How to check if active window runs as admin? Topic is solved

Get help with using AutoHotkey and its commands and hotkeys
gqqnbig
Posts: 13
Joined: 27 Jul 2014, 15:00

How to check if active window runs as admin?

Post by gqqnbig » 27 Jan 2018, 03:07

Tons of questions and articles are talking about how to run AutoHotKey as admin. However I'm doing the opposite way.

I know my script runs under normal user mode, can my script check if another window runs under admin mode?

gqqnbig
Posts: 13
Joined: 27 Jul 2014, 15:00

Re: How to check if active window runs as admin?

Post by gqqnbig » 28 Jan 2018, 14:23

anyone?

qwerty12
Posts: 468
Joined: 04 Mar 2016, 04:33
GitHub: qwerty12

Re: How to check if active window runs as admin?

Post by qwerty12 » 29 Jan 2018, 07:28

You could try https://github.com/jNizM/AHK_Scripts/bl ... evated.ahk, just with "OpenProcess", "uint", 0x0400 changed to "OpenProcess", "uint", 0x1000. Use WinGet, PID, PID, A to get the PID of the active window, which you can then pass to IsProcessElevated.

Slightly related but not entirely relevant: UI Access programs (the Windows 8+ touch keyboard for one) / other programs running with an higher IL than your script process are probably just as impossible to control with an unelevated AHK, even though they might not be "elevated". IPE might not tell you if that's the case for such a program.
jeeswg wrote:- I would welcome any suggestions, there may be other improvements possible.
No, that looks good.
Last edited by qwerty12 on 29 Jan 2018, 09:41, edited 1 time in total.

User avatar
jeeswg
Posts: 6902
Joined: 19 Dec 2016, 01:58
Location: UK

Re: How to check if active window runs as admin?  Topic is solved

Post by jeeswg » 29 Jan 2018, 08:37

- Good call re. 0x400 v. 0x1000, qwerty12, cheers. My non-admin script now correctly returns 1, when it queries RegEdit, instead of -1, meaning error.
- This is the function I have been using in the past, with the exception that I have just changed 0x400 (PROCESS_QUERY_INFORMATION) to 0x1000 (PROCESS_QUERY_LIMITED_INFORMATION).
- I would welcome any suggestions, there may be other improvements possible.

Code: Select all

q:: ;is process admin
WinGet, vPID, PID, ahk_class RegEdit_RegEdit
MsgBox, % JEE_ProcessIsElevated(vPID)
WinGet, vPID, PID, ahk_class Notepad
MsgBox, % JEE_ProcessIsElevated(vPID)
return

;1/0/-1: elevated/not elevated/error (probably elevated)
;JEE_ProcessIsAdmin
JEE_ProcessIsElevated(vPID)
{
	;PROCESS_QUERY_LIMITED_INFORMATION := 0x1000
	if !(hProc := DllCall("kernel32\OpenProcess", "UInt",0x1000, "Int",0, "UInt",vPID, "Ptr"))
		return -1
	;TOKEN_QUERY := 0x8
	hToken := 0
	if !(DllCall("advapi32\OpenProcessToken", "Ptr",hProc, "UInt",0x8, "Ptr*",hToken))
	{
		DllCall("kernel32\CloseHandle", "Ptr",hProc)
		return -1
	}
	;TokenElevation := 20
	vIsElevated := vSize := 0
	vRet := (DllCall("advapi32\GetTokenInformation", "Ptr",hToken, "Int",20, "UInt*",vIsElevated, "UInt",4, "UInt*",vSize))
	DllCall("kernel32\CloseHandle", "Ptr",hToken)
	DllCall("kernel32\CloseHandle", "Ptr",hProc)
	return vRet ? vIsElevated : -1
}
[EDIT: hToken/vIsElevated/vSize defined in advance, to prevent #Warn notifications. And DllCall parameter types now use double quotes (to be more forwards compatible).]
Last edited by jeeswg on 16 Sep 2019, 16:48, edited 1 time in total.
homepage | tutorials | wish list | fun threads | donate
WARNING: copy your posts/messages before hitting Submit as you may lose them due to CAPTCHA

gqqnbig
Posts: 13
Joined: 27 Jul 2014, 15:00

Re: How to check if active window runs as admin?

Post by gqqnbig » 30 Jan 2018, 03:30

Thanks, jeeswg.

I made a modification by declaring the variables before use so that in #warn mode it doesn't throw exception.

Code: Select all

q:: ;is process admin
WinGet, vPID, PID, ahk_class RegEdit_RegEdit
MsgBox, % JEE_ProcessIsElevated(vPID)
WinGet, vPID, PID, ahk_class Notepad
MsgBox, % JEE_ProcessIsElevated(vPID)
return

;1/0/-1: elevated/not elevated/error (probably elevated)
;JEE_ProcessIsAdmin
JEE_ProcessIsElevated(vPID)
{
	;PROCESS_QUERY_LIMITED_INFORMATION := 0x1000
	if !(hProc := DllCall("kernel32\OpenProcess", UInt,0x1000, Int,0, UInt,vPID, Ptr))
		return -1
	;TOKEN_QUERY := 0x8
	hToken:=0
	if !(DllCall("advapi32\OpenProcessToken", Ptr,hProc, UInt,0x8, PtrP,hToken))
	{
		DllCall("kernel32\CloseHandle", Ptr,hProc)
		return -1
	}
	;TokenElevation := 20
	vIsElevated:=0
	vSize:=0
	vRet := (DllCall("advapi32\GetTokenInformation", Ptr,hToken, Int,20, UIntP,vIsElevated, UInt,4, UIntP,vSize))
	DllCall("kernel32\CloseHandle", Ptr,hToken)
	DllCall("kernel32\CloseHandle", Ptr,hProc)
	return vRet ? vIsElevated : -1
}

Post Reply

Return to “Ask For Help”