// checkt den angemeldeten Benutzer auf Administrator // borwinius /*<---------------------------------------------------------------------->*/ #include #include #include #include #include #include #include "checkadminres.h" /*<---------------------------------------------------------------------->*/ #define ACCESS_READ 1 #define ACCESS_WRITE 2 HINSTANCE hInst; //globale Instanz BOOL bAdm; //sein oder nicht sein char cUser[128];//Benutzername ULONG ulU = 128;//Länge des bn static BOOL CALLBACK DialogFunc(HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); BOOL IsAdmin(void); //prüft ob der User Admin ist //-------------------------------------------------------------------------- int APIENTRY WinMain(HINSTANCE hinst, HINSTANCE hinstPrev, LPSTR lpCmdLine, int nCmdShow) { WNDCLASSEX wc; INITCOMMONCONTROLSEX cc; memset(&wc,0,sizeof(wc)); wc.lpfnWndProc = DefDlgProc; wc.cbWndExtra = DLGWINDOWEXTRA; wc.hInstance = hInst = hinst; wc.hCursor = LoadCursor(NULL, IDC_ARROW); wc.hbrBackground = (HBRUSH) (COLOR_WINDOW + 1); wc.lpszClassName = " checkadmin"; RegisterClassEx(&wc); wc.hIcon = LoadIcon(hinst,"JSICON"); wc.hIconSm = wc.hIcon; memset(&cc,0,sizeof(cc)); cc.dwSize = sizeof(cc); cc.dwICC = 0xffffffff; InitCommonControlsEx(&cc); return DialogBox(hinst, MAKEINTRESOURCE(IDD_MAINDIALOG), NULL, (DLGPROC) DialogFunc); } //-------------------------------------------------------------------------- /* You should add your initialization code here. This function will be called when the dialog box receives the WM_INITDIALOG message. */ static int InitializeApp(HWND hDlg,WPARAM wParam, LPARAM lParam) { bAdm = IsAdmin(); GetUserName(cUser,&ulU); SetClassLong(hDlg,GCL_HICON,(LONG)LoadIcon(hInst,"JSICON"));//Icon in Dialogbox return 1; } //-------------------------------------------------------------------------- // DialogNachrichtenfunktion static BOOL CALLBACK DialogFunc(HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) { switch (msg) { case WM_INITDIALOG: InitializeApp(hwndDlg,wParam,lParam); if(bAdm) { SetDlgItemText(hwndDlg,ID_MESSAGE,"Sie sind schon lokaler Administrator !!!"); SetDlgItemText(hwndDlg,ID_TEXT,"\n\nSeien Sie deshalb vorsichtig !"); } return TRUE; case WM_COMMAND: switch (LOWORD(wParam)) { case IDOK: EndDialog(hwndDlg,1); return 1; } break; /* By default, WM_CLOSE is equivalent to CANCEL */ case WM_CLOSE: EndDialog(hwndDlg,0); return TRUE; } return FALSE; } //------------------------------------------------------------------------------ //Output: Return TRUE wenn user Administrator oder FALSE wenn nicht. // Errors: Return FALSE. BOOL IsAdmin(VOID) { HANDLE hToken; DWORD dwStatus; DWORD dwAccessMask; DWORD dwAccessDesired; DWORD dwACLSize; DWORD dwStructureSize = sizeof(PRIVILEGE_SET); PACL pACL = NULL; PSID psidAdmin = NULL; BOOL bReturn = FALSE; PRIVILEGE_SET ps; GENERIC_MAPPING GenericMapping; PSECURITY_DESCRIPTOR psdAdmin = NULL; SID_IDENTIFIER_AUTHORITY SystemSidAuthority = SECURITY_NT_AUTHORITY; if(!ImpersonateSelf(SecurityImpersonation)) goto LeaveIsAdmin; if (!OpenThreadToken(GetCurrentThread(), TOKEN_QUERY, FALSE, &hToken)) { if (GetLastError() != ERROR_NO_TOKEN) goto LeaveIsAdmin; if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken)) goto LeaveIsAdmin; if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken)) goto LeaveIsAdmin; } if (!AllocateAndInitializeSid(&SystemSidAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, &psidAdmin)) goto LeaveIsAdmin; psdAdmin = LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH); if (psdAdmin == NULL) goto LeaveIsAdmin; if (!InitializeSecurityDescriptor(psdAdmin, SECURITY_DESCRIPTOR_REVISION)) goto LeaveIsAdmin; dwACLSize = sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + GetLengthSid(psidAdmin) - sizeof(DWORD); pACL = (PACL)LocalAlloc(LPTR, dwACLSize); if (pACL == NULL) goto LeaveIsAdmin; if (!InitializeAcl(pACL, dwACLSize, ACL_REVISION2)) goto LeaveIsAdmin; dwAccessMask= ACCESS_READ | ACCESS_WRITE; if (!AddAccessAllowedAce(pACL, ACL_REVISION2, dwAccessMask, psidAdmin)) goto LeaveIsAdmin; if (!SetSecurityDescriptorDacl(psdAdmin, TRUE, pACL, FALSE)) goto LeaveIsAdmin; if(!SetSecurityDescriptorGroup(psdAdmin, psidAdmin, FALSE)) goto LeaveIsAdmin; if(!SetSecurityDescriptorOwner(psdAdmin, psidAdmin, FALSE)) goto LeaveIsAdmin; if (!IsValidSecurityDescriptor(psdAdmin)) goto LeaveIsAdmin; dwAccessDesired = ACCESS_READ; GenericMapping.GenericRead = ACCESS_READ; GenericMapping.GenericWrite = ACCESS_WRITE; GenericMapping.GenericExecute = 0; GenericMapping.GenericAll = ACCESS_READ | ACCESS_WRITE; if (!AccessCheck(psdAdmin, hToken, dwAccessDesired, &GenericMapping, &ps, &dwStructureSize, &dwStatus, &bReturn)) goto LeaveIsAdmin; if(!RevertToSelf()) bReturn = FALSE; LeaveIsAdmin: if (pACL) LocalFree(pACL); if (psdAdmin) LocalFree(psdAdmin); if (psidAdmin) FreeSid(psidAdmin); return bReturn; } //------------------------------------------------------------------------------