Windows API 之 OpenProcessToken、GetTokenInformation
The following example uses the OpenProcessToken and GetTokenInformation functions to get the group memberships in an access token.
The GetTokenInformation function retrieves a specified type of information about an access token. The calling process must have appropriate access rights to obtain the information.
参考:
https://msdn.microsoft.com/en-us/library/windows/desktop/aa379554%28v=vs.85%29.aspx
The OpenProcessToken function opens the access token associated with a process.
参考:
https://msdn.microsoft.com/en-us/library/windows/desktop/aa379295%28v=vs.85%29.aspx
参数如下:
BOOL WINAPI GetTokenInformation(
_In_ HANDLE TokenHandle,
_In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
_Out_opt_ LPVOID TokenInformation,
_In_ DWORD TokenInformationLength,
_Out_ PDWORD ReturnLength
);
The AllocateAndInitializeSid function allocates and initializes a security identifier (SID) with up to eight subauthorities.
参考:
https://msdn.microsoft.com/en-us/library/windows/desktop/aa375213%28v=vs.85%29.aspx
参数如下:
pIdentifierAuthority [in]
A pointer to a SID_IDENTIFIER_AUTHORITY structure. This structure provides the top-level identifier authority value to set in the SID.
nSubAuthorityCount [in]
Specifies the number of subauthorities to place in the SID. This parameter also identifies how many of the subauthority parameters have meaningful values. This parameter must contain a value from to .
For example, a value of indicates that the subauthority values specified by the dwSubAuthority0, dwSubAuthority1, and dwSubAuthority2 parameters have meaningful values and to ignore the remainder.
dwSubAuthority0 [in]
Subauthority value to place in the SID.
pSid [out]
A pointer to a variable that receives the pointer to the allocated and initialized SID structure.
access token含义:
参考:
An access token contains the security information for a logon session. The system creates an access token when a user logs on, and every process executed on behalf of the user has a copy of the token. The token identifies the user, the user's groups, and the user's privileges. The system uses the token to control access to securable objects and to control the ability of the user to perform various system-related operations on the local computer. There are two kinds of access token, primary and impersonation.
SID含义:
The system uses the SID in the access token to identify the user in all subsequent interactions with Windows security.
参考:
https://msdn.microsoft.com/en-us/library/windows/desktop/aa379571%28v=vs.85%29.aspx
#include <windows.h>
#include <stdio.h>
#pragma comment(lib, "advapi32.lib") #define MAX_NAME 256 using namespace std; int main()
{
DWORD i, dwSize = , dwResult = ;
HANDLE hToken;
PTOKEN_GROUPS pGroupInfo;
PSID pSID = NULL;
SID_IDENTIFIER_AUTHORITY SIDAuth = SECURITY_NT_AUTHORITY;
char lpName[MAX_NAME];
char lpDomain[MAX_NAME];
SID_NAME_USE SidType; // Open a handle to the access token for the calling process.
//TOKEN_QUERY:Required to query an access token.
//GetCurrentProcess()返回进程句柄
//[out]hToken是access token的句柄
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken))
{
printf("OpenProcessToken Error %u\n", GetLastError());
return FALSE;
} //前后两次调用GetTokenInformation的目的不同
// Call GetTokenInformation to get the buffer size.
//The TOKEN_GROUPS structure contains information about the group security identifiers (SIDs) in an access token.
if (!GetTokenInformation(hToken, TokenGroups, NULL, dwSize, &dwSize))
{
dwResult = GetLastError();
if (dwResult != ERROR_INSUFFICIENT_BUFFER) {
printf("GetTokenInformation Error %u\n", dwResult);
return FALSE;
}
} // Allocate the buffer.
pGroupInfo = (PTOKEN_GROUPS)GlobalAlloc(GPTR, dwSize); // Call GetTokenInformation again to get the group information. if (!GetTokenInformation(hToken, TokenGroups, pGroupInfo,
dwSize, &dwSize))
{
printf("GetTokenInformation Error %u\n", GetLastError());
return FALSE;
} // Create a SID for the BUILTIN\Administrators group. if (!AllocateAndInitializeSid(&SIDAuth, ,
SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS,
, , , , , ,
&pSID))
{
printf("AllocateAndInitializeSid Error %u\n", GetLastError());
return FALSE;
}
// Loop through the group SIDs looking for the administrator SID.
