Upon finding exploitable ssh-agent it asks for "sudo password" and immediately crashes

[TheSecureTux]

Upon finding exploitable ssh-agent it asks for "sudo password" and immediately crashes. I tried running it with -a flags (same behavior) and with "--sudo_password", where it asks for the sudo password once, and once provided it prompts for it again and crashes.

Running on kali-linux over wsl2 for tests, but I could test on Arch linux (no wsl) too if needed.

❯ python gtfonow.py --sudo_password

---

/ / / / \/ |/ / _ _ / ( / / / / // // / / \ |/|/ / \/ // // _//|/\/,/

https://github.com/Frissi0n/GTFONow

[!] Found exploitable sgid binary: /usr/bin/ssh-agent Enter sudo password:

[sudo] password for tux: Command timed out. User may need to enter a password. Traceback (most recent call last): File "/home/tux/hack/GTFONow/gtfonow/gtfonow.py", line 4224, in main() File "/home/tux/hack/GTFONow/gtfonow/gtfonow.py", line 4200, in main sudo_privescs, suid_privescs, cap_privescs = perform_privilege_escalation_checks( ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/tux/hack/GTFONow/gtfonow/gtfonow.py", line 4100, in perform_privilege_escalation_checks cap_privescs.extend(check_cap_bins()) ^^^^^^^^^^^^^^^^ File "/home/tux/hack/GTFONow/gtfonow/gtfonow.py", line 3792, in check_cap_bins if check_capability(binary_path, "cap_setuid"): ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/tux/hack/GTFONow/gtfonow/gtfonow.py", line 3672, in check_capability if capability in result: ^^^^^^^^^^^^^^^^^^^^ TypeError: a bytes-like object is required, not 'str'

[61ack1ynx]

Same here, but crashing right after start.

python gtfonow.py 1 ↵ ──(Sat,Jan06)─┘

---

/ / / / \/ |/ / _ _ / ( / / / / // // / / \ |/|/ / \/ // // _//|/\/,/

https://github.com/Frissi0n/GTFONow

Traceback (most recent call last): File "/home/blacklynx/Tools/GTFONow/gtfonow/gtfonow.py", line 4224, in main() File "/home/blacklynx/Tools/GTFONow/gtfonow/gtfonow.py", line 4200, in main sudo_privescs, suid_privescs, cap_privescs = perform_privilege_escalation_checks( ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/blacklynx/Tools/GTFONow/gtfonow/gtfonow.py", line 4100, in perform_privilege_escalation_checks cap_privescs.extend(check_cap_bins()) ^^^^^^^^^^^^^^^^ File "/home/blacklynx/Tools/GTFONow/gtfonow/gtfonow.py", line 3792, in check_cap_bins if check_capability(binary_path, "cap_setuid"): ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/blacklynx/Tools/GTFONow/gtfonow/gtfonow.py", line 3672, in check_capability if capability in result: ^^^^^^^^^^^^^^^^^^^^ TypeError: a bytes-like object is required, not 'str'

[harrisoncattell]

Exact same issue, finds ssh-agent then immediately throws an exception

---

https://github.com/Frissi0n/GTFONow

[!] Found exploitable sgid binary: /usr/bin/ssh-agent Traceback (most recent call last): File "/home/system-admin/GTFONow/gtfonow/gtfonow.py", line 4224, in main() File "/home/system-admin/GTFONow/gtfonow/gtfonow.py", line 4200, in main sudo_privescs, suid_privescs, cap_privescs = perform_privilege_escalation_checks( File "/home/system-admin/GTFONow/gtfonow/gtfonow.py", line 4100, in perform_privilege_escalation_checks cap_privescs.extend(check_cap_bins()) File "/home/system-admin/GTFONow/gtfonow/gtfonow.py", line 3792, in check_cap_bins if check_capability(binary_path, "cap_setuid"): File "/home/system-admin/GTFONow/gtfonow/gtfonow.py", line 3672, in check_capability if capability in result: TypeError: a bytes-like object is required, not 'str'

[saymyname77]

same problem