/// <inheritdoc /> public static bool IsElevated() { bool ret = false; IntPtr hToken; // Invalid handle. if (OpenProcessToken(System.Diagnostics.Process.GetCurrentProcess().Handle, TOKEN_QUERY, out hToken)) { uint tokenInfLength = 0; // first call gets lenght of tokenInformation ret = GetTokenInformation(hToken, TOKEN_INFORMATION_CLASS.TokenElevation, IntPtr.Zero, tokenInfLength, out tokenInfLength); IntPtr tokenInformation = Marshal.AllocHGlobal((IntPtr)tokenInfLength); if (tokenInformation != IntPtr.Zero) { ret = GetTokenInformation(hToken, TOKEN_INFORMATION_CLASS.TokenElevation, tokenInformation, tokenInfLength, out tokenInfLength); if (ret) { TOKEN_ELEVATION tokenElevation = (TOKEN_ELEVATION)Marshal.PtrToStructure(tokenInformation, typeof(TOKEN_ELEVATION)); ret = tokenElevation.TokenIsElevated != 0; } Marshal.FreeHGlobal(tokenInformation); CloseHandle(hToken); } } return(ret); }
private static bool TokenIsElevated(IntPtr hToken) { TOKEN_ELEVATION tk = new TOKEN_ELEVATION(); tk.TokenIsElevated = 0; IntPtr lpValue = Marshal.AllocHGlobal(Marshal.SizeOf(tk)); Marshal.StructureToPtr(tk, lpValue, false); uint tokenInformationLength = (uint)Marshal.SizeOf(typeof(TOKEN_ELEVATION)); uint returnLength; Boolean result = GetTokenInformation( hToken, TOKEN_INFORMATION_CLASS.TokenElevation, lpValue, tokenInformationLength, out returnLength ); TOKEN_ELEVATION elv = (TOKEN_ELEVATION)Marshal.PtrToStructure(lpValue, typeof(TOKEN_ELEVATION)); if (elv.TokenIsElevated == 1) { return(true); } else { return(false); } }
public static bool GetTokenElevated(TokenHandle hToken) { int size; TOKEN_ELEVATION te = new TOKEN_ELEVATION(); te.TokenIsElevated = 0; bool result = GetTokenInformation(hToken, TOKEN_INFORMATION_CLASS.TokenElevation, ref te, Marshal.SizeOf(typeof(TOKEN_ELEVATION)), out size); if (!result) { throw new Win32Exception(); } return(te.TokenIsElevated != 0); }
/// <summary> /// Returns true if the current process is elevated. /// </summary> public unsafe static bool IsProcessElevated() { using (AccessToken token = OpenProcessToken(AccessTokenRights.Read)) { TOKEN_ELEVATION elevation = new TOKEN_ELEVATION(); if (!Imports.GetTokenInformation( token, TokenInformation.Elevation, &elevation, (uint)sizeof(TOKEN_ELEVATION), out _)) { throw Errors.GetIoExceptionForLastError(); } return(elevation.TokenIsElevated); } }
/// <summary> /// The function gets the elevation information of the current process. It /// dictates whether the process is elevated or not. Token elevation is only /// available on Windows Vista and newer operating systems, thus /// IsProcessElevated throws a C++ exception if it is called on systems prior /// to Windows Vista. It is not appropriate to use this function to determine /// whether a process is run as administartor. /// </summary> /// <returns> /// Returns true if the process is elevated. Returns false if it is not. /// </returns> /// <exception cref="System.ComponentModel.Win32Exception"> /// When any native Windows API call fails, the function throws a Win32Exception /// with the last error code. /// </exception> /// <remarks> /// TOKEN_INFORMATION_CLASS provides TokenElevationType to check the elevation /// type (TokenElevationTypeDefault / TokenElevationTypeLimited / /// TokenElevationTypeFull) of the process. It is different from TokenElevation /// in that, when UAC is turned off, elevation type always returns /// TokenElevationTypeDefault even though the process is elevated (Integrity /// Level == High). In other words, it is not safe to say if the process is /// elevated based on elevation type. Instead, we should use TokenElevation. /// </remarks> internal bool IsProcessElevated() { bool fIsElevated = false; SafeTokenHandle hToken = null; int cbTokenElevation = 0; IntPtr pTokenElevation = IntPtr.Zero; try { // Open the access token of the current process with TOKEN_QUERY. if (!NativeMethods.OpenProcessToken(Process.GetCurrentProcess().Handle, NativeMethods.TOKEN_QUERY, out hToken)) { throw new Win32Exception(); } // Allocate a buffer for the elevation information. cbTokenElevation = Marshal.SizeOf(typeof(TOKEN_ELEVATION)); pTokenElevation = Marshal.AllocHGlobal(cbTokenElevation); if (pTokenElevation == IntPtr.Zero) { throw new Win32Exception(); } // Retrieve token elevation information. if (!NativeMethods.GetTokenInformation(hToken, TOKEN_INFORMATION_CLASS.TokenElevation, pTokenElevation, cbTokenElevation, out cbTokenElevation)) { // When the process is run on operating systems prior to Windows // Vista, GetTokenInformation returns false with the error code // ERROR_INVALID_PARAMETER because TokenElevation is not supported // on those operating systems. throw new Win32Exception(); } // Marshal the TOKEN_ELEVATION struct from native to .NET object. TOKEN_ELEVATION elevation = (TOKEN_ELEVATION)Marshal.PtrToStructure( pTokenElevation, typeof(TOKEN_ELEVATION)); // TOKEN_ELEVATION.TokenIsElevated is a non-zero value if the token // has elevated privileges; otherwise, a zero value. fIsElevated = (elevation.TokenIsElevated != 0); } finally { // Centralized cleanup for all allocated resources. if (hToken != null) { hToken.Close(); hToken = null; } if (pTokenElevation != IntPtr.Zero) { Marshal.FreeHGlobal(pTokenElevation); pTokenElevation = IntPtr.Zero; cbTokenElevation = 0; } } return(fIsElevated); }
static extern bool GetTokenInformation(TokenHandle TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, ref TOKEN_ELEVATION TokenInformation, int TokenInformationLength, out int ReturnLength);