//
for (i = ; i < pGroupInfo->GroupCount; i++)
{
if (EqualSid(pSID, pGroupInfo->Groups[i].Sid))
{ // Lookup the account name and print it. dwSize = MAX_NAME;
if (!LookupAccountSid(NULL, pGroupInfo->Groups[i].Sid,
lpName, &dwSize, lpDomain,
&dwSize, &SidType))
{
dwResult = GetLastError();
if (dwResult == ERROR_NONE_MAPPED)
strcpy_s(lpName, dwSize, "NONE_MAPPED");
else
{
printf("LookupAccountSid Error %u\n", GetLastError());
return FALSE;
}
} printf("Current user is a member of the %s\\%s group\n",
lpDomain, lpName); // Find out whether the SID is enabled in the token.
if (pGroupInfo->Groups[i].Attributes & SE_GROUP_ENABLED)
printf("The group SID is enabled.\n");
else if (pGroupInfo->Groups[i].Attributes &
SE_GROUP_USE_FOR_DENY_ONLY)
printf("The group SID is a deny-only SID.\n");
else
printf("The group SID is not enabled.\n");
}
}
if (pSID)
FreeSid(pSID);
if (pGroupInfo)
GlobalFree(pGroupInfo); system("pause");
return ;
}
整体流程:
OpenProcessToken:获取token句柄
GetTokenInformation:获取group information
for循环:在group中查找
Windows API 之 OpenProcessToken、GetTokenInformation的更多相关文章
- Windows API 进程相关笔记
0. 前言 最近做了一个进程信息相关的项目,整理了一下自己做项目时的笔记,分享给大家 1. 相关概念 1.1 HANDLE 概念 HANDLE(句柄)是Windows操作系统中的一个概念. 在Wind ...
- Windows API 学习
Windows API学习 以下都是我个人一些理解,笔者不太了解windows开发,如有错误请告知,非常感谢,一切以microsoft官方文档为准. https://docs.microsoft.co ...
- C# Windows API
API:应用程序接口(API:Application Program Interface)应用程序接口(API:application programming interface)是一组定义.程序及协 ...
- Windows API 函数列表 附帮助手册
所有Windows API函数列表,为了方便查询,也为了大家查找,所以整理一下贡献出来了. 帮助手册:700多个Windows API的函数手册 免费下载 API之网络函数 API之消息函数 API之 ...
- Windows API Hooking in Python
catalogue . 相关基础知识 . Deviare API Hook Overview . 使用ctypes调用Windows API . pydbg . winappdbg . dll inj ...
- 初识【Windows API】--文本去重
最近学习操作系统中,老师布置了一个作业,运用系统调用函数删除文件夹下两个重复文本类文件,Linux玩不动,于是就只能在Windows下进行了. 看了一下介绍Windows API的博客: 点击打开 基 ...
- C#调用windows API的一些方法
使用C#调用windows API(从其它地方总结来的,以备查询) C#调用windows API也可以叫做C#如何直接调用非托管代码,通常有2种方法: 1. 直接调用从 DLL 导出的函数. 2. ...
- Qt中使用Windows API
在Windows平台上进行开发,不可避免与Windows API打交道,Qt中使用的时候要添加对应API的头文件和链接lib文件,另外使用的Windows API的代码部分要使用#ifdef Q_O ...
- 在VBA中使用Windows API
VBA是一种强大的编程语言,可用于自定义Microsoft Office解决方案.通过使用VBA处理一个或多个Office应用程序对象模型,可以容易地修改Office应用程序的功能或者能够使两个或多个 ...
随机推荐
- jvm的可见性的理解
同步包括两方面的含义: 独占性和可见性. 很多人仅仅理解了独占性,而忽略了可见性. 根据Java Language Specification中的说明, jvm系统中存在一个主内存(Main Memo ...
- Python 学习笔记12
不积跬步,无以至千里.不积小流,无以成江河. 当我觉得沮丧.绝望的时候,就疯狂的敲代码,这样会好受一点. 今天和昨天敲了两天的小程序,算是对python的具体语法规则有个初步的手熟. http://w ...
- PowerDesigner 的mysql PDM 的COMMENT注释
PowerDesigner 的mysql PDM 的COMMENT注释 2012-11-01 15:38 4447人阅读 评论(0) 举报 分类: 数据库相关(7) PowerDesigner 的my ...
- 全排列dfs算法
如下 #include <iostream> using namespace std; #define MAX 10 #define _CRT_SECURE_NO_WARNINGS int ...
- 重复T次的LIS的dp Codeforces Round #323 (Div. 2) D
http://codeforces.com/contest/583/problem/D 原题:You are given an array of positive integers a1, a2, . ...
- 复用TCP连接提升流媒体服务器之间流量转发效率
由于媒体推流客户端所在地域不同.所接入网络运营商不同.就近接入原则等因素,导致不同的视频推流客户端会推流至不同的流媒体服务器(本文主要针对目前WEB或手机的基于TCP的流媒体服务器),在某流媒体服务器 ...
- 1-10w之间的整数中有几个完全平方数
#include "stdio.h" #include<math.h> void main() { ,x,y; printf("1-10w之间的整数中有以下几 ...
- IP子网掩码格式转换
def exchange_maskint(mask_int): bin_arr = [' for i in range(32)] for i in range(mask_int): bin_arr[i ...
- UVA 796 Critical Links
输出桥. #include<cstdio> #include<cstring> #include<cmath> #include<vector> #in ...
- JS获取网页中HTML元素的几种方法分析
getElementById getElementsByName getElementsByTagName 大概介绍 getElementById ,getElementsByName ,getEle ...