GetProcessTokenElevationTypeStaus

#include <stdio.h>#include <Windows.h>#define NT_SUCCESS(Status) (((NTSTATUS)(Status)) >= 0)//关闭句柄#define SafeCloseHandle(Handle) { if(Handle){CloseHandle(Handle);Handle=NULL;} }//获取TokenElevationTypeTOKEN_ELEVATION_TYPE GetProcessTokenElevationTypeStaus(DWORD ProcessId){HANDLE ProcessHandle = NULL;  HANDLE TokenHandle=NULL;static TOKEN_ELEVATION_TYPE TokenElevationTypeStaus=TokenElevationTypeDefault;NTSTATUS status;static ULONG ReturnLength=sizeof(TOKEN_ELEVATION_TYPE);typedef  NTSTATUS (NTAPI *fnZwQueryInformationToken) (HANDLE TokenHandle,TOKEN_INFORMATION_CLASS TokenInformationClass,PVOID TokenInformation,ULONG TokenInformationLength,PULONG ReturnLength);  static fnZwQueryInformationToken pZwQueryInformationToken=(fnZwQueryInformationToken)GetProcAddress(GetModuleHandle(TEXT("ntdll.dll")),"ZwQueryInformationToken");  do {ProcessHandle=OpenProcess(PROCESS_QUERY_INFORMATION,FALSE,ProcessId);if (ProcessHandle==NULL)break;//打开进程令牌  if (!OpenProcessToken(ProcessHandle, TOKEN_QUERY, &TokenHandle))  break;  status=pZwQueryInformationToken(TokenHandle, TokenElevationType, &TokenElevationTypeStaus, ReturnLength, &ReturnLength);  if (!NT_SUCCESS(status))  {  break;  }else{printf("%d\n",TokenElevationTypeStaus);}} while (FALSE);SafeCloseHandle(TokenHandle);  SafeCloseHandle(ProcessHandle);  return TokenElevationTypeStaus;}int main (void){GetProcessTokenElevationTypeStaus(GetCurrentProcessId());getchar();getchar();return 0;}