1+ function Get-Query {
2+ <#
3+ . SYNOPSIS
4+ Module using query.exe for created object powershell
5+ Does not depend on the localization of the OS
6+ . DESCRIPTION
7+ Example:
8+ Get-Query localhost # default
9+ Get-Query 192.168.1.1
10+ Get-Query 192.168.1.1 -proc # all user process list (default -user *)
11+ Get-Query 192.168.1.1 -proc -user username
12+ . LINK
13+ https://github.com/Lifailon/Get-Query
14+ https://github.com/Lifailon/Remote-Shadow-Administrator
15+ #>
16+ Param (
17+ $srv = " localhost" ,
18+ [switch ]$proc ,
19+ $user = " *"
20+ )
21+ if (! ($proc )) {
22+ $Users = New-Object System.Collections.Generic.List[System.Object ]
23+ $query = query user / server:$srv
24+ if ($query -ne $null ) {
25+ $usr = $query [1 .. 100 ]
26+ $usr = $usr -replace " (^\s)|(^\>)"
27+ $usr = $usr -replace " \s{2,100}" , " "
28+ $split1 = $usr -split " \n"
29+ foreach ($s in $split1 ) {
30+ $split2 = $s -split " \s"
31+ if ($split2.Count -eq 6 ) {
32+ if ($split2 [2 ].Length -eq 4 ) {$status = " Disconnect"
33+ } elseif ($split2 [2 ].Length -eq 6 ) {$status = " Active"
34+ } elseif ($split2 [2 ].Length -eq 7 ) {$status = " Active"
35+ $Users.Add ([PSCustomObject ]@ {
36+ User = $split2 [0 ]
37+ Session = $null
38+ ID = $split2 [1 ]
39+ Status = $status
40+ IdleTime = $split2 [3 ]
41+ LogonTime = $split2 [4 ]+ " " + $split2 [5 ]
42+ })
43+ }
44+ if ($split2.Count -eq 7 ) {
45+ if ($split2 [3 ].Length -eq 4 ) {$status = " Disconnect"
46+ } elseif ($split2 [3 ].Length -eq 6 ) {$status = " Active"
47+ } elseif ($split2 [3 ].Length -eq 7 ) {$status = " Active"
48+ $Users.Add ([PSCustomObject ]@ {
49+ User = $split2 [0 ]
50+ Session = $split2 [1 ]
51+ ID = $split2 [2 ]
52+ Status = $status
53+ IdleTime = $split2 [4 ]
54+ LogonTime = $split2 [5 ]+ " " + $split2 [6 ]
55+ })
56+ }
57+ }
58+ $Users
59+ }
60+ }
61+ if ($proc ) {
62+ $Users = New-Object System.Collections.Generic.List[System.Object ]
63+ $query = query process $user / server:$srv
64+ if ($query -ne $null ) {
65+ $usr = $query [1 .. 5000 ]
66+ $usr = $usr -replace " (^\s)|(^\>)"
67+ $usr = $usr -replace " \s{2,100}" , " "
68+ $split1 = $usr -split " \n"
69+ foreach ($s in $split1 ) {
70+ $split2 = $s -split " \s"
71+ if ($split2.Count -eq 6 ) {
72+ $split3 = @ ($split2 [0 ])
73+ $split3 += $split2 [2 .. 5 ]
74+ $split2 = $split3
75+ }
76+ if ($split2 [0 ] -match " \("
77+ $username = " unknown"
78+ } else {
79+ $username = $split2 [0 ]
80+ }
81+ if ($split2.Count -eq 5 ) {
82+ $Users.Add ([PSCustomObject ]@ {
83+ User = $username
84+ Session = $split2 [1 ]
85+ ID = $split2 [2 ]
86+ PID = $split2 [3 ]
87+ Process = $split2 [4 ]
88+ })
89+ }
90+ if ($split2.Count -eq 4 ) {
91+ $Users.Add ([PSCustomObject ]@ {
92+ User = $username
93+ Session = $null
94+ ID = $split2 [1 ]
95+ PID = $split2 [2 ]
96+ Process = $split2 [3 ]
97+ })
98+ }
99+ }
100+ $Users
101+ }
102+ }
103+ }
0 commit comments