代码改变世界

Windows访问令牌相关使用方法

2013-02-22 10:52  Clingingboy  阅读(3986)  评论(0编辑  收藏  举报

 

一.OpenProcessToken

打开进程访问令牌

WINADVAPI
BOOL
WINAPI
OpenProcessToken (
    __in        HANDLE ProcessHandle,
    __in        DWORD DesiredAccess,
    __deref_out PHANDLE TokenHandle
    );

二.GetTokenInformation

获取令牌特定权限信息

WINADVAPI
BOOL
WINAPI
GetTokenInformation (
    __in      HANDLE TokenHandle,
    __in      TOKEN_INFORMATION_CLASS TokenInformationClass,
    __out_bcount_part_opt(TokenInformationLength, *ReturnLength) LPVOID TokenInformation,
    __in      DWORD TokenInformationLength,
    __out     PDWORD ReturnLength
    );

Demo示例

BOOL GetElevationType(HANDLE hProcess, TOKEN_ELEVATION_TYPE* pElevationType)
{
    HANDLE hToken = NULL;
    // Get current process token  
    if (!OpenProcessToken(hProcess, TOKEN_QUERY, &hToken))
        return FALSE;

    BOOL bResult = FALSE;
    DWORD dwSize = 0;
    // Retrieve elevation type information 
    BOOL bFlag = GetTokenInformation(hToken, TokenElevationType, pElevationType, sizeof(TOKEN_ELEVATION_TYPE), &dwSize);
    CloseHandle(hToken);
    return bFlag;
}

 

参考:http://johnny161.blog.163.com/blog/static/9028195201181341417421/

三.IsUserAnAdmin

Tests whether the current user is a member of the Administrator's group.

其是对CheckTokenMembership的封装

A SID allocated with the AllocateAndInitializeSid function must be freed by using the FreeSid function.

BOOL IsUserAdmin(VOID)
/*++ 
Routine Description: This routine returns TRUE if the caller's
process is a member of the Administrators local group. Caller is NOT
expected to be impersonating anyone and is expected to be able to
open its own process and process token. 
Arguments: None. 
Return Value: 
   TRUE - Caller has Administrators local group. 
   FALSE - Caller does not have Administrators local group. --
*/ 
{
BOOL b;
SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
PSID AdministratorsGroup; 
b = AllocateAndInitializeSid(
    &NtAuthority,
    2,
    SECURITY_BUILTIN_DOMAIN_RID,
    DOMAIN_ALIAS_RID_ADMINS,
    0, 0, 0, 0, 0, 0,
    &AdministratorsGroup); 
if(b) 
{
    if (!CheckTokenMembership( NULL, AdministratorsGroup, &b)) 
    {
         b = FALSE;
    } 
    FreeSid(AdministratorsGroup); 
}

return(b);
}

四.ConvertSidToStringSid

The ConvertSidToStringSid function converts a security identifier (SID) to a string format suitable for display, storage, or transmission.

WINAPI
ConvertSidToStringSidW(
    __in  PSID     Sid,
    __deref_out LPWSTR  *StringSid
    );

Sid

A pointer to the SID structure to be converted.

StringSid

A pointer to a variable that receives a pointer to a null-terminated SID string. To free the returned buffer, call the LocalFree function.