This probably needs converted to AutoHotkey (& maybe added as a built-in {A_IsAdminGroup})...
...including the raw code, in case that disappears...
[quote="Non-AutoHotkey-ified C code"][/quote]
Code:
#include <windows.h>
#include <stdio.h>
int main() {
HANDLE hToken;
TOKEN_ELEVATION_TYPE elevationType;
DWORD dwSize;
OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken);
GetTokenInformation(hToken, TokenElevationType, &elevationType, sizeof(elevationType), &dwSize);
switch (elevationType) {
case TokenElevationTypeDefault:
wprintf(TEXT("\nTokenElevationTypeDefault - User is not using a split token.\n"));
break;
case TokenElevationTypeFull:
wprintf(TEXT("\nTokenElevationTypeFull - User has a split token, and the process is running elevated.\n"));
break;
case TokenElevationTypeLimited:
wprintf(TEXT("\nTokenElevationTypeLimited - User has a split token, but the process is not running elevated.\n"));
break;
}
if (hToken) {
CloseHandle(hToken);
}
}
Here's the best AutoHotkey version I can come up with, however it was written on XP SP1 & still gives me A_LastError=87 meaning ERROR_INVALID_PARAMETER...cuz the TokenElevationType needs Win Vista or higher to work...but I tested the rest of the script asking for TokenType & that seems to work...
Code:
Gosub, WindowsConstants
Debug=1
Debug_Success=1
;//TokenInformationClass:=TokenType
TokenInformationClass:=TokenElevationType
;//sizeof_hToken:=VarSetCapacity(hToken, 128, 0)
;//sizeof_elevationType:=VarSetCapacity(elevationType, 128, 0)
;//sizeof_ReturnLength:=VarSetCapacity(ReturnLength, 128, 0)
DllCall("SetLastError", "UInt", 0)
ret:=DllCall("Advapi32.dll\OpenProcessToken", "UInt", DllCall("GetCurrentProcess"), "UInt", TOKEN_QUERY, "UIntP", hToken)
;//NumGet_hToken:=NumGet(hToken)
msgbox.="`nret(" ret ") el(" errorlevel ") le(" A_LastError ")`t`tOpenProcessToken`t`thToken(" hToken ") NumGet_hToken(" NumGet_hToken ")"
DllCall("SetLastError", "UInt", 0)
DllCall("Advapi32.dll\GetTokenInformation"
, "UInt", hToken ;//__in HANDLE TokenHandle,
, "UInt", TokenInformationClass ;//__in TOKEN_INFORMATION_CLASS TokenInformationClass,
, "Int", 0 ;//__out_opt LPVOID TokenInformation,
, "Int", 0 ;//__in DWORD TokenInformationLength,
, "UIntP", ReturnLength) ;//__out PDWORD ReturnLength
msgbox.="`nret(" ret ") el(" errorlevel ") le(" A_LastError ")`t`tGetTokenInformation1`tReturnLength(" ReturnLength ") NumGet(" NumGet(ReturnLength) ")"
sizeof_elevationType:=VarSetCapacity(elevationType, ReturnLength, 0)
DllCall("SetLastError", "UInt", 0)
DllCall("Advapi32.dll\GetTokenInformation"
, "UInt", hToken ;//__in HANDLE TokenHandle,
, "UInt", TokenInformationClass ;//__in TOKEN_INFORMATION_CLASS TokenInformationClass,
, "UIntP", elevationType ;//__out_opt LPVOID TokenInformation,
, "Int", sizeof_elevationType ;//__in DWORD TokenInformationLength,
, "UIntP", ReturnLength) ;//__out PDWORD ReturnLength
;//NumGet_ReturnLength:=NumGet(ReturnLength)
;//NumGet_elevationType:=NumGet(elevationType)
msgbox.="`nret(" ret ") el(" errorlevel ") le(" A_LastError ")`t`tGetTokenInformation2`televationType(" elevationType ")"
;//msgbox, 64, , % "elevationType(" elevationType ")"
;//msgbox, 64, , % "NumGet_elevationType(" NumGet_elevationType ")"
;//GetTokenInformation(hToken, TokenElevationType, &elevationType, sizeof(elevationType), &dwSize)
if ((Debug && elevationType="") || (Debug_Success && elevationType!="")) {
debuginfo=
(LTrim
`n`n*** DEBUG ***
TokenInformationClass(%TokenInformationClass%)
elevationType(%elevationType%) sizeof_elevationType(%sizeof_elevationType%)
ReturnLength(%ReturnLength%) NumGet_ReturnLength(%NumGet_ReturnLength%)
%msgbox%
*** /DEBUG ***
)
}
if (elevationType=TokenElevationTypeDefault) {
msgbox, 64, , STANDARD USER`n`nTokenElevationTypeDefault - User is not using a split token.%debuginfo%
} else if (elevationType=TokenElevationTypeFull) {
msgbox, 64, , ADMIN USER WITH ADMIN PERMS`n`nTokenElevationTypeFull - User has a split token, and the process is running elevated.%debuginfo%
} else if (elevationType=TokenElevationTypeLimited) {
msgbox, 64, , ADMIN USER WITHOUT ADMIN PERMS`n`nTokenElevationTypeLimited - User has a split token, but the process is not running elevated.%debuginfo%
} else {
msgbox, 16, , UNKNOWN`n`nCouldn't retrieve TokenElevationType - Minimum OS needed for that info is WinVista...%debuginfo%
}
if (hToken) {
;//DllCall("SetLastError", "UInt", 0)
DllCall("CloseHandle", "UInt", hToken)
;//msgbox, 64, , % "`nret(" ret ") el(" errorlevel ") le(" A_LastError ")`t`tCloseHandle"
}
return
WindowsConstants:
TOKEN_QUERY:=0x0008
/*
typedef enum {
TokenElevationTypeDefault = 1,
TokenElevationTypeFull,
TokenElevationTypeLimited
} TOKEN_ELEVATION_TYPE , *PTOKEN_ELEVATION_TYPE;
*/
TokenElevationTypeDefault:=1
TokenElevationTypeFull:=2
TokenElevationTypeLimited:=3
/*typedef enum _TOKEN_INFORMATION_CLASS {
TokenUser = 1,
TokenGroups,
TokenPrivileges,
TokenOwner,
TokenPrimaryGroup,
TokenDefaultDacl,
TokenSource,
TokenType,
TokenImpersonationLevel,
TokenStatistics,
TokenRestrictedSids,
TokenSessionId,
TokenGroupsAndPrivileges,
TokenSessionReference,
TokenSandBoxInert,
TokenAuditPolicy,
TokenOrigin,
TokenElevationType,
TokenLinkedToken,
TokenElevation,
TokenHasRestrictions,
TokenAccessInformation,
TokenVirtualizationAllowed,
TokenVirtualizationEnabled,
TokenIntegrityLevel,
TokenUIAccess,
TokenMandatoryPolicy,
TokenLogonSid,
MaxTokenInfoClass
} TOKEN_INFORMATION_CLASS, *PTOKEN_INFORMATION_CLASS;
*/
TokenType:=8
TokenElevationType:=18
return
...I would like to see a reliable version for XP tho...
Login
Register
FAQ
Search
