AutoHotkey Community

Posted: **27 Jan 2018, 03:07**

Tons of questions and articles are talking about how to run AutoHotKey as admin. However I'm doing the opposite way.

I know my script runs under normal user mode, can my script check if another window runs under admin mode?

Posted: **28 Jan 2018, 14:23**

anyone?

Posted: **29 Jan 2018, 07:28**

You could try https://github.com/jNizM/AHK_Scripts/bl ... evated.ahk, just with "OpenProcess", "uint", 0x0400 changed to "OpenProcess", "uint", 0x1000. Use WinGet, PID, PID, A to get the PID of the active window, which you can then pass to IsProcessElevated.

Slightly related but not entirely relevant: UI Access programs (the Windows 8+ touch keyboard for one) / other programs running with an higher IL than your script process are probably just as impossible to control with an unelevated AHK, even though they might not be "elevated". IPE might not tell you if that's the case for such a program.

jeeswg wrote:- I would welcome any suggestions, there may be other improvements possible.

No, that looks good.

Posted: **29 Jan 2018, 08:37**

- Good call re. 0x400 v. 0x1000, qwerty12, cheers. My non-admin script now correctly returns 1, when it queries RegEdit, instead of -1, meaning error.
- This is the function I have been using in the past, with the exception that I have just changed 0x400 (PROCESS_QUERY_INFORMATION) to 0x1000 (PROCESS_QUERY_LIMITED_INFORMATION).
- I would welcome any suggestions, there may be other improvements possible.

Code: Select all

q:: ;is process admin
WinGet, vPID, PID, ahk_class RegEdit_RegEdit
MsgBox, % JEE_ProcessIsElevated(vPID)
WinGet, vPID, PID, ahk_class Notepad
MsgBox, % JEE_ProcessIsElevated(vPID)
return

;1/0/-1: elevated/not elevated/error (probably elevated)
;JEE_ProcessIsAdmin
JEE_ProcessIsElevated(vPID)
{
	;PROCESS_QUERY_LIMITED_INFORMATION := 0x1000
	if !(hProc := DllCall("kernel32\OpenProcess", "UInt",0x1000, "Int",0, "UInt",vPID, "Ptr"))
		return -1
	;TOKEN_QUERY := 0x8
	hToken := 0
	if !(DllCall("advapi32\OpenProcessToken", "Ptr",hProc, "UInt",0x8, "Ptr*",hToken))
	{
		DllCall("kernel32\CloseHandle", "Ptr",hProc)
		return -1
	}
	;TokenElevation := 20
	vIsElevated := vSize := 0
	vRet := (DllCall("advapi32\GetTokenInformation", "Ptr",hToken, "Int",20, "UInt*",vIsElevated, "UInt",4, "UInt*",vSize))
	DllCall("kernel32\CloseHandle", "Ptr",hToken)
	DllCall("kernel32\CloseHandle", "Ptr",hProc)
	return vRet ? vIsElevated : -1
}

[EDIT: hToken/vIsElevated/vSize defined in advance, to prevent #Warn notifications. And DllCall parameter types now use double quotes (to be more forwards compatible).]

Posted: **30 Jan 2018, 03:30**

Thanks, jeeswg.

I made a modification by declaring the variables before use so that in #warn mode it doesn't throw exception.

Code: Select all

q:: ;is process admin
WinGet, vPID, PID, ahk_class RegEdit_RegEdit
MsgBox, % JEE_ProcessIsElevated(vPID)
WinGet, vPID, PID, ahk_class Notepad
MsgBox, % JEE_ProcessIsElevated(vPID)
return

;1/0/-1: elevated/not elevated/error (probably elevated)
;JEE_ProcessIsAdmin
JEE_ProcessIsElevated(vPID)
{
	;PROCESS_QUERY_LIMITED_INFORMATION := 0x1000
	if !(hProc := DllCall("kernel32\OpenProcess", UInt,0x1000, Int,0, UInt,vPID, Ptr))
		return -1
	;TOKEN_QUERY := 0x8
	hToken:=0
	if !(DllCall("advapi32\OpenProcessToken", Ptr,hProc, UInt,0x8, PtrP,hToken))
	{
		DllCall("kernel32\CloseHandle", Ptr,hProc)
		return -1
	}
	;TokenElevation := 20
	vIsElevated:=0
	vSize:=0
	vRet := (DllCall("advapi32\GetTokenInformation", Ptr,hToken, Int,20, UIntP,vIsElevated, UInt,4, UIntP,vSize))
	DllCall("kernel32\CloseHandle", Ptr,hToken)
	DllCall("kernel32\CloseHandle", Ptr,hProc)
	return vRet ? vIsElevated : -1
}

AutoHotkey Community

How to check if active window runs as admin?

How to check if active window runs as admin?

Re: How to check if active window runs as admin?

Re: How to check if active window runs as admin?

Re: How to check if active window runs as admin? Topic is solved

Re: How to check if active window runs as admin?