if (!OpenProcessToken(GetCurrentProcess(),TOKEN_QUERY,&hAccessToken)) goto cleanup;
InfoBuffer = new BYTE[1024];
if (!InfoBuffer) goto cleanup;
bRet = GetTokenInformation(hAccessToken,
TokenGroups,
InfoBuffer,
1024,
&dwInfoBufferSize);
CloseHandle( hAccessToken );
if (!bRet) goto cleanup;
if (!AllocateAndInitializeSid(&siaNtAuthority,
2,
SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS,
0,0,0,0,0,0,
&psidAdministrators))
goto cleanup;
bRet = FALSE;
ptgGroups = (PTOKEN_GROUPS)InfoBuffer;
for (i=0;i<ptgGroups->GroupCount;i++) {
if (EqualSid(psidAdministrators,ptgGroups->Groups[i].Sid)) {
bRet = TRUE;
break;//
}
}
FreeSid(psidAdministrators);
cleanup:
if (InfoBuffer) delete InfoBuffer;
return bRet;
}
int main() {
if (IsAdmin()) {printf("IsAdmin - TRUE\n");return 0;}
else {printf("IsAdmin - FALSE\n");return 1;}
}
#9
核心编程上有一段代码判断是否以未筛选的Token的管理员权限运行。
#10
MSDN上获取当前运行的进程是否具有管理员权限
BOOL IsUserAdmin()
/*++
Routine Description: This routine returns TRUE if the caller's
process is a member of the Administrators local group. Caller is NOT
expected to be impersonating anyone and is expected to be able to
open its own process and process token.
Arguments: None.
Return Value:
TRUE - Caller has Administrators local group.
FALSE - Caller does not have Administrators local group. --
*/
{
BOOL b;
SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
PSID AdministratorsGroup;
b = AllocateAndInitializeSid(&NtAuthority,2,SECURITY_BUILTIN_DOMAIN_RID,DOMAIN_ALIAS_RID_ADMINS,0, 0, 0, 0, 0, 0,&AdministratorsGroup);
if (b)
{
if (!CheckTokenMembership(NULL, AdministratorsGroup, &b))
{
b = FALSE;
}
FreeSid(AdministratorsGroup);
}
if (!OpenProcessToken(GetCurrentProcess(),TOKEN_QUERY,&hAccessToken)) goto cleanup;
InfoBuffer = new BYTE[1024];
if (!InfoBuffer) goto cleanup;
bRet = GetTokenInformation(hAccessToken,
TokenGroups,
InfoBuffer,
1024,
&dwInfoBufferSize);
CloseHandle( hAccessToken );
if (!bRet) goto cleanup;
if (!AllocateAndInitializeSid(&siaNtAuthority,
2,
SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS,
0,0,0,0,0,0,
&psidAdministrators))
goto cleanup;
bRet = FALSE;
ptgGroups = (PTOKEN_GROUPS)InfoBuffer;
for (i=0;i<ptgGroups->GroupCount;i++) {
if (EqualSid(psidAdministrators,ptgGroups->Groups[i].Sid)) {
bRet = TRUE;
break;//
}
}
FreeSid(psidAdministrators);
cleanup:
if (InfoBuffer) delete InfoBuffer;
return bRet;
}
int main() {
if (IsAdmin()) {printf("IsAdmin - TRUE\n");return 0;}
else {printf("IsAdmin - FALSE\n");return 1;}
}
#9
核心编程上有一段代码判断是否以未筛选的Token的管理员权限运行。
#10
MSDN上获取当前运行的进程是否具有管理员权限
BOOL IsUserAdmin()
/*++
Routine Description: This routine returns TRUE if the caller's
process is a member of the Administrators local group. Caller is NOT
expected to be impersonating anyone and is expected to be able to
open its own process and process token.
Arguments: None.
Return Value:
TRUE - Caller has Administrators local group.
FALSE - Caller does not have Administrators local group. --
*/
{
BOOL b;
SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
PSID AdministratorsGroup;
b = AllocateAndInitializeSid(&NtAuthority,2,SECURITY_BUILTIN_DOMAIN_RID,DOMAIN_ALIAS_RID_ADMINS,0, 0, 0, 0, 0, 0,&AdministratorsGroup);
if (b)
{
if (!CheckTokenMembership(NULL, AdministratorsGroup, &b))
{
b = FALSE;
}
FreeSid(AdministratorsGroup);
}