#include <stdio.h>
#include <winsock2.h>
#include <windows.h>

HANDLE   hUser;

void CreateRawSocket();
void GetAdministratorRight();
void GiveUpAdministrativeRight();
void CheckForAdministratorPriviledge();


void main()
{
	GetAdministratorRight();
	CheckForAdministratorPriviledge();
	CreateRawSocket();
	GiveUpAdministrativeRight();
}

void GetAdministratorRight()
{
	if (LogonUser(
			"Administrator",
			".",
			"admin",
			LOGON32_LOGON_INTERACTIVE,
            LOGON32_PROVIDER_DEFAULT,
			&hUser)
				== 0)
	{
		printf("LogonUser fails error = %d",GetLastError());			
	}
	else
		{
			printf("LogonUser ok");
		}

	if (ImpersonateLoggedOnUser(hUser)== 0)
	{
		printf("\nImpersonateLoggedOnUser fails error = %d",GetLastError());		
	}
	else
		{
			printf("\nImpersonateLoggedOnUser ok");
		}
}


void GiveUpAdministrativeRight()
{
	RevertToSelf(); 
	CloseHandle(hUser);
}



void CreateRawSocket()
{
	SOCKET sock;
	WSADATA wsa;

	if ( WSAStartup ( MAKEWORD (2,0), &wsa ) == 0 ) 
	{
		sock = socket ( AF_INET, SOCK_RAW, IPPROTO_ICMP ); 
		if ( INVALID_SOCKET == sock ) 
		{
	    	printf ( "\nerror no. = %d\n", WSAGetLastError () );
		}
		else 
			{
				printf ( "\nraw socket created ok\n" );
				closesocket ( sock );
			}
		
		WSACleanup ();
	}	
}






void CheckForAdministratorPriviledge()
{
		int found;
        DWORD i, l;
        HANDLE hTok;
        PSID pAdminSid;
        SID_IDENTIFIER_AUTHORITY ntAuth = SECURITY_NT_AUTHORITY;

        byte rawGroupList[4096];
        TOKEN_GROUPS& groupList = *( (TOKEN_GROUPS *) rawGroupList );

        if ( ! OpenThreadToken( GetCurrentThread(), TOKEN_QUERY, TRUE, &hTok ) )
        {
                printf( "Cannot open thread token, error code =  [%lu].\n",
                        GetLastError() );
                return;
        }

        // normally, I should get the size of the group list first, but ...
        l = sizeof rawGroupList;
        if ( ! GetTokenInformation( hTok, TokenGroups, &groupList, l, &l ) )
        {
                printf( "Cannot get group list from token [%lu].\n",
                        GetLastError() );
                return;
        }

        // here, we cobble up a SID for the Administrators group, to compare to.
        if ( ! AllocateAndInitializeSid( &ntAuth, 2, SECURITY_BUILTIN_DOMAIN_RID,
                DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, &pAdminSid ) )
        {
                printf( "Cannot create SID for Administrators [%lu].\n",
                        GetLastError() );
                return;
        }

        // now, loop through groups in token and compare
        found = 0;
        for ( i = 0; i < groupList.GroupCount; ++ i )
        {
                if ( EqualSid( pAdminSid, groupList.Groups[i].Sid ) )
                {
                        found = 1;
                        break;
                }
        }

        // well?
        printf( "\nThe current user is %sa member of the Administrators group.\n",
                found? "": "not " );

        FreeSid( pAdminSid );
        CloseHandle( hTok );	
}