Fix su bruteforce false positives on BusyBox systems (bbsuid)

[Apursuit]

Hi team,
I encountered a false positive issue with the su bruteforce function (su_try_pwd) while testing on a machine running Alpine Linux with BusyBox's su implementation (bbsuid).

The Issue:
The current logic checks if [ "$trysu" ]; then. Since trysu captures stdout, and BusyBox's su outputs prompts (e.g., "Password:") and error messages to stdout instead of stderr when running non-interactively, the variable is never empty. This causes LinPEAS to report every password as valid.

Reproduction:
I verified this behavior on the target machine:

# Even with stderr discarded (2>/dev/null), stdout is NOT empty upon failure
$ su root 2>/dev/null
Password:

The Fix:
I verified on the target system that despite the stdout behavior, BusyBox correctly returns a non-zero exit code on failure and 0 on success.

I have updated linPEAS/builder/linpeas_parts/functions/su_try_pwd.sh to rely on the exit code ($?) instead of the stdout content:

# Old
trysu=$(echo "$PASSWORDTRY" | timeout 1 su $BFUSER -c whoami 2>/dev/null)
if [ "$trysu" ]; then

# New
trysu=$(echo "$PASSWORDTRY" | timeout 1 su $BFUSER -c whoami 2>/dev/null)
if [ $? -eq 0 ]; then

I have tested this change locally on the affected machine, and it successfully eliminated the false positives while correctly identifying the valid password.

Thanks for the great tool!

[carlospolop]

Sorry I didn't see this PR with all the other ones, merging! Thanks for taking the time to create the PR!