def main()

in cortado/rtas/schtask_escalation.py [0:0]

• 19 lines of code
• 6 McCabe index (conditional complexity)

def main():
    log.info("Scheduled Task Privilege Escalation")

    task_name = "test-task-rta"
    file_path = Path("task.log").resolve()
    command = f"cmd.exe /c whoami.exe > {file_path}"

    # Delete the task if it exists
    retcode = execute_schtasks(["/query", "/tn", task_name])
    if retcode == 0:
        _ = execute_schtasks(["/delete", "/tn", task_name, "/f"])

    retcode = execute_schtasks(["/create", "/tn", task_name, "/ru", "system", "/tr", command, "/sc", "onlogon"])
    if retcode != 0:
        log.info("Error creating task")
        return

    # Run the task and grab the file
    retcode = execute_schtasks(["/run", "/tn", task_name])
    if retcode == 0:
        time.sleep(1)
        _common.print_file(file_path)
        time.sleep(1)
        _common.remove_file(file_path)

    _ = execute_schtasks(["/delete", "/tn", task_name, "/f"])