PureBasic Forums - English

http://www.purebasic.com
https://www.purebasic.fr/english/

[Windows] IsProcessEvelated()

https://www.purebasic.fr/english/viewtopic.php?t=78001

Page 1 of 1

[Windows] IsProcessEvelated()

Posted: Fri Oct 01, 2021 8:35 pm
by Mijikai
One of the ways to see if your program runs with evelated rights (was started by an admin).

Code:

Code: Select all

EnableExplicit

;IsProcessEvelated()
;Checks if the process is evelated (runs with admin rights).

Procedure.i IsProcessEvelated()
  Protected hlib.i
  Protected *ascii
  Protected *proc
  hlib = LoadLibrary_("shell32.dll")
  If hlib
    *ascii = Ascii("SHTestTokenMembership");<- available since Windows XP!
    If *ascii
      *proc = GetProcAddress_(hlib,*ascii)
      FreeMemory(*ascii)
      If *proc
        ProcedureReturn CallFunctionFast(*proc,#Null,$220);DOMAIN_ALIAS_RID_ADMINS
      EndIf
    EndIf
  EndIf
  ProcedureReturn #False
EndProcedure

Debug IsProcessEvelated()

End

Same Code as before but less insane:

Code: Select all

EnableExplicit

;IsProcessEvelated()
;Checks if a the process is evelated (runs with admin rights).

Procedure.i IsProcessEvelated()
  Protected *proc
  *proc = GetProcAddress_(LoadLibrary_("shell32.dll"),?SHTestTokenMembership)
  If *proc
    ProcedureReturn CallFunctionFast(*proc,#Null,$220);DOMAIN_ALIAS_RID_ADMINS
  EndIf
  ProcedureReturn #False
  SHTestTokenMembership:
  !db 'SHTestTokenMembership',0x0
EndProcedure

Debug IsProcessEvelated()

End

The sanest Version of the Code (it properly imports the function):

Code: Select all


EnableExplicit

Import "shell32.lib";<- from ms sdk
  SHTestTokenMembership_.i(Token.i,RID.i) As "SHTestTokenMembership"
EndImport

;IsProcessEvelated()
;Checks if a the process is evelated (runs with admin rights).

Macro IsProcessEvelated()
  SHTestTokenMembership_(#Null,$220)
EndMacro

Debug IsProcessEvelated()

End
Have fun :)

Re: [Windows] IsProcessEvelated()

Posted: Sat Oct 02, 2021 3:17 am
by BarryG
[Deleted due to no response]

Re: [Windows] IsProcessEvelated()

Posted: Sat Oct 02, 2021 4:26 am
by Paul
Just a note from docs.microsoft.com
SHTestTokenMembership
"Uses CheckTokenMembership to test whether the given token is a member of the local group with the specified RID."

"This function wraps CheckTokenMembership and only checks local groups."
IsUserAnAdmin
"Tests whether the current user is a member of the Administrator's group."
"Available for use in the operating systems specified in the Requirements section. It may be altered or unavailable in subsequent versions"

"This function is a wrapper for CheckTokenMembership. It is recommended to call that function directly to determine Administrator group status rather than calling IsUserAnAdmin."
CheckTokenMembership
"The CheckTokenMembership function determines whether a specified security identifier (SID) is enabled in an access token. If you want to determine group membership for app container tokens, you need to use the CheckTokenMembershipEx function."

"The CheckTokenMembership function simplifies the process of determining whether a SID is both present and enabled in an access token."

Re: [Windows] IsProcessEvelated()

Posted: Sat Oct 02, 2021 10:01 am
by Mijikai
If u want to be less offical u can also skip the membership check and just evaluate the token.

Re: [Windows] IsProcessEvelated()

Posted: Sat Oct 02, 2021 2:24 pm
by Paul
@ Mijikai

I really appreciate how you show 3 different ways to accomplish the same goal.
Nice work!
All times are UTC+01:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited