GTFONow - Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

frissi0n · January 19, 2021, 12:03am

Hi 0x00Sec

In the past I have just lurked here, but now I have something of interest to post, I thought I would finally signup.

I’m sharing a new tool I’ve created called GTFONow, its used for automatic privilege escalation by abusing misconfigured unix capabilities, sudo and suid binaries.

It is intended for CTFs, but could work on pentests too, however it can be quite noisy so its not recommended if you are aiming to be stealthy.

Currently it has the following features:

Automatically escalate privileges using misconfigured sudo permissions.
Automatically escalate privileges using misconfigured suid permissions.
Automatically escalated privileges using misconfigured capabilities.
Supports Python 2 and 3.
No third party libraries required.
Support sudo PASSWD and NOPASSWD escalation, automatically attempts to enumerate sudo binaries for when password is not known and sudo -l is not accessible.

Usage Examples

Default Mode - Scan All

Capability Escalation

Sudo Escalation and Verbose Mode

pry0cc · January 19, 2021, 9:51pm

Thank you for the awesome share and welcome to being a first-time poster! It’s great to see long-time lurkers come out of the shadows

Welcome to 0x00sec

pgpguru · January 22, 2021, 1:51am

this is perfect , i just used it in a ctf for my cyber security class .

greyboy · January 23, 2021, 6:22pm

It’s working so good that I will use it in the picoCTF 2021

system · May 20, 2021, 4:03pm

This topic was automatically closed after 121 days. New replies are no longer allowed.