Hello everybody,

What is best method of finding who is system administrator? actually any method is appreciated.
best regards,

czDrillard
Posted on 2005-03-05 10:25:25 by czDrillard
Hi,

maybe this helps?!?



;--------------------------------------------------------------------
; IsAdmin
; Returns TRUE if calling process (you) have Admin privileges and
; FALSE if you don't or in case of error.
;
; Copy IsAdmin proc and variables (except those starting with Msg) to
; your own program.
;--------------------------------------------------------------------

.486
.MODEL FLAT, STDCALL
option casemap:none ;case sensitive

include d:\masm32\include\windows.inc
include d:\masm32\include\kernel32.inc
include d:\masm32\include\user32.inc
include d:\masm32\include\advapi32.inc
includelib d:\masm32\lib\user32.lib
includelib d:\masm32\lib\kernel32.lib
includelib d:\masm32\lib\advapi32.lib

IsAdmin PROTO

ACCESS_READ equ 1
ACCESS_WRITE equ 2

.data
MsgCaption db "IsAdmin", 0
MsgAdmin db "You have Admin privileges!", 0
MsgNoAdmin db "You don't have Admin privileges!", 0
siaNtAuthority SID_IDENTIFIER_AUTHORITY <SECURITY_NT_AUTHORITY>

.data?
GenericMapping GENERIC_MAPPING <?,?,?,?>
ps PRIVILEGE_SET <>

.const

.code
Start:
invoke IsAdmin
.if eax == TRUE
invoke MessageBox, NULL, ADDR MsgAdmin, ADDR MsgCaption, MB_OK
.else
invoke MessageBox, NULL, ADDR MsgNoAdmin, ADDR MsgCaption, MB_OK
.endif
invoke ExitProcess, 0

IsAdmin proc
LOCAL hToken :DWORD
LOCAL psdAdmin :DWORD
LOCAL dwACLSize :DWORD
LOCAL hThread :DWORD
LOCAL hProcess :DWORD
LOCAL pACL :DWORD
LOCAL psidAdministrators :DWORD
LOCAL dwStructureSize :DWORD
LOCAL dwStatus :DWORD
LOCAL bRetVal :DWORD

mov psidAdministrators, 0
mov psdAdmin, 0
mov pACL, 0

invoke ImpersonateSelf, 2
invoke GetCurrentThread
mov hThread, eax
invoke OpenThreadToken, hThread, TOKEN_QUERY, FALSE, ADDR hToken
.if eax == 0
invoke GetLastError
.if eax != ERROR_NO_TOKEN
mov bRetVal, FALSE
jmp Exitus
.endif
invoke GetCurrentProcess
mov hProcess, eax
invoke OpenProcessToken, hProcess, TOKEN_QUERY, ADDR hToken
.if eax == 0
mov bRetVal, FALSE
jmp Exitus
.endif
.endif

invoke AllocateAndInitializeSid, ADDR siaNtAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, ADDR psidAdministrators
invoke LocalAlloc, LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH
mov psdAdmin, eax
invoke InitializeSecurityDescriptor, psdAdmin, SECURITY_DESCRIPTOR_REVISION
invoke GetLengthSid, psidAdministrators
sub eax, sizeof DWORD
add eax, sizeof ACL
add eax, sizeof ACCESS_ALLOWED_ACE
mov dwACLSize, eax
invoke LocalAlloc, LPTR, dwACLSize
mov pACL, eax
invoke InitializeAcl, pACL, dwACLSize, ACL_REVISION2
invoke AddAccessAllowedAce, pACL, ACL_REVISION2, ACCESS_READ OR ACCESS_WRITE, psidAdministrators
invoke SetSecurityDescriptorDacl, psdAdmin, TRUE, pACL, FALSE
invoke SetSecurityDescriptorGroup, psdAdmin, psidAdministrators, FALSE
invoke SetSecurityDescriptorOwner, psdAdmin, psidAdministrators, FALSE
invoke IsValidSecurityDescriptor, psdAdmin
mov GenericMapping.GenericRead, ACCESS_READ
mov GenericMapping.GenericWrite, ACCESS_WRITE
mov GenericMapping.GenericExecute, 0
mov GenericMapping.GenericAll, ACCESS_READ OR ACCESS_WRITE
mov dwStructureSize, sizeof PRIVILEGE_SET
invoke AccessCheck, psdAdmin, hToken, ACCESS_READ OR ACCESS_WRITE, ADDR GenericMapping, ADDR ps, ADDR dwStructureSize, ADDR dwStatus, ADDR bRetVal
.if eax == 0
mov bRetVal, FALSE
jmp Exitus
.endif
invoke RevertToSelf

Exitus:
.if pACL != 0
invoke LocalFree, pACL
.endif
.if psdAdmin != 0
invoke LocalFree, psdAdmin
.endif
.if psidAdministrators != 0
invoke FreeSid, psidAdministrators
.endif
mov eax, bRetVal
ret
IsAdmin endp
end Start
Posted on 2005-03-05 15:23:16 by SamiP
Thanks SamiP :alright:

Much appreciated.

best regards,

czDrillard
Posted on 2005-03-06 21:07:48 by czDrillard