一.OpenProcessToken
打开进程访问令牌
WINADVAPI
BOOL
WINAPI
OpenProcessToken (
__in HANDLE ProcessHandle,
__in DWORD DesiredAccess,
__deref_out PHANDLE TokenHandle
);
二.GetTokenInformation
获取令牌特定权限信息
WINADVAPI
BOOL
WINAPI
GetTokenInformation (
__in HANDLE TokenHandle,
__in TOKEN_INFORMATION_CLASS TokenInformationClass,
__out_bcount_part_opt(TokenInformationLength, *ReturnLength) LPVOID TokenInformation,
__in DWORD TokenInformationLength,
__out PDWORD ReturnLength
);
Demo示例
BOOL GetElevationType(HANDLE hProcess, TOKEN_ELEVATION_TYPE* pElevationType)
{
HANDLE hToken = NULL;
// Get current process token
if (!OpenProcessToken(hProcess, TOKEN_QUERY, &hToken))
return FALSE;
BOOL bResult = FALSE;
DWORD dwSize = 0;
// Retrieve elevation type information
BOOL bFlag = GetTokenInformation(hToken, TokenElevationType, pElevationType, sizeof(TOKEN_ELEVATION_TYPE), &dwSize);
CloseHandle(hToken);
return bFlag;
}
参考:http://johnny161.blog.163.com/blog/static/9028195201181341417421/
三.IsUserAnAdmin
Tests whether the current user is a member of the Administrator's group.
其是对CheckTokenMembership的封装
A SID allocated with the AllocateAndInitializeSid function must be freed by using the FreeSid function.
BOOL IsUserAdmin(VOID)
/*++
Routine Description: This routine returns TRUE if the caller's
process is a member of the Administrators local group. Caller is NOT
expected to be impersonating anyone and is expected to be able to
open its own process and process token.
Arguments: None.
Return Value:
TRUE - Caller has Administrators local group.
FALSE - Caller does not have Administrators local group. --
*/
{
BOOL b;
SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
PSID AdministratorsGroup;
b = AllocateAndInitializeSid(
&NtAuthority,
2,
SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS,
0, 0, 0, 0, 0, 0,
&AdministratorsGroup);
if(b)
{
if (!CheckTokenMembership( NULL, AdministratorsGroup, &b))
{
b = FALSE;
}
FreeSid(AdministratorsGroup);
}
return(b);
}
四.ConvertSidToStringSid
The ConvertSidToStringSid function converts a security identifier (SID) to a string format suitable for display, storage, or transmission.
WINAPI
ConvertSidToStringSidW(
__in PSID Sid,
__deref_out LPWSTR *StringSid
);
Sid
A pointer to the SID structure to be converted.
StringSidA pointer to a variable that receives a pointer to a null-terminated SID string. To free the returned buffer, call the LocalFree function.