Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>The method I finally settled on depends on the fact that Vista and Windows 2008 have the whoami.exe utility, and it detects the integrity level of the user who owns the process. A couple of screenshots help here:</p> <p><a href="http://lh3.ggpht.com/_Svunm47buj0/SQ6ql4iNjPI/AAAAAAAAAeA/iwbcSrAZqRg/whoami%20-%20adminuser%20-%20groups%20-%20cropped.png?imgmax=512">WHOAMI, normal and elevated, on Vista http://lh3.ggpht.com/_Svunm47buj0/SQ6ql4iNjPI/AAAAAAAAAeA/iwbcSrAZqRg/whoami%20-%20adminuser%20-%20groups%20-%20cropped.png?imgmax=512</a></p> <p>You can see that when cmd is running elevated, whoami /groups reports a "High" mandatory integrity level and a different SID than when running non-elevated. In the pic, the top session is normal, the one underneath is running elevated after UAC prompt.</p> <p>Knowing that, here is the code I used. It essentially checks the OS version, and if it is Vista or Server 2008, calls CheckforElevation which runs whoami.exe /groups, and looks for the string S-1-16-12288 in the output. In this example I just echo status; in the real script I branch to different actions based on the result.</p> <pre><code>sub GetOSVersion Dim strComputer, oWMIService, colOSInfo, oOSProperty, strCaption, strOSFamily strComputer = "." Set oWMIService = GetObject("winmgmts:\\" &amp; strComputer &amp; "\root\cimv2") Set colOSInfo = oWMIService.ExecQuery("Select * from Win32_OperatingSystem") 'I hate looping through just to get one property. But dunno another way! For Each oOSProperty in colOSInfo strCaption = oOSProperty.Caption Next If InStr(1,strCaption, "Vista", vbTextCompare) Then strOSFamily = "Vista" If InStr(1,strCaption, "2008", vbTextCompare) Then strOSFamily = "2008" If InStr(1,strCaption, "XP", vbTextCompare) Then strOSFamily = "XP" If InStr(1,strCaption, "2003", vbTextCompare) Then strOSFamily = "2003" If InStr(1,strCaption, "2000", vbTextCompare) Then strOSFamily = "2000" If strOSFamily = "" Then Wscript.Echo "No known OS found. (Script can detect Windows 2000, 2003, XP, Vista, 2008.)" Else Wscript.Echo "OS Family = " &amp; strOSFamily End If Select Case strOSFamily 'if Vista/2008 then call CheckforElevation Case "Vista" CheckforElevation Case "2008" CheckforElevation Case Else Exit Sub End Select end sub sub CheckforElevation 'test whether user has elevated token Dim oShell, oExecWhoami, oWhoamiOutput, strWhoamiOutput, boolHasElevatedToken Set oShell = CreateObject("WScript.Shell") Set oExecWhoami = oShell.Exec("whoami /groups") Set oWhoamiOutput = oExecWhoami.StdOut strWhoamiOutput = oWhoamiOutput.ReadAll If InStr(1, strWhoamiOutput, "S-1-16-12288", vbTextCompare) Then boolHasElevatedToken = True If boolHasElevatedToken Then Wscript.Echo "Current script is running with elevated privs." Else Wscript.Echo "Current script is NOT running with elevated privs." End If end sub </code></pre>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload