sshmitm.plugins.scp.rewrite_command module

SCPRewriteCommand - A plugin for ssh-mitm that rewrites SCP commands.

This plugin is used to modify SCP commands, either by appending a string to the existing command or replacing the command with a different string. It can also be used to modify rsync and git commands. The new command is specified using the –scp-append-string and –scp-replace-string options, respectively.

class sshmitm.plugins.scp.rewrite_command.SCPRewriteCommand(session)

Bases: SCPForwarder

Rewrites the SCP command before it is sent to the remote server.

Intercepts the exec command that the SCP client sends and either appends a string to it or replaces it entirely. Because SCP, rsync, and git all tunnel over the SSH exec channel, this plugin can manipulate any of those commands.

Usage example

Append a string to the existing command:

ssh-mitm server --scp-forwarder replace-command --scp-append-string " --dry-run"

Replace the command entirely:

ssh-mitm server --scp-forwarder replace-command --scp-replace-string "echo hijacked"

Notes

  • If both --scp-append-string and --scp-replace-string are set, append takes precedence.

  • The rewritten command is logged at INFO level.

Parameters:

session (Session)

classmethod parser_arguments()
Return type:

None

rewrite_scp_command(command)
Parameters:

command (str)

Return type:

str