Windows访问令牌相关使用方法
2013-02-22 10:52 Clingingboy 阅读(3994) 评论(0) 编辑 收藏 举报
一.OpenProcessToken
打开进程访问令牌
WINADVAPI
BOOL
WINAPI
OpenProcessToken (
__in HANDLE ProcessHandle,
__in DWORD DesiredAccess,
__deref_out PHANDLE TokenHandle
);
二.GetTokenInformation
获取令牌特定权限信息
WINADVAPI
BOOL
WINAPI
GetTokenInformation (
__in HANDLE TokenHandle,
__in TOKEN_INFORMATION_CLASS TokenInformationClass,
__out_bcount_part_opt(TokenInformationLength, *ReturnLength) LPVOID TokenInformation,
__in DWORD TokenInformationLength,
__out PDWORD ReturnLength
);
Demo示例
BOOL GetElevationType(HANDLE hProcess, TOKEN_ELEVATION_TYPE* pElevationType)
{
HANDLE hToken = NULL;
// Get current process token
if (!OpenProcessToken(hProcess, TOKEN_QUERY, &hToken))
return FALSE;
BOOL bResult = FALSE;
DWORD dwSize = 0;
// Retrieve elevation type information
BOOL bFlag = GetTokenInformation(hToken, TokenElevationType, pElevationType, sizeof(TOKEN_ELEVATION_TYPE), &dwSize);
CloseHandle(hToken);
return bFlag;
}
参考:http://johnny161.blog.163.com/blog/static/9028195201181341417421/
三.IsUserAnAdmin
Tests whether the current user is a member of the Administrator's group.
其是对CheckTokenMembership的封装
A SID allocated with the AllocateAndInitializeSid function must be freed by using the FreeSid function.
BOOL IsUserAdmin(VOID)
/*++
Routine Description: This routine returns TRUE if the caller's
process is a member of the Administrators local group. Caller is NOT
expected to be impersonating anyone and is expected to be able to
open its own process and process token.
Arguments: None.
Return Value:
TRUE - Caller has Administrators local group.
FALSE - Caller does not have Administrators local group. --
*/
{
BOOL b;
SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
PSID AdministratorsGroup;
b = AllocateAndInitializeSid(
&NtAuthority,
2,
SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS,
0, 0, 0, 0, 0, 0,
&AdministratorsGroup);
if(b)
{
if (!CheckTokenMembership( NULL, AdministratorsGroup, &b))
{
b = FALSE;
}
FreeSid(AdministratorsGroup);
}
return(b);
}
四.ConvertSidToStringSid
The ConvertSidToStringSid function converts a security identifier (SID) to a string format suitable for display, storage, or transmission.
WINAPI
ConvertSidToStringSidW(
__in PSID Sid,
__deref_out LPWSTR *StringSid
);
A pointer to the SID structure to be converted.
A pointer to a variable that receives a pointer to a null-terminated SID string. To free the returned buffer, call the LocalFree function.
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· AI与.NET技术实操系列:基于图像分类模型对图像进行分类
· go语言实现终端里的倒计时
· 如何编写易于单元测试的代码
· 10年+ .NET Coder 心语,封装的思维:从隐藏、稳定开始理解其本质意义
· .NET Core 中如何实现缓存的预热?
· 分享一个免费、快速、无限量使用的满血 DeepSeek R1 模型,支持深度思考和联网搜索!
· 25岁的心里话
· 基于 Docker 搭建 FRP 内网穿透开源项目(很简单哒)
· ollama系列01:轻松3步本地部署deepseek,普通电脑可用
· 按钮权限的设计及实现