|
Страница 2 из 24
2)----------------------------------------------------------------------------
Q> Как узнать какие привилегии есть у пользователя ? A>
#include
#include
#pragma hdrstop
void main()
{
HANDLE hToken;
LUID setcbnameValue;
TOKEN_PRIVILEGES tkp;
DWORD errcod;
LPVOID lpMsgBuf;
LPCTSTR msgptr;
UCHAR InfoBuffer[1000];
PTOKEN_PRIVILEGES ptgPrivileges = (PTOKEN_PRIVILEGES) InfoBuffer;
DWORD dwInfoBufferSize;
DWORD dwPrivilegeNameSize;
DWORD dwDisplayNameSize;
UCHAR ucPrivilegeName[500];
UCHAR ucDisplayName[500];
DWORD dwLangId;
UINT i;
if ( ! OpenProcessToken( GetCurrentProcess(),
TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken ) )
{
puts( "OpenProcessToken" );
return;
}
// ---------------------------------------------------------------------
// enumerate currently held privs (NOTE: not *enabled* privs, just the
// ones you _could_ enable as in the last part)
GetTokenInformation( hToken, TokenPrivileges, InfoBuffer,
sizeof InfoBuffer, &dwInfoBufferSize);
printf( "Account privileges: \n\n" );
for( i = 0; i < ptgPrivileges->PrivilegeCount; i ++ )
{
dwPrivilegeNameSize = sizeof ucPrivilegeName;
dwDisplayNameSize = sizeof ucDisplayName;
LookupPrivilegeName( NULL, &ptgPrivileges->Privileges[i].Luid,
ucPrivilegeName, &dwPrivilegeNameSize );
LookupPrivilegeDisplayName( NULL, ucPrivilegeName,
ucDisplayName, &dwDisplayNameSize, &dwLangId );
printf( "%40s (%s)\n", ucDisplayName, ucPrivilegeName );
}
}
3)----------------------------------------------------------------------------
Q> Как узнать SID юзера? A> Из исходника getadmin:
BOOL
GetAccountSid(
LPTSTR SystemName,
LPTSTR AccountName,
PSID *Sid
)
{
LPTSTR ReferencedDomain=NULL;
DWORD cbSid=128; // initial allocation attempt
DWORD cbReferencedDomain=16; // initial allocation size
SID_NAME_USE peUse;
BOOL bSuccess=FALSE; // assume this function will fail
__try {
//
// initial memory allocations
//
if((*Sid=HeapAlloc(
GetProcessHeap(),
0,
cbSid
)) == NULL) __leave;
if((ReferencedDomain=(LPTSTR)HeapAlloc(
GetProcessHeap(),
0,
cbReferencedDomain
)) == NULL) __leave;
//
// Obtain the SID of the specified account on the specified system.
//
while(!LookupAccountName(
SystemName, // machine to lookup account on
AccountName, // account to lookup
*Sid, // SID of interest
&cbSid, // size of SID
ReferencedDomain, // domain account was found on
&cbReferencedDomain,
&peUse
)) {
if (GetLastError() == ERROR_INSUFFICIENT_BUFFER) {
//
// reallocate memory
//
if((*Sid=HeapReAlloc(
GetProcessHeap(),
0,
*Sid,
cbSid
)) == NULL) __leave;
if((ReferencedDomain=(LPTSTR)HeapReAlloc(
GetProcessHeap(),
0,
ReferencedDomain,
cbReferencedDomain
)) == NULL) __leave;
}
else __leave;
}
//
// Indicate success.
//
bSuccess=TRUE;
} // finally
__finally {
//
// Cleanup and indicate failure, if appropriate.
//
HeapFree(GetProcessHeap(), 0, ReferencedDomain);
if(!bSuccess) {
if(*Sid != NULL) {
HeapFree(GetProcessHeap(), 0, *Sid);
*Sid = NULL;
}
}
} // finally
return bSuccess;
} |