Thursday, April 14, 2011

一段获取当前用户Sid的小代码

#include "stdafx.h"
#include
#include

#define MAX_NAME 256

BOOL GetCurrentUserForSID (VOID)
{
DWORD dwSize = 0, dwResult = 0;
HANDLE hToken;
PTOKEN_USER pUserInfo;

LPSTR StringSid;

if (!OpenProcessToken( GetCurrentProcess(), TOKEN_QUERY, &hToken ))
return FALSE;

if(!GetTokenInformation(hToken, TokenUser, NULL, dwSize, &dwSize))
{
dwResult = GetLastError();
if( dwResult != ERROR_INSUFFICIENT_BUFFER )
return FALSE;
}

pUserInfo = (PTOKEN_USER) GlobalAlloc( GPTR, dwSize );

if(! GetTokenInformation(hToken, TokenUser, pUserInfo,
dwSize, &dwSize ) )
{
return FALSE;
}

ConvertSidToStringSid(pUserInfo->User.Sid, &StringSid);
printf("Sid: %s\n", StringSid);


if ( pUserInfo )
GlobalFree( pUserInfo );
return TRUE;
}

int _tmain(int argc, _TCHAR* argv[])
{
GetCurrentUserForSID();
return 0;
}


驱动里用SeQueryInformationToken或ZwQueryInformationToken
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)