Heya all.
I have spent the whole day trying to write a function that will return 0 if the process is running elevated. (It's been a while since I wrote anything Windows related.) Eventually, I wrote something close to working code:
Code:
int TokenIsElevated() // Returns 0 if process is elevated, 1 if process is not elevated or -1 if a function fails.
{
DWORD CurrentProcPID = GetCurrentProcessId();
if (!CurrentProcPID)
{
MessageBox(NULL, "GetCurrentProcessID function call failed.", "Test 4.exe", MB_ICONEXCLAMATION | MB_OK);
return -1;
}
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, TRUE, CurrentProcPID);
if (!hProcess)
{
MessageBox(NULL, "OpenProcess function call failed.", "Test 4.exe", MB_ICONEXCLAMATION | MB_OK);
CloseHandle(hProcess);
return -1;
}
PHANDLE hToken;
if(OpenProcessToken(hProcess, TOKEN_READ, hToken) == 0)
{
MessageBox(NULL, "OpenProcessToken function call failed.", "Test 4.exe", MB_ICONEXCLAMATION | MB_OK);
CloseHandle(hProcess);
CloseHandle(hToken);
return -1;
}
TOKEN_ELEVATION_TYPE ElevationType = TokenElevationTypeDefault;
DWORD SizeReturned = 0;
if (!GetTokenInformation(hToken, TokenElevationType, &ElevationType, sizeof(ElevationType), &SizeReturned))
{
MessageBox(NULL, "GetTokenInformation function call failed.", "Test 4.exe", MB_ICONEXCLAMATION | MB_OK);
CloseHandle(hProcess);
CloseHandle(hToken);
return -1;
}
if (ElevationType == TokenElevationTypeFull);
{
CloseHandle(hProcess);
CloseHandle(hToken);
return 0;
}
else
{
CloseHandle(hProcess);
CloseHandle(hToken);
return 1;
}
}
The code compiled fine until I wrote this section:
Code:
TOKEN_ELEVATION_TYPE ElevationType = TokenElevationTypeDefault;
DWORD SizeReturned = 0;
if (!GetTokenInformation(hToken, TokenElevationType, &ElevationType, sizeof(ElevationType), &SizeReturned))
{
MessageBox(NULL, "GetTokenInformation function call failed.", "Test 4.exe", MB_ICONEXCLAMATION | MB_OK);
CloseHandle(hProcess);
CloseHandle(hToken);
return -1;
}
if (ElevationType == TokenElevationTypeFull);
{
CloseHandle(hProcess);
CloseHandle(hToken);
return 0;
}
else
{
CloseHandle(hProcess);
CloseHandle(hToken);
return 1;
}
The above section of code will not compile because TOKEN_ELEVATION_TYPE, TokenElevationType and TokenElevationTypeFull are undefined. So I started searching the internet to find out where these definitions are (which took a very long time due to the limited documentation). I found that these were included in a Vista SDK. So I tried to create them myself by placing the following at the top of my code:
Code:
typedef enum _TOKEN_INFORMATION_CLASS
{
TokenUser = 1,
TokenGroups,
TokenPrivileges,
TokenOwner,
TokenPrimaryGroup,
TokenDefaultDacl,
TokenSource,
TokenType,
TokenImpersonationLevel,
TokenStatistics,
TokenRestrictedSids,
TokenSessionId,
TokenGroupsAndPrivileges,
TokenSessionReference,
TokenSandBoxInert,
TokenAuditPolicy,
TokenOrigin,
TokenElevationType,
TokenLinkedToken,
TokenElevation,
TokenHasRestrictions,
TokenAccessInformation,
TokenVirtualizationAllowed,
TokenVirtualizationEnabled,
TokenIntegrityLevel,
TokenUIAccess,
TokenMandatoryPolicy,
TokenLogonSid,
MaxTokenInfoClass // MaxTokenInfoClass should always be the last enum
} TOKEN_INFORMATION_CLASS, *PTOKEN_INFORMATION_CLASS;
typedef enum _TOKEN_ELEVATION_TYPE
{
TokenElevationTypeDefault = 1,
TokenElevationTypeFull,
TokenElevationTypeLimited,
} TOKEN_ELEVATION_TYPE, *PTOKEN_ELEVATION_TYPE;
However, this results in multiple definitions of _TOKEN_INFORMATION_CLASS and _TOKEN_ELEVATION_TYPE (and their members), and, because I do not understand this code (I found it on the internet), I do not know what to do.
Any advice would be greatly appreciated.
Thankyou for your time.
Necrofear
IDE: Dev-C++ 4.9.9.2