def impersonate_trusted_installer()

in cortado/rtas/impersonate_trusted_installer.py [0:0]

• 25 lines of code
• 2 McCabe index (conditional complexity)

def impersonate_trusted_installer():
    try:
        import win32api
        import win32file
        import win32security

        hp = win32api.OpenProcess(
            PROCESS_QUERY_LIMITED_INFORMATION,
            0,
            _common.get_process_pid("TrustedInstaller.exe"),
        )
        th = win32security.OpenProcessToken(hp, TOKEN_ALL_ACCESS)
        new_tokenh = win32security.DuplicateTokenEx(
            th, 2, TOKEN_ALL_ACCESS, win32security.TokenImpersonation, win32security.SECURITY_ATTRIBUTES()
        )
        win32security.ImpersonateLoggedOnUser(new_tokenh)
        log.info("Impersonated TrustedInstaller service")
        hf = win32file.CreateFile("rta_ti.txt", win32file.GENERIC_WRITE, 0, None, 2, 0, None)
        win32file.WriteFile(hf, ("AAAAAAAA").encode())
        win32file.CloseHandle(hf)
        win32api.CloseHandle(hp)
        log.info("Created File rta_ti.txt as the TrustedInstaller service")
        win32file.DeleteFile("rta_ti.txt")
        log.info("Deleted rta_ti.txt")
    except Exception:
        log.error("Failed TrustedInstaller Impersonation", exc_info=True)