?

一.OpenProcessToken

打開進程訪問令牌

WINADVAPI BOOL WINAPI OpenProcessToken (__in HANDLE ProcessHandle,__in DWORD DesiredAccess,__deref_out PHANDLE TokenHandle);

二.GetTokenInformation

獲取令牌特定權限信息

WINADVAPI BOOL WINAPI GetTokenInformation (__in HANDLE TokenHandle,__in TOKEN_INFORMATION_CLASS TokenInformationClass,__out_bcount_part_opt(TokenInformationLength, *ReturnLength) LPVOID TokenInformation,__in DWORD TokenInformationLength,__out PDWORD ReturnLength);

Demo示例

BOOL GetElevationType(HANDLE hProcess, TOKEN_ELEVATION_TYPE* pElevationType) {HANDLE hToken = NULL;// Get current process token if (!OpenProcessToken(hProcess, TOKEN_QUERY, &hToken))return FALSE;BOOL bResult = FALSE;DWORD dwSize = 0;// Retrieve elevation type information BOOL bFlag = GetTokenInformation(hToken, TokenElevationType, pElevationType, sizeof(TOKEN_ELEVATION_TYPE), &dwSize);CloseHandle(hToken);return bFlag; }

?

參考:http://johnny161.blog.163.com/blog/static/9028195201181341417421/

三.IsUserAnAdmin

Tests whether the current user is a member of the Administrator's group.

其是對CheckTokenMembership的封裝

A SID allocated with the AllocateAndInitializeSid function must be freed by using the FreeSid function.

BOOL IsUserAdmin(VOID) /*++ Routine Description: This routine returns TRUE if the caller's process is a member of the Administrators local group. Caller is NOT expected to be impersonating anyone and is expected to be able to open its own process and process token. Arguments: None. Return Value: TRUE - Caller has Administrators local group. FALSE - Caller does not have Administrators local group. -- */ { BOOL b; SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY; PSID AdministratorsGroup; b = AllocateAndInitializeSid(&NtAuthority,2,SECURITY_BUILTIN_DOMAIN_RID,DOMAIN_ALIAS_RID_ADMINS,0, 0, 0, 0, 0, 0,&AdministratorsGroup); if(b) {if (!CheckTokenMembership( NULL, AdministratorsGroup, &b)) {b = FALSE;} FreeSid(AdministratorsGroup); }return(b); }

四.ConvertSidToStringSid

The ConvertSidToStringSid function converts a security identifier (SID) to a string format suitable for display, storage, or transmission.

WINAPI ConvertSidToStringSidW(__in PSID Sid,__deref_out LPWSTR *StringSid);

Sid

A pointer to the SID structure to be converted.

StringSid

A pointer to a variable that receives a pointer to a null-terminated SID string. To free the returned buffer, call the LocalFree function.

總結

以上是生活随笔為你收集整理的Windows访问令牌相关使用方法的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。