NTSTATUS: STATUS_CREATE_PROCESS_NT51
Following up on the previous post on the Win32 API's process creation functions in Windows Vista SP1, now let's take a look at how it was in Windows XP SP2.
Following are the process creation functions available in the Win32 API:
kernel32.dll:
- CreateProcessA()
- CreateProcessW()
- CreateProcessInternalA()
- CreateProcessInternalW()
- CreateProcessInternalWSecure()
advapi32.dll:
- CreateProcessAsUserA()
- CreateProcessAsUserW()
- CreateProcessWithLogonW()
- CreateProcessAsUserSecure()
Of note are CreateProcessInternalWSecure() and CreateProcessAsUserSecure(). These two functions do absolutely nothing. They just return zero. It's also worth noting that these two functions do not appear in Windows Vista. I suppose as a joke, it means that there is no secure way to create processes in Windows XP! GYAHAHA!!!
Below is a diagram that shows how these functions are related to each other, with the exception of CreateProcessWithLogonW():
Win32 API Process Creation Functions
The general workings of these functions are the same as they were described in the previous post for Windows Vista.
Posts
