Upon finding exploitable ssh-agent it asks for "sudo password" and immediately crashes

[TheSecureTux]

Upon finding exploitable ssh-agent it asks for "sudo password" and immediately crashes. I tried running it with -a flags (same behavior) and with "--sudo_password", where it asks for the sudo password once, and once provided it prompts for it again and crashes.

Running on kali-linux over wsl2 for tests, but I could test on Arch linux (no wsl) too if needed.

❯ python gtfonow.py --sudo_password

---

/ / / / __ / |/ / _ __
/ ( / / / / // // / / _ \ |/|/ /
_/ // // _//|/_/,__/

https://github.com/Frissi0n/GTFONow

[!] Found exploitable sgid binary: /usr/bin/ssh-agent
Enter sudo password:

[sudo] password for tux: Command timed out. User may need to enter a password.
Traceback (most recent call last):
File "/home/tux/hack/GTFONow/gtfonow/gtfonow.py", line 4224, in
main()
File "/home/tux/hack/GTFONow/gtfonow/gtfonow.py", line 4200, in main
sudo_privescs, suid_privescs, cap_privescs = perform_privilege_escalation_checks(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/tux/hack/GTFONow/gtfonow/gtfonow.py", line 4100, in perform_privilege_escalation_checks
cap_privescs.extend(check_cap_bins())
^^^^^^^^^^^^^^^^
File "/home/tux/hack/GTFONow/gtfonow/gtfonow.py", line 3792, in check_cap_bins
if check_capability(binary_path, "cap_setuid"):
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/tux/hack/GTFONow/gtfonow/gtfonow.py", line 3672, in check_capability
if capability in result:
^^^^^^^^^^^^^^^^^^^^
TypeError: a bytes-like object is required, not 'str'

[61ack1ynx]

Same here, but crashing right after start.

python gtfonow.py 1 ↵ ──(Sat,Jan06)─┘

---

/ / / / __ / |/ / _ __
/ ( / / / / // // / / _ \ |/|/ /
_/ // // _//|/_/,__/

https://github.com/Frissi0n/GTFONow

Traceback (most recent call last):
File "/home/blacklynx/Tools/GTFONow/gtfonow/gtfonow.py", line 4224, in
main()
File "/home/blacklynx/Tools/GTFONow/gtfonow/gtfonow.py", line 4200, in main
sudo_privescs, suid_privescs, cap_privescs = perform_privilege_escalation_checks(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/blacklynx/Tools/GTFONow/gtfonow/gtfonow.py", line 4100, in perform_privilege_escalation_checks
cap_privescs.extend(check_cap_bins())
^^^^^^^^^^^^^^^^
File "/home/blacklynx/Tools/GTFONow/gtfonow/gtfonow.py", line 3792, in check_cap_bins
if check_capability(binary_path, "cap_setuid"):
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/blacklynx/Tools/GTFONow/gtfonow/gtfonow.py", line 3672, in check_capability
if capability in result:
^^^^^^^^^^^^^^^^^^^^
TypeError: a bytes-like object is required, not 'str'

[harrisoncattell]

Exact same issue, finds ssh-agent then immediately throws an exception

---

https://github.com/Frissi0n/GTFONow

[!] Found exploitable sgid binary: /usr/bin/ssh-agent
Traceback (most recent call last):
File "/home/system-admin/GTFONow/gtfonow/gtfonow.py", line 4224, in
main()
File "/home/system-admin/GTFONow/gtfonow/gtfonow.py", line 4200, in main
sudo_privescs, suid_privescs, cap_privescs = perform_privilege_escalation_checks(
File "/home/system-admin/GTFONow/gtfonow/gtfonow.py", line 4100, in perform_privilege_escalation_checks
cap_privescs.extend(check_cap_bins())
File "/home/system-admin/GTFONow/gtfonow/gtfonow.py", line 3792, in check_cap_bins
if check_capability(binary_path, "cap_setuid"):
File "/home/system-admin/GTFONow/gtfonow/gtfonow.py", line 3672, in check_capability
if capability in result:
TypeError: a bytes-like object is required, not 'str'

[saymyname77]

same problem