如何在没有管理员权限的情况下判断驱动器是否已加密 BitLocker?
[英]How to tell if drive is BitLocker encrypted without admin privilege?
问题描述
For my purpose all I need to know is drive's BitLocker encryption status by its DOS path.
出于我的目的,我只需要通过 DOS 路径了解驱动器的 BitLocker 加密状态。 Something like this:像这样的东西:
enum DriveEncryptionStatus{
Unprotected,
Protected,
Unknown
};
DriveEncryptionStatus = GetDriveBitlockerEncryptionStatus(L"C:\\");
I was able to find the Win32_EncryptableVolume class that unfortunately comes with this caveat:我能够找到Win32_EncryptableVolume类,不幸的是,这个警告伴随着:
To use the Win32_EncryptableVolume methods, the following conditions must be met: You must have administrator privileges.
Any idea how to do this without running as an administrator?知道如何在不以管理员身份运行的情况下执行此操作吗?
4 个解决方案
解决方案1
7 2017-11-09 00:44:28
The BitLocker status is available to any ordinary user in the shell. BitLocker 状态可供 shell 中的任何普通用户使用。 Windows obtains the status using the Windows Property System in the Win32 API to check the undocumented shell property System.Volume.BitLockerProtection . Windows 使用 Win32 API 中的Windows 属性系统来获取状态,以检查未记录的外壳属性System.Volume.BitLockerProtection 。 Your program will also be able to check this property without elevation.您的程序还可以在没有提升的情况下检查此属性。
If the value of this property is 1, 3, or 5, BitLocker is enabled on the drive.如果此属性的值为 1、3 或 5,则在驱动器上启用了 BitLocker。 Any other value is considered off.任何其他值都被视为关闭。
You can use the Win32 API to check this shell property.您可以使用 Win32 API 来检查此外壳属性。 As a courtesy, I have ported my managed implementation from my other answer to a similar question.出于礼貌,我已将我的托管实现从我对类似问题的其他答案移植过来。
#include <shlobj.h>
#pragma comment(lib, "shell32.lib")
#pragma comment(lib, "propsys.lib")
DriveEncryptionStatus getDriveEncryptionStatus(LPCWSTR parsingName)
{
IShellItem2 *drive = NULL;
HRESULT hr = CoInitializeEx(NULL, COINIT_APARTMENTTHREADED | COINIT_DISABLE_OLE1DDE);
hr = SHCreateItemFromParsingName(parsingName, NULL, IID_PPV_ARGS(&drive));
if (SUCCEEDED(hr)) {
PROPERTYKEY pKey;
hr = PSGetPropertyKeyFromName(L"System.Volume.BitLockerProtection", &pKey);
if (SUCCEEDED(hr)) {
PROPVARIANT prop;
PropVariantInit(&prop);
hr = drive->GetProperty(pKey, &prop);
if (SUCCEEDED(hr)) {
int status = prop.intVal;
drive->Release();
if (status == 1 || status == 3 || status == 5)
return DriveEncryptionStatus::Protected;
else
return DriveEncryptionStatus::Unprotected;
}
}
}
if (drive)
drive->Release();
return DriveEncryptionStatus::Unknown;
}
int main()
{
DriveEncryptionStatus status = getDriveEncryptionStatus(L"C:");
return 0;
}
解决方案2
3 2020-10-13 05:10:15
Building on this answer ...基于这个答案......
Values of System.Volume.BitLockerProtection determined empirically on Windows 10 1909 (10.0.18363.1082): System.Volume.BitLockerProtection值在 Windows 10 1909 (10.0.18363.1082) 上凭经验确定:
| System.Volume. | Control Panel | manage-bde conversion | manage-bde | Get-BitlockerVolume | Get-BitlockerVolume |
| BitLockerProtection | | | protection | VolumeStatus | ProtectionStatus |
| ------------------- | -------------------------------- | ------------------------- | -------------- | ---------------------------- | ------------------- |
| 1 | BitLocker on | Used Space Only Encrypted | Protection On | FullyEncrypted | On |
| 1 | BitLocker on | Fully Encrypted | Protection On | FullyEncrypted | On |
| 1 | BitLocker on | Fully Encrypted | Protection On | FullyEncryptedWipeInProgress | On |
| 2 | BitLocker off | Fully Decrypted | Protection Off | FullyDecrypted | Off |
| 3 | BitLocker Encrypting | Encryption In Progress | Protection Off | EncryptionInProgress | Off |
| 3 | BitLocker Encryption Paused | Encryption Paused | Protection Off | EncryptionSuspended | Off |
| 4 | BitLocker Decrypting | Decryption in progress | Protection Off | DecyptionInProgress | Off |
| 4 | BitLocker Decryption Paused | Decryption Paused | Protection Off | DecryptionSuspended | Off |
| 5 | BitLocker suspended | Used Space Only Encrypted | Protection Off | FullyEncrypted | Off |
| 5 | BitLocker suspended | Fully Encrypted | Protection Off | FullyEncrypted | Off |
| 6 | BitLocker on (Locked) | Unknown | Unknown | $null | Unknown |
| 7 | | | | | |
| 8 | BitLocker waiting for activation | Used Space Only Encrypted | Protection Off | FullyEncrypted | Off |
解决方案3
0 2021-11-15 16:58:59
So after many failed attempts at trying to pull this off in C# I finally got to this.因此,在尝试在 C# 中实现这一点的多次失败尝试之后,我终于做到了这一点。 I'm still new to C++/C# development in general so if my answer is completely irrelevant please let me know.总的来说,我对 C++/C# 开发还是陌生的,所以如果我的回答完全无关紧要,请告诉我。 I'll withdraw我会退
public static string GetBitLockerStatus()
{
Process process = new Process();
process.StartInfo.FileName = "powershell.exe";
process.StartInfo.Arguments = "-command (New-Object -ComObject Shell.Application).NameSpace('C:').Self.ExtendedProperty('System.Volume.BitLockerProtection')";
process.StartInfo.UseShellExecute = false;
process.StartInfo.RedirectStandardOutput = true;
process.Start();
StreamReader reader = process.StandardOutput;
string output = reader.ReadToEnd().Substring(0,1); //needed as output would otherwise be 1\r\n (if encrypted)
Console.WriteLine(output);
process.WaitForExit();
return output;
}
解决方案4
-1 2021-01-20 09:12:52
Also easy to do in CMD and Powershell In a CMD shell you can use this one-liner to ask Powershell to return the value as an exit code:在 CMD 和 Powershell 中也很容易在 CMD shell 中,您可以使用此单行命令 Powershell 将值作为退出代码返回:
powershell -command exit 1000 + (New-Object -ComObject Shell.Application).NameSpace('C:').Self.ExtendedProperty('System.Volume.BitLockerProtection')
and check the %ERRORLEVEL% returned in the CMD shell并检查 CMD shell 中返回的%ERRORLEVEL%
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.