sshmitm.plugins.tunnel.injectservertunnel module

class sshmitm.plugins.tunnel.injectservertunnel.InjectableRemotePortForwardingForwarder(session, server_interface, destination)

Bases: RemotePortForwardingForwarder

Intercepts SSH remote port forwarding and opens a local injection port per session.

When the SSH client requests remote port forwarding (-R), this plugin accepts the forwarded connection as usual and additionally starts a local TCP listener on a random port. A second client can connect to that local port and have its traffic injected directly into the forwarded channel.

SSH-MITM logs the injection port when the forwarding session is established:

[i] <session-id> - created server tunnel injector for host 127.0.0.1 on port 34567 to destination ('10.0.0.1', 8080)

Usage example

ssh-mitm server --remote-port-forwarder inject

Connect to the printed injection port to send data into the tunnel:

nc 127.0.0.1 34567

Notes

  • One injection listener is created per forwarded-tcpip channel.

  • Use --tunnel-server-net to bind the injection listener to a specific interface (default: all interfaces).

Parameters:
__init__(session, server_interface, destination)

Starts the local injection TCP listener for this forwarding session.

Parameters:
  • session (Session) – the active SSH session being intercepted.

  • server_interface (ServerInterface) – the paramiko server interface handling this session.

  • destination (tuple[str, int] | None) – the remote host and port the client is forwarding to.

handle_request(listenaddr, client, addr)
Parameters:
  • listenaddr (tuple[str, int])

  • client (socket | Channel)

  • addr (tuple[str, int])

Return type:

None

classmethod parser_arguments()
Return type:

None