getuidx64Classification: Security Analysis / Privilege Escalation
Status: Requires Mitigation
Component: getuidx64 (Conceptual/Custom Driver Module)
Before anything else, confirm your account has administrative rights.
cmd).whoami /groups | findstr "S-1-5-32-544"BUILTIN\Administrators, your account is an admin. If not, contact your IT department.TOKEN_QUERY (minimum required access)getuid() directly on WindowsInstead, use Windows API equivalents:
GetCurrentProcessId() for PID.OpenProcessToken() followed by GetTokenInformation(TokenUser) to get SID.CheckTokenMembership() to test for admin group.Embed a manifest in your executable that declares requestedExecutionLevel="asInvoker" to prevent unnecessary UAC prompts.
The tool functions by registering a generic kernel driver. Once loaded, it exposes an IOCTL (I/O Control) interface. getuidx64 require administrator privileges
Pseudo-code Logic:
NTSTATUS DriverEntry(PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath)
// Standard driver initialization
DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = HandleIOCTL;
return STATUS_SUCCESS;
NTSTATUS HandleIOCTL(PDEVICE_OBJECT DeviceObject, PIRP Irp)
// The dangerous part: Interacting with the EPROCESS structure
// ...
If you must run the application without true admin rights and trust the source, you can try: Open Command Prompt (Win + R, type cmd )
runas /user:Administrator "path\to\app.exe".The 64-bit tool getuidx64 is used to verify if a user session has successfully elevated to Administrator or SYSTEM-level privileges. While it does not inherently require administrative rights to run, it is frequently used in security contexts where high-level permissions are needed for actions like credential dumping. Pov — HTB Writeups. Windows-Medium | by Alts