argumentum

is PID running ELEVATED [solved]

6 posts in this topic

#1 ·  Posted (edited)

I need to know if a program is running Elevated. If it is then I'd have to run mine too in elevated mode (#ReqAdmin), else, just a user level ( not elevated ).
my dream would be of _WinAPI_IsElevated ( $iPID ) but there is no such animal and in any case it uses "TokenInformation", and I'd like to know as a User, not an Admin.
Anyway to query what Task manager shows in windows 10 ?

Thanks

Edited by argumentum

Share this post


Link to post
Share on other sites



Where do you see that information in task manager?


Spoiler

Paster - Main function is to paste text, but has more functions.

OpenW - Open With... alternative, Open any file with any application, set it's icon, set application as default.

Renamer - Rename files and folders, remove portions of text from the filename etc.

BeatsPlayer - Music player.

Params Tool - Right click an exe to see it's parameters or execute them.

Regedit Control - Registry browsing history, quickly jump into any saved key.

Time4Shutdown - Write the time for shutdown in minutes.

Power Profiles Tool - Set a profile as active, delete, duplicate, export and import.

Firefox Profile Backup - Backup/restore previously saved profile.

Finished Task Shutdown - Shuts down pc when specified window/Wndl/process closes.

NetworkSpeedShutdown - Shuts down pc if download speed goes under "X" Kb/s.

 

Share this post


Link to post
Share on other sites

You could use Wmi and check for the ExecutablePath using the example below if $avProcProps[$x][1] = "" then its running elevated otherwise it's non-elevated.  Of course this won't work if your script is running elevated, i.e. if you have #RequireAdmin at the top of the script below.

#include <array.au3>; Only for _ArrayDisplay()

$avProcProps = _ProcessListProperties('Chrome.exe')
_ArrayDisplay($avProcProps, "$avProcProps")

;===============================================================================
; Function Name:    _ProcessListProperties()
; Description:   Get various properties of a process, or all processes
; Call With:       _ProcessListProperties( [$Process [, $sComputer]] )
; Parameter(s):     (optional) $Process - PID or name of a process, default is all
;           (optional) $sComputer - remote computer to get list from, default is local
; Requirement(s):   AutoIt v3.2.4.9+
; Return Value(s):  On Success - Returns a 2D array of processes, as in ProcessList()
;             with additional columns added:
;             [0][0] - Number of processes listed (can be 0 if no matches found)
;             [1][0] - 1st process name
;             [1][1] - 1st process executable path
;             ...
;             [n][0] thru [n][8] - last process properties
; On Failure:       Returns array with [0][0] = 0 and sets @Error to non-zero (see code below)
; Author(s):        PsaltyDS at http://www.autoitscript.com/forum
; Date/Version:   05/05/2008  --  v1.0.0
; Notes:            If a numeric PID or string process name is provided and no match is found,
;             then [0][0] = 0 and @error = 0 (not treated as an error, same as ProcessList)
;           This function requires admin permissions to the target computer.
;           All properties come from the Win32_Process class in WMI.
;===============================================================================
Func _ProcessListProperties($Process = "", $sComputer = ".")
    Local $sUserName, $sMsg, $sUserDomain, $avProcs
    If $Process = "" Then
        $avProcs = ProcessList()
    Else
        $avProcs = ProcessList($Process)
    EndIf

   ; Return for no matches
    If $avProcs[0][0] = 0 Then Return $avProcs

   ; ReDim array for additional property columns
    ReDim $avProcs[$avProcs[0][0] + 1][2]

   ; Connect to WMI and get process objects
    $oWMI = ObjGet("winmgmts:{impersonationLevel=impersonate}!\\" & $sComputer & "\root\cimv2")
    If IsObj($oWMI) Then
       ; Get collection of all processes from Win32_Process
        $colProcs = $oWMI.ExecQuery("select * from win32_process")
        If IsObj($colProcs) Then
           ; For each process...
            For $oProc In $colProcs
                $sObjName = ObjName($oProc, 1)
                If @error Then ContinueLoop; Skip if process no longer exists
               ; Find it in the array
                For $n = 1 To $avProcs[0][0]
                    If $avProcs[$n][1] = $oProc.ProcessId Then $avProcs[$n][1] = $oProc.ExecutablePath
                Next
            Next
        Else
            SetError(2); Error getting process collection from WMI
        EndIf
    Else
        SetError(1); Error connecting to WMI
    EndIf

   ; Return array
    Return $avProcs
EndFunc  ;==>_ProcessListProperties

 

Share this post


Link to post
Share on other sites

#6 ·  Posted (edited)

in https://www.autoitscript.com/forum/topic/122050-useful-snippets-collection-thread/ at point 8. Facts on UAC  is the reason for this question of mine. How to run my script so it'd interact with an app. that runs elevated on the Admin acct. and, as regular/standard/limited user, and add the UAC bypass accordingly, to have it start up without issues. To do so I need to compile as  #AutoIt3Wrapper_Res_requestedExecutionLevel=highestAvailable  and  on the Task Scheduler with highestAvailable for the Admin acct.

So now my next question is "how do I know if the user is limited or not".

Edit: 

If _IsAdministrator() Then
        $s &= '<RunLevel>HighestAvailable</RunLevel>' & @CRLF
    Else
        $s &=  '<RunLevel>LeastPrivilege</RunLevel>' & @CRLF
    EndIf

and the code is from trancexx ( https://www.autoitscript.com/forum/topic/113611-if-isadmin-not-detected-as-admin/?do=findComment&comment=795036 ).

So I guess I did not need the _WinAPI_IsElevated ( $iPID )  that I thought i needed.
 

Edited by argumentum
kept thinking

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now