def main()

in cortado/rtas/execution_iso_dll_rundll32.py [0:0]

• 8 lines of code
• 5 McCabe index (conditional complexity)

def main():
    # ps script to mount, execute a file and unmount ISO device
    PS_SCRIPT = _common.get_resource_path("bin/ExecFromISOFile.ps1")

    if Path(ISO_FILE).is_file() and Path(PS_SCRIPT).is_file():
        log.info(f"ISO File {ISO_FILE} will be mounted and executed via powershell")

        # import ExecFromISO function that takes two args -ISOFIle pointing to ISO file path and -procname pointing to the filename to execute
        command = f"powershell.exe -ExecutionPol Bypass -c import-module {PS_SCRIPT}; ExecFromISO -ISOFile {ISO_FILE} -procname {LINK_FILE};"
        _ = _common.execute_command(command, shell=True)

        # terminate notepad.exe spawned as a result of the DLL execution
        _ = _common.execute_command(["taskkill", "/f", "/im", "notepad.exe"])
        log.info("RTA Done!")