sshmitm.plugins.scp.rewrite_command module
SCPRewriteCommand - A plugin for ssh-mitm that rewrites SCP commands.
This plugin is used to modify SCP commands, either by appending a string to the existing command or replacing the command with a different string. It can also be used to modify rsync and git commands. The new command is specified using the –scp-append-string and –scp-replace-string options, respectively.
- class sshmitm.plugins.scp.rewrite_command.SCPRewriteCommand(session)
Bases:
SCPForwarderRewrites the SCP command before it is sent to the remote server.
Intercepts the exec command that the SCP client sends and either appends a string to it or replaces it entirely. Because SCP, rsync, and git all tunnel over the SSH exec channel, this plugin can manipulate any of those commands.
Usage example
Append a string to the existing command:
ssh-mitm server --scp-forwarder replace-command --scp-append-string " --dry-run"
Replace the command entirely:
ssh-mitm server --scp-forwarder replace-command --scp-replace-string "echo hijacked"
Notes
If both
--scp-append-stringand--scp-replace-stringare set, append takes precedence.The rewritten command is logged at INFO level.
- Parameters:
session (
Session)
- classmethod parser_arguments()
- Return type:
None
- rewrite_scp_command(command)
- Parameters:
command (
str)- Return type:
str