mattifestation/Get-WmiProvider.ps1 Secret

## Get-WmiProvider.ps1
# Author: Matt Graeber (@mattifestation)

New-PSDrive -PSProvider Registry -Root HKEY_CLASSES_ROOT -Name HKCR

function Get-WmiNamespace {
    Param (
        $Namespace='ROOT'
    )
    Get-WmiObject -Namespace $Namespace -Class __NAMESPACE | ForEach-Object {
            ($ns = '{0}\{1}' -f $_.__NAMESPACE,$_.Name)
            Get-WmiNamespace $ns | ? { -not $_.ToLower().EndsWith('\ms_409') }
            # ms_409 only refers to EN_US CIM repositories
    }
}

Get-WmiNamespace | % {
    Get-WmiObject -Class __Provider -Namespace $_ | % {
        $ProviderInfo = [Ordered] @{
            Namespace = $_.__NAMESPACE
            ProviderName = $_.Name
            CLSID = $_.CLSID
        }

        $DLL = ''

        if ($_.CLSID) {
            $DLL = Get-ItemProperty -Path "HKCR:\CLSID\$($_.CLSID)\InprocServer32" -ErrorAction SilentlyContinue |
                Select-Object -ExpandProperty '(default)'
        }

        $ProviderInfo['Dll'] = $DLL

        New-Object PSObject -Property $ProviderInfo
    }
}
	# Author: Matt Graeber (@mattifestation)

	New-PSDrive -PSProvider Registry -Root HKEY_CLASSES_ROOT -Name HKCR

	function Get-WmiNamespace {
	Param (
	$Namespace='ROOT'
	)
	Get-WmiObject -Namespace $Namespace -Class __NAMESPACE \| ForEach-Object {
	($ns = '{0}\{1}' -f $_.__NAMESPACE,$_.Name)
	Get-WmiNamespace $ns \| ? { -not $_.ToLower().EndsWith('\ms_409') }
	# ms_409 only refers to EN_US CIM repositories
	}
	}

	Get-WmiNamespace \| % {
	Get-WmiObject -Class __Provider -Namespace $_ \| % {
	$ProviderInfo = [Ordered] @{
	Namespace = $_.__NAMESPACE
	ProviderName = $_.Name
	CLSID = $_.CLSID
	}

	$DLL = ''

	if ($_.CLSID) {
	$DLL = Get-ItemProperty -Path "HKCR:\CLSID\$($_.CLSID)\InprocServer32" -ErrorAction SilentlyContinue \|
	Select-Object -ExpandProperty '(default)'
	}

	$ProviderInfo['Dll'] = $DLL

	New-Object PSObject -Property $ProviderInfo
	}
	}