Windows API 之 OpenProcessToken、GetTokenInformation

來源:互聯網
上載者:User

標籤:

The following example uses the OpenProcessToken and GetTokenInformation functions to get the group memberships in an access token.

The GetTokenInformation function retrieves a specified type of information about an access token. The calling process must have appropriate access rights to obtain the information.

參考:

https://msdn.microsoft.com/en-us/library/windows/desktop/aa379554%28v=vs.85%29.aspx

The OpenProcessToken function opens the access token associated with a process.

參考:

https://msdn.microsoft.com/en-us/library/windows/desktop/aa379295%28v=vs.85%29.aspx

參數如下:

BOOL WINAPI GetTokenInformation(  _In_      HANDLE                  TokenHandle,  _In_      TOKEN_INFORMATION_CLASS TokenInformationClass,  _Out_opt_ LPVOID                  TokenInformation,  _In_      DWORD                   TokenInformationLength,  _Out_     PDWORD                  ReturnLength);

The AllocateAndInitializeSid function allocates and initializes a security identifier (SID) with up to eight subauthorities.

參考:

https://msdn.microsoft.com/en-us/library/windows/desktop/aa375213%28v=vs.85%29.aspx

參數如下:

pIdentifierAuthority [in]    A pointer to a SID_IDENTIFIER_AUTHORITY structure. This structure provides the top-level identifier authority value to set in the SID.nSubAuthorityCount [in]    Specifies the number of subauthorities to place in the SID. This parameter also identifies how many of the subauthority parameters have meaningful values. This parameter must contain a value from 1 to 8.    For example, a value of 3 indicates that the subauthority values specified by the dwSubAuthority0, dwSubAuthority1, and dwSubAuthority2 parameters have meaningful values and to ignore the remainder.dwSubAuthority0 [in]    Subauthority value to place in the SID.pSid [out]    A pointer to a variable that receives the pointer to the allocated and initialized SID structure.

 

access token含義:

參考:

https://msdn.microsoft.com/en-us/library/windows/desktop/ms721532%28v=vs.85%29.aspx#_security_access_token_gly

An access token contains the security information for a logon session. The system creates an access token when a user logs on, and every process executed on behalf of the user has a copy of the token. The token identifies the user, the user‘s groups, and the user‘s privileges. The system uses the token to control access to securable objects and to control the ability of the user to perform various system-related operations on the local computer. There are two kinds of access token, primary and impersonation.

SID含義:

The system uses the SID in the access token to identify the user in all subsequent interactions with Windows security.

參考:

https://msdn.microsoft.com/en-us/library/windows/desktop/aa379571%28v=vs.85%29.aspx

 

#include <windows.h>#include <stdio.h>#pragma comment(lib, "advapi32.lib")#define MAX_NAME 256using namespace std;int main(){    DWORD i, dwSize = 0, dwResult = 0;    HANDLE hToken;    PTOKEN_GROUPS pGroupInfo;    PSID pSID = NULL;    SID_IDENTIFIER_AUTHORITY SIDAuth = SECURITY_NT_AUTHORITY;    char lpName[MAX_NAME];    char lpDomain[MAX_NAME];    SID_NAME_USE SidType;    // Open a handle to the access token for the calling process.    //TOKEN_QUERY:Required to query an access token.    //GetCurrentProcess()返回進程控制代碼    //[out]hToken是access token的控制代碼    if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken))    {        printf("OpenProcessToken Error %u\n", GetLastError());        return FALSE;    }    //前後兩次調用GetTokenInformation的目的不同    // Call GetTokenInformation to get the buffer size.    //The TOKEN_GROUPS structure contains information about the group security identifiers (SIDs) in an access token.    if (!GetTokenInformation(hToken, TokenGroups, NULL, dwSize, &dwSize))    {        dwResult = GetLastError();        if (dwResult != ERROR_INSUFFICIENT_BUFFER) {            printf("GetTokenInformation Error %u\n", dwResult);            return FALSE;        }    }    // Allocate the buffer.    pGroupInfo = (PTOKEN_GROUPS)GlobalAlloc(GPTR, dwSize);    // Call GetTokenInformation again to get the group information.    if (!GetTokenInformation(hToken, TokenGroups, pGroupInfo,        dwSize, &dwSize))    {        printf("GetTokenInformation Error %u\n", GetLastError());        return FALSE;    }    // Create a SID for the BUILTIN\Administrators group.        if (!AllocateAndInitializeSid(&SIDAuth, 2,        SECURITY_BUILTIN_DOMAIN_RID,        DOMAIN_ALIAS_RID_ADMINS,        0, 0, 0, 0, 0, 0,        &pSID))    {        printf("AllocateAndInitializeSid Error %u\n", GetLastError());        return FALSE;    }    // Loop through the group SIDs looking for the administrator SID.    //    for (i = 0; i < pGroupInfo->GroupCount; i++)    {        if (EqualSid(pSID, pGroupInfo->Groups[i].Sid))        {            // Lookup the account name and print it.            dwSize = MAX_NAME;            if (!LookupAccountSid(NULL, pGroupInfo->Groups[i].Sid,                lpName, &dwSize, lpDomain,                &dwSize, &SidType))            {                dwResult = GetLastError();                if (dwResult == ERROR_NONE_MAPPED)                    strcpy_s(lpName, dwSize, "NONE_MAPPED");                else                {                    printf("LookupAccountSid Error %u\n", GetLastError());                    return FALSE;                }            }                        printf("Current user is a member of the %s\\%s group\n",                lpDomain, lpName);            // Find out whether the SID is enabled in the token.            if (pGroupInfo->Groups[i].Attributes & SE_GROUP_ENABLED)                printf("The group SID is enabled.\n");            else if (pGroupInfo->Groups[i].Attributes &                SE_GROUP_USE_FOR_DENY_ONLY)                printf("The group SID is a deny-only SID.\n");            else                printf("The group SID is not enabled.\n");        }    }    if (pSID)        FreeSid(pSID);    if (pGroupInfo)        GlobalFree(pGroupInfo);    system("pause");    return 0;}

整體流程:

OpenProcessToken:擷取token控制代碼

GetTokenInformation:擷取group information

for迴圈:在group中尋找

Windows API 之 OpenProcessToken、GetTokenInformation

聯繫我們

該頁面正文內容均來源於網絡整理,並不代表阿里雲官方的觀點,該頁面所提到的產品和服務也與阿里云無關,如果該頁面內容對您造成了困擾,歡迎寫郵件給我們,收到郵件我們將在5個工作日內處理。

如果您發現本社區中有涉嫌抄襲的內容,歡迎發送郵件至: info-contact@alibabacloud.com 進行舉報並提供相關證據,工作人員會在 5 個工作天內聯絡您,一經查實,本站將立刻刪除涉嫌侵權內容。

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.