NtCompareTokens - NtDoc
Native API online documentation, based on the System Informer
(formerly Process Hacker) phnt
headers
#ifndef _NTSEAPI_H
NTSYSCALLAPI
NTSTATUS
NTAPI
NtCompareTokens(
_In_ HANDLE FirstTokenHandle,
_In_ HANDLE SecondTokenHandle,
_Out_ PBOOLEAN Equal
);
View code on GitHub#ifndef _NTZWAPI_H
NTSYSCALLAPI
NTSTATUS
NTAPI
ZwCompareTokens(
_In_ HANDLE FirstTokenHandle,
_In_ HANDLE SecondTokenHandle,
_Out_ PBOOLEAN Equal
);
View code on GitHubDetermines if two tokens are identical for the purpose of access checks. This function is documented in Windows SDK.
FirstTokenHandle - a handle to the first token. The handle must grant TOKEN_QUERY access.SecondTokenHandle - a handle to the second token. The handle must grant TOKEN_QUERY access.Equal - a pointer to a variable that receives whether the two tokens are equal.The function compares the user, groups, restricting SIDs, privileges, trust level, mandatory policy, AppContainer SID, capabilities, claims, and security attributes.
Note that this function does not support token pseudo-handles such as NtCurrentProcessToken. If you want to compare the current process/thread token, you need to open it first.