Stealthshell and Injectorshell docs

Author: The5imon

docs/injectorshell.rst

@@ -1,7 +1,25 @@
-Injectorshell
+injectorshell
 ===============
 
+Included in the original `ssh-mitm <http://ssh-mitm.at/>`_ suit this is a detailed documentation
+by its creator.
 
+The injectorshell ssh interface allows the operator of the ssh-mitm server to serve out shell access over
+the network that correspond to a hijacked ssh session. Within these injected shells one is able to
+execute commands on the remote host using the ssh session created by the original client. Contrary to the
+mirrorshell there can be multiple injected shells per ssh session. All these shells - including the client itself -
+share their environment but are served answers individually.
+
+Using the ``--ssh-injector-enable-mirror`` option injected shells can print the input of the user to their screen.
+This differs from the mirrorshell which always displays every keystroke on both terminals. The injectorshell
+tries its best to not leak any unwanted output to the users session so that they can operate normally.
+
+By default injector shell access is limited to the local maschine ``localhost`` but can be opened up to any
+network using the ``--ssh-injector-net NET/IF`` parameter. Due to the fact that access to the injector shells is
+not authenticated doing this should be thoroughly thought through.
+
+For ease of use a private key can be used for a more consistent integrity check. It can be set with the
+``--ssh-injector-key ID`` parameter. If this is not done a new one will be generated each time the server is spun up.
 
 .. note::
     It should also be noted that shell environment can be affected by any injector shell and is not accounted for when
@@ -12,4 +30,4 @@ Injectorshell
     It is also important to mention that when multiple injector shells are inserting commands into the same hijacked ssh
     session at the same time discrepancies are not accounted for. Keystrokes are collectively merged at the server and the
     responses are served accordingly. This is also true for the clients interactive ssh session. A advanced edition of the
-    injectorshell fixes both these problems.
+    injectorshell - the :ref:`stealthshell` - fixes both these problems.

docs/scriptedshell.rst

@@ -1,3 +1,7 @@
-Scriptedshell
+scriptedshell
 ===============
 
+When working through a security audit gathering information is one of the most important steps.
+
+The scriptedshell ssh interface is first and foremost an information gathering tool but due to its
+functionality it can also be used for different use cases.

docs/stealthshell.rst

@@ -1,4 +1,4 @@
-Stealthshell
+stealthshell
 =================
 
 As an upgrade to the :ref:`injectorshell` (implementation in `ssh-mitm <http://ssh-mitm.at/>`_ done by me) the stealthshell
@@ -18,6 +18,8 @@ work correctly.
     Environment considerations of the :ref:`injectorshell` are still uphold by the stealthshell. Discrepancy problems
     described by the :ref:`injectorshell` are solved by this newer edition (client cannot be interrupted by injected keystrokes BUT
     unfinished injected strokes will be seen by the server). Only with the ``--ssh-injector-super-stealth`` option the
-    discrepancy between the user and all injector shells will not occur.
-
+    discrepancy between the user and all injector shells will not occur. It is recommended that the ``--ssh-injector-super-stealth``
+    option is used in combination with the ``--ssh-injector-enable-mirror`` option to see more clearly when commands
+    can be executed.
 
+For a more detailed look at the plugins operation refer to the :ref:`injectorshell` documentation.