target computer “win11” I can see the cmd.exe process is running. But it’s not visible to the logged-on user, and my source system cannot interact with it. It’s not like an SSH or something that flows input/output between your source machine and the remote process.

Hi, thank you for the quick reply!

You are correct,
but what matters most to me is the ability to execute shell commands via the right-click option. This includes basic tasks like running gpupdate, launching programs, or making curl requests. Ideally, I would appreciate the option to open a command prompt on the remote machine, but even just the ability to run cmd commands would meet my needs.

Ok, I think you may be conflating some of the escape sequences.

To start with, just use the Registry Editor graphical interface, directly, to input the value for ShellCommandRelevance. This way, you don’t have to worry about how regedit escapes things when it exports them to a .reg file.

Know that the value in ShellCommandRelevance is a relevance statement that will be evaluated on the Console computer. The output of this Relevance statement is what will be executed, and you can use ‘current computer’ in the relevance statement to evaluate as the highlighted computer in the Console.

So to start with just get it working with everything hard-coded. The relevance statement is just a string. Let’s start off with everyone’s first program, Hello World:

image797×284 53.2 KB

image832×231 13.8 KB

The ShellCommandRelevance here is "cmd /k echo Hello, World!"
When I run this right-click option, it doesn’t matter which computer is highlighted (I’m not referencing it in my statement). The Relevance is evaluated, it comes out with the string “cmd /k echo Hello, World!” and then it executes that statement:

image514×631 63.7 KB

One neat thing is, we can update that registry value and then just right-click again - we don’t have to re-launch the Console to pick up the changes. So the next thing is to get the target computername in there. Update the ShellCommandRelevance to

"cmd /k echo Hello, World! Here's looking at " & name of current computer

This time, running it includes the target computername in the output:

image1054×271 46.6 KB

Now let’s try substituting in your command:

"wmic /node:" & name of current computer & " process call create "gpupdate.exe /force""

Oops, this time I get an error message:

image851×339 62.5 KB

What this means is not necessarily that there’s a problem with the computer, but that the relevance statement itself fails to evaluate. In this case we’ve tried to use literal doublequotes inside the relevance string - the doublequotes around “gpupdate /force” need to be relevance-escaped, which means percent-encoding the value.
Because this is inside a Relevance string literal, to represent the doublequote we use percent-encoding. %22 is the ASCII Hexadecimal value for doublequote. So try changing it to

"wmic /node:" & name of current computer & " process call create %22gpupdate.exe /force%22"

(in my case, my Console machine is not on the same domain as my targets, so I personally have to change it to "wmic /USER:mydomain\administrator /Password:%22REMOVED_PASSWORD%22 /node:" & name of current computer & " process call create %22gpupdate.exe /force%22" – but it does work.

I think you have an XY problem.

All these things your doing with right-click options, are still just things that execute on the machine running the Console. This isn’t ‘remoting’ anything to the target computer, it just happens to build a command line that executes ‘wmic’ on your computer, and the ‘wmic’ command line uses parameters to hit the remote computer over RPC.

It would be just as easy for you to open a command prompt and run ‘wmic’ directly.

Ideally you’d change the things you’re doing to BigFix Tasks, where you send an Action to the remote computers to execute their gpupdate or whatever. BigFix isn’t really meant for one-on-one interactive things, it’s built for mass-deployment.

If you want to get into interactive control, I’d suggest looking into the BigFix Remote Control offering - it adds the ability to execute commands, shadow users, or take a full gui console on the remote computer, and doesn’t rely on common domain or direct RPC comms to the remote machine.