sshmitm.plugins.scp.inject_file module

class sshmitm.plugins.scp.inject_file.SCPInjectFile(*args, **kwargs)

Bases: SCPForwarder

Injecting an additional file during SCP transmission (CVE-2019-6111, CVE-2019-6110)

This feature is based on a OpenSSH Client Vulnerability ‘SSHtranger Things’ that has been patched with version > OpenSSH 8.0p1

Title: SSHtranger Things Author: Mark E. Haase <mhaase@hyperiongray.com> Homepage: https://www.hyperiongray.com Date: 2019-01-17 CVE: CVE-2019-6111, CVE-2019-6110 Advisory: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt

exploit() None
hide_tracks() None
classmethod parser_arguments() None
process_data(traffic: bytes) bytes