The following example uses the OpenProcessToken and GetTokenInformation functions to get the group memberships in an access token.

The GetTokenInformation function retrieves a specified type of information about an access token. The calling process must have appropriate access rights to obtain the information.

参考:

https://msdn.microsoft.com/en-us/library/windows/desktop/aa379554%28v=vs.85%29.aspx

The OpenProcessToken function opens the access token associated with a process.

参考:

https://msdn.microsoft.com/en-us/library/windows/desktop/aa379295%28v=vs.85%29.aspx

参数如下:

BOOL WINAPI GetTokenInformation(

  _In_      HANDLE                  TokenHandle,

  _In_      TOKEN_INFORMATION_CLASS TokenInformationClass,

  _Out_opt_ LPVOID                  TokenInformation,

  _In_      DWORD                   TokenInformationLength,

  _Out_     PDWORD                  ReturnLength

);

The AllocateAndInitializeSid function allocates and initializes a security identifier (SID) with up to eight subauthorities.

参考:

https://msdn.microsoft.com/en-us/library/windows/desktop/aa375213%28v=vs.85%29.aspx

参数如下:

pIdentifierAuthority [in]

    A pointer to a SID_IDENTIFIER_AUTHORITY structure. This structure provides the top-level identifier authority value to set in the SID.

nSubAuthorityCount [in]

    Specifies the number of subauthorities to place in the SID. This parameter also identifies how many of the subauthority parameters have meaningful values. This parameter must contain a value from  to .

    For example, a value of  indicates that the subauthority values specified by the dwSubAuthority0, dwSubAuthority1, and dwSubAuthority2 parameters have meaningful values and to ignore the remainder.

dwSubAuthority0 [in]

    Subauthority value to place in the SID.

pSid [out]

    A pointer to a variable that receives the pointer to the allocated and initialized SID structure.

access token含义:

参考:

https://msdn.microsoft.com/en-us/library/windows/desktop/ms721532%28v=vs.85%29.aspx#_security_access_token_gly

An access token contains the security information for a logon session. The system creates an access token when a user logs on, and every process executed on behalf of the user has a copy of the token. The token identifies the user, the user's groups, and the user's privileges. The system uses the token to control access to securable objects and to control the ability of the user to perform various system-related operations on the local computer. There are two kinds of access token, primary and impersonation.

SID含义:

The system uses the SID in the access token to identify the user in all subsequent interactions with Windows security.

参考:

https://msdn.microsoft.com/en-us/library/windows/desktop/aa379571%28v=vs.85%29.aspx

#include <windows.h>

#include <stdio.h>

#pragma comment(lib, "advapi32.lib")

#define MAX_NAME 256

using namespace std;

int main()

{

    DWORD i, dwSize = , dwResult = ;

    HANDLE hToken;

    PTOKEN_GROUPS pGroupInfo;

    PSID pSID = NULL;

    SID_IDENTIFIER_AUTHORITY SIDAuth = SECURITY_NT_AUTHORITY;

    char lpName[MAX_NAME];

    char lpDomain[MAX_NAME];

    SID_NAME_USE SidType;

    // Open a handle to the access token for the calling process.

    //TOKEN_QUERY:Required to query an access token.

    //GetCurrentProcess()返回进程句柄

    //[out]hToken是access token的句柄

    if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken))

    {

        printf("OpenProcessToken Error %u\n", GetLastError());

        return FALSE;

    }

    //前后两次调用GetTokenInformation的目的不同

    // Call GetTokenInformation to get the buffer size.

    //The TOKEN_GROUPS structure contains information about the group security identifiers (SIDs) in an access token.

    if (!GetTokenInformation(hToken, TokenGroups, NULL, dwSize, &dwSize))

    {

        dwResult = GetLastError();

        if (dwResult != ERROR_INSUFFICIENT_BUFFER) {

            printf("GetTokenInformation Error %u\n", dwResult);

            return FALSE;

        }

    }

    // Allocate the buffer.

    pGroupInfo = (PTOKEN_GROUPS)GlobalAlloc(GPTR, dwSize);

    // Call GetTokenInformation again to get the group information.

    if (!GetTokenInformation(hToken, TokenGroups, pGroupInfo,

        dwSize, &dwSize))

    {

        printf("GetTokenInformation Error %u\n", GetLastError());

        return FALSE;

    }

    // Create a SID for the BUILTIN\Administrators group.

    if (!AllocateAndInitializeSid(&SIDAuth, ,

        SECURITY_BUILTIN_DOMAIN_RID,

        DOMAIN_ALIAS_RID_ADMINS,

        , , , , , ,

        &pSID))

    {

        printf("AllocateAndInitializeSid Error %u\n", GetLastError());

        return FALSE;

    }

    // Loop through the group SIDs looking for the administrator SID.

