| skipped 85 lines |
86 | 86 | | } |
87 | 87 | | |
88 | 88 | | BOOL IsHighIntegrity(HANDLE TokenHandle) { |
89 | | - | TOKEN_ELEVATION elevation; |
90 | | - | DWORD dwSize; |
91 | | - | |
92 | | - | if (ADVAPI32$GetTokenInformation(TokenHandle, TokenElevation, &elevation, sizeof(elevation), &dwSize)) { |
93 | | - | return elevation.TokenIsElevated; |
| 89 | + | BOOL b; |
| 90 | + | SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY; |
| 91 | + | PSID AdministratorsGroup; |
| 92 | + | b = ADVAPI32$AllocateAndInitializeSid(&NtAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, |
| 93 | + | 0, 0, 0, 0, &AdministratorsGroup); |
| 94 | + | if (b) { |
| 95 | + | if (!ADVAPI32$CheckTokenMembership(NULL, AdministratorsGroup, &b)) { |
| 96 | + | b = FALSE; |
| 97 | + | } |
| 98 | + | ADVAPI32$FreeSid(AdministratorsGroup); |
94 | 99 | | } |
95 | | - | return FALSE; |
| 100 | + | |
| 101 | + | return b; |
96 | 102 | | } |
97 | 103 | | |
98 | 104 | | BOOL IsSystem(HANDLE TokenHandle) { |
| skipped 166 lines |