mirror of
https://github.com/wavestone-cdt/EDRSandblast.git
synced 2026-06-08 16:37:12 +00:00
Qazeer
20 lines
437 B
C
20 lines
437 B
C
#include "IsElevatedProcess.h"
|
|
|
|
BOOL IsElevatedProcess() {
|
|
BOOL fRet = FALSE;
|
|
HANDLE hToken = NULL;
|
|
|
|
if (OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken)) {
|
|
TOKEN_ELEVATION Elevation;
|
|
DWORD cbSize = sizeof(TOKEN_ELEVATION);
|
|
if (GetTokenInformation(hToken, TokenElevation, &Elevation, sizeof(Elevation), &cbSize)) {
|
|
fRet = Elevation.TokenIsElevated;
|
|
}
|
|
}
|
|
|
|
if (hToken) {
|
|
CloseHandle(hToken);
|
|
}
|
|
|
|
return fRet;
|
|
} |