    //

    for (i = ; i < pGroupInfo->GroupCount; i++)

    {

        if (EqualSid(pSID, pGroupInfo->Groups[i].Sid))

        {

            // Lookup the account name and print it.

            dwSize = MAX_NAME;

            if (!LookupAccountSid(NULL, pGroupInfo->Groups[i].Sid,

                lpName, &dwSize, lpDomain,

                &dwSize, &SidType))

            {

                dwResult = GetLastError();

                if (dwResult == ERROR_NONE_MAPPED)

                    strcpy_s(lpName, dwSize, "NONE_MAPPED");

                else

                {

                    printf("LookupAccountSid Error %u\n", GetLastError());

                    return FALSE;

                }

            }

            printf("Current user is a member of the %s\\%s group\n",

                lpDomain, lpName);

            // Find out whether the SID is enabled in the token.

            if (pGroupInfo->Groups[i].Attributes & SE_GROUP_ENABLED)

                printf("The group SID is enabled.\n");

            else if (pGroupInfo->Groups[i].Attributes &

                SE_GROUP_USE_FOR_DENY_ONLY)

                printf("The group SID is a deny-only SID.\n");

            else

                printf("The group SID is not enabled.\n");

        }

    }

    if (pSID)

        FreeSid(pSID);

    if (pGroupInfo)

        GlobalFree(pGroupInfo);

    system("pause");

    return ;

}

整体流程:

OpenProcessToken:获取token句柄

GetTokenInformation:获取group information

for循环:在group中查找

Windows API 之 OpenProcessToken、GetTokenInformation的更多相关文章

  1. Windows API 进程相关笔记

    0. 前言 最近做了一个进程信息相关的项目,整理了一下自己做项目时的笔记,分享给大家 1. 相关概念 1.1 HANDLE 概念 HANDLE(句柄)是Windows操作系统中的一个概念. 在Wind ...

  2. Windows API 学习

    Windows API学习 以下都是我个人一些理解,笔者不太了解windows开发,如有错误请告知,非常感谢,一切以microsoft官方文档为准. https://docs.microsoft.co ...

  3. C# Windows API

    API:应用程序接口(API:Application Program Interface)应用程序接口(API:application programming interface)是一组定义.程序及协 ...

  4. Windows API 函数列表 附帮助手册

    所有Windows API函数列表,为了方便查询,也为了大家查找,所以整理一下贡献出来了. 帮助手册:700多个Windows API的函数手册 免费下载 API之网络函数 API之消息函数 API之 ...

  5. Windows API Hooking in Python

    catalogue . 相关基础知识 . Deviare API Hook Overview . 使用ctypes调用Windows API . pydbg . winappdbg . dll inj ...

  6. 初识【Windows API】--文本去重

    最近学习操作系统中,老师布置了一个作业,运用系统调用函数删除文件夹下两个重复文本类文件,Linux玩不动,于是就只能在Windows下进行了. 看了一下介绍Windows API的博客: 点击打开 基 ...

  7. C#调用windows API的一些方法

    使用C#调用windows API(从其它地方总结来的,以备查询) C#调用windows API也可以叫做C#如何直接调用非托管代码,通常有2种方法: 1.  直接调用从 DLL 导出的函数. 2. ...

  8. Qt中使用Windows API

    在Windows平台上进行开发,不可避免与Windows API打交道,Qt中使用的时候要添加对应API的头文件和链接lib文件,另外使用的Windows API的代码部分要使用#ifdef  Q_O ...

  9. 在VBA中使用Windows API

    VBA是一种强大的编程语言,可用于自定义Microsoft Office解决方案.通过使用VBA处理一个或多个Office应用程序对象模型,可以容易地修改Office应用程序的功能或者能够使两个或多个 ...

随机推荐

  1. 设M=5^2003+7^2004+9^2005+11^2006,求证8|M。(整除理论,1.1.8)

    设M=52003+72004+92005+112006,求证8|M. 证明: 前提:对于,52003让我们去构造8,即用8-3替换5 第一步:用8-3替换5,且仅替换一个, 第二步:进行分项,则前一项 ...

  2. java实现树型结构样式

    import javax.swing.*; import javax.swing.event.*; import javax.swing.tree.*; public class Root exten ...

  3. 借助nginx搭建反向代理服务器小例

    1 反向代理: 反向代理(Reverse Proxy)方式是指以代理服务器接收internet上的连接请求,然后将请求转发给内部网络上的服务器,并将从服务器上得到的结果返回给internet上请求连接 ...

  4. sql语句的group by与having子句

    准备数据: DROP TABLE IF EXISTS `t_player`; CREATE TABLE `t_player` ( `player_id` int(11) NOT NULL AUTO_I ...

  5. NOIP2015普及组第四题推销员

    好久没有写博客了,今天再写一篇.还是先看题: 试题描述 阿明是一名推销员,他奉命到螺丝街推销他们公司的产品.螺丝街是一条死胡同,出口与入口是同一个,街道的一侧是围墙,另一侧是住户.螺丝街一共有 N 家 ...

  6. 8. Python自定义模块humansize

    我们在提取一个文件元信息的时候,经常会使用到获取元信息的size, 但是默认提取出来的是字节为单位计算的大小,我们需要转换成MB或者GB 或者TB的大小. 因此就需要使用到humansize这个模块, ...

  7. js中call方法的使用介绍

    js call call 方法 请参阅 应用于:Function 对象 要求 版本 5.5 调用一个对象的一个方法,以另一个对象替换当前对象. call([thisObj[,arg1[, arg2[, ...

  8. java返回json数据日期为一串数字字符串 js 转义

    var time = "2514484555"; //这只是事例,并不是实际的数据 function timeToString(time) { var datetime = new ...

  9. UIWebView是什么

    UIWebView类是用来显示网络内容.要使用它,可以简单的创造一个UIWebView对象,放置到窗口上,并且发送一个指向网络内容的请求.通过这个类,可以控制网页历史的前进後退,也可以通过程序去控制网 ...

  10. C#在Json反序列化中处理键的特殊字符

    假设有如下Json 数据: 1.{ 2."id" : 1, 3."@value" : "this a @", 4."$p" ...