-
Notifications
You must be signed in to change notification settings - Fork 227
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WMIC Deprecation #118
Comments
OpenSpeedTest-Server is an Electron app that utilizes the "internal-ip" package to ascertain the system's IP address. This "internal-ip" package, in turn, relies on a dependency known as "default-gateway," which employs "wmic." A discussion regarding this issue is underway within the "default-gateway" repository. A proposed solution using PowerShell has been submitted in the form of a pull request, but it has yet to be merged. Should "default-gateway" rectify this issue, we can proceed with updating the apps accordingly. However, if the issue persists, we shall address it in the subsequent major release by either forking "internal-ip" and implementing a fix ourselves or opting for an alternative package that functions without "wmic." To reproduce this issue, we need to enable Smart App Control, correct? I am going to replicate this and explore other options that can be used to fix this issue as soon as possible. |
Ah ok I see. Yea again not a huge deal since the program still works and probably doesn't affect many users, but figured I'd mention it. To reproduce you wouldn't necessarily need to enable smart app control or Windows Defender Application Control (SAC is basically a special made policy using WDAC). Any method that 'blocks' it from running could work. The thing about Smart App Control is Microsoft decided to make it so you can only enable it immediately after a clean install of Windows, and if you ever disable it you can't enable it again. The easier way I'm aware of would be using AppLocker which is a feature built into Windows 10/11 Pro (it uses Group Policy Editor which isn't in Home edition). AppLocker is a whitelisting feature that is the predecessor to WDAC but a lot easier to set up. It basically just lets you restrict what can run on the system by letting you create rules where something can only run if you create a specific rule to allow it, but you can also create rules to block specific stuff too. So you can just make a rule to block wmic.exe to test. Here's a simple walkthrough which should be the fastest way to reproduce. The steps are simple but I'll add some contextual info that might make it seem more complicated than it is.
Then in the right side there won't be any executable rules yet, so AppLocker won't be active until there's at least one. Before creating a rule to block wmic.exe you'll want to create a rule to just allow all exe's so it doesn't interfere with the rest of your system. Basically with applocker active (meaning there's at least one rule), a program can only run if there is a rule explicitly allowing it. So if you were to just go and create a wmic.exe blocking rule, actually it wouldn't allow any other exes to run without making a rule to allow them, so we can just do that first.
See here as an example: Create.wildcard.rule.mp4That basically creates a rule that just allows any exe to run, which in your case where AppLocker wasn't enabled before, will actually mean it will make no difference, since without AppLocker everything was allowed by default anyway.
Now you'll have 2 rules, one allowing all exe's, but one blocking wmic.exe, but Deny rules always overrule the Allow rules so now it effectively only blocks wmic.exe from running. If you delete all the rules it should just revert to disabling AppLocker altogether.
This step might not even be necessary but worth knowing about. In the dropdown you can also select "Audit Only" if you want to disable AppLocker without having to delete the rules. Also note that there are other sections like 'Windows Installer Rules' and 'Script Rules'. Those all get activated independently, so as long as you don't create any rules in there they won't be affected so you don't have to worry about those. As a side note, if you happen to be interested in learning everything else about AppLocker I also made a huge tutorial here, but that is definitely overkill for this purpose lol. |
@ThioJoe I reproduced this issue; I enabled SmartAppControl, and everything worked fine. However, after a Windows update, I encountered the same error as you did. I modified the default-gateway package using the changes from the deleted pull request, and it is working on my machine. I need to test this on Windows 10, etc. I have not bumped up the version number. As I mentioned, I need more testing. |
Your Must have a default gateway and IP addresses |
@dw5 Also check firewall rules. |
FYI, wmic.exe is no longer available on a clean install of Windows 11 version 24H2 (Build 26100.863) Release Preview. (Not sure if it remains and/or is functional on an upgrade in-place.) The PowerShell test version does seem to work. |
The test version also seems to work for me on Windows 10 version 22H2. |
FYI, I upgraded one of my systems in place to the 24H2 Release Preview (26100.1000) and wmic.exe is still there and functional. |
On my latest Windows 11 system, only the test version work for me as well. |
Ditto here, can't get the IP address on a brand new Windows 11 machine. |
I was hoping you would consider updating the Windows binaries so that it doesn't use WMIC.exe (Windows Management Instrumentation Command line, and not to be confused with the base "WMI").
WMIC has been deprecated since Windows 10 21H1 and will likely be removed in the future.
Also, wmic.exe is on a list of applications that Microsoft recommends be blocked for security reasons if possible, for those using certain security policies. It says, "Unless your use scenarios explicitly require them, Microsoft recommends that you block the following applications." For anyone (including myself) using Windows 11's Smart App Control, which blocks all the files on that list and cannot be overridden, this causes a slight issue.
When WMIC is blocked from running, OpenSpeedTest Server still works, but the GUI window is unable to show the local IP address of the system, so the user would have to figure that out themselves if they don't already know.
Here's what it shows, noting the last line in particular:
Also interestingly, the "Start Server" button doesn't change to "Stop Server", but the server is still definitely running and works.
The text was updated successfully, but these errors were encountered: