def main()

in cortado/rtas/unusual_rdp_client.py [0:0]

• 25 lines of code
• 1 McCabe index (conditional complexity)

def main():
    ps1_file = _common.get_resource_path("bin/Invoke-ImageLoad.ps1")

    powershell = "C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe"
    posh = "C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\posh.exe"
    user32 = "C:\\Windows\\System32\\user32.dll"
    dll = "C:\\Users\\Public\\mstscax.dll"
    ps1 = "C:\\Users\\Public\\Invoke-ImageLoad.ps1"

    _common.copy_file(user32, dll)
    _common.copy_file(powershell, posh)
    _common.copy_file(ps1_file, ps1)

    log.info("Loading mstscax.dll into posh")
    _ = _common.execute_command(
        [
            posh,
            "-c",
            f"Import-Module {ps1}; Invoke-ImageLoad {dll};",
            "Test-NetConnection",
            "-ComputerName",
            "portquiz.net",
            "-Port",
            "3389",
        ],
        timeout_secs=10,
    )
    _common.remove_files([dll, ps1, posh])