github.com/iDigitalFlame/xmt@v0.5.4/device/local/windows.go

github.com/iDigitalFlame/xmt@v0.5.4/device/local/windows.go (about)

     1  //go:build windows
     2  // +build windows
     3  
     4  // Copyright (C) 2020 - 2023 iDigitalFlame
     5  //
     6  // This program is free software: you can redistribute it and/or modify
     7  // it under the terms of the GNU General Public License as published by
     8  // the Free Software Foundation, either version 3 of the License, or
     9  // any later version.
    10  //
    11  // This program is distributed in the hope that it will be useful,
    12  // but WITHOUT ANY WARRANTY; without even the implied warranty of
    13  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    14  // GNU General Public License for more details.
    15  //
    16  // You should have received a copy of the GNU General Public License
    17  // along with this program.  If not, see <https://www.gnu.org/licenses/>.
    18  //
    19  
    20  package local
    21  
    22  import (
    23  	"syscall"
    24  	"unsafe"
    25  
    26  	"github.com/iDigitalFlame/xmt/device/winapi"
    27  )
    28  
    29  func getPPID() uint32 {
    30  	return winapi.Getppid()
    31  }
    32  func isElevated() uint8 {
    33  	var e uint8
    34  	if checkElevatedToken() {
    35  		e = 1
    36  	}
    37  	var (
    38  		d *uint16
    39  		s uint32
    40  	)
    41  	if err := syscall.NetGetJoinInformation(nil, &d, &s); err != nil {
    42  		return e
    43  	}
    44  	if syscall.NetApiBufferFree((*byte)(unsafe.Pointer(d))); s == 3 {
    45  		e |= 0x80
    46  	}
    47  	return e
    48  }
    49  func getUsername() string {
    50  	if u, err := winapi.GetLocalUser(); err == nil && len(u) > 0 {
    51  		return u
    52  	}
    53  	return "?"
    54  }
    55  func checkElevatedToken() bool {
    56  	if !winapi.IsWindowsVista() {
    57  		return winapi.UserInAdminGroup()
    58  	}
    59  	var t uintptr
    60  	// 0x8 - TOKEN_QUERY
    61  	if err := winapi.OpenThreadToken(winapi.CurrentThread, 0x8, true, &t); err != nil {
    62  		if err = winapi.OpenProcessToken(winapi.CurrentProcess, 0x8, &t); err != nil {
    63  			return false
    64  		}
    65  	}
    66  	var (
    67  		n uint32 = 32
    68  		b [32]byte
    69  	)
    70  	// 0x19 - TokenIntegrityLevel
    71  	if err := winapi.GetTokenInformation(t, 0x19, &b[0], n, &n); err != nil {
    72  		winapi.CloseHandle(t)
    73  		return false
    74  	}
    75  	var (
    76  		p = uint32(b[n-4]) | uint32(b[n-3])<<8 | uint32(b[n-2])<<16 | uint32(b[n-1])<<24
    77  		r = p >= 0x3000
    78  	)
    79  	if !r {
    80  		r = winapi.IsTokenElevated(t)
    81  	}
    82  	winapi.CloseHandle(t)
    83  	return r
    84  }