{"id":14037065,"url":"https://github.com/xdavidhu/lanGhost","last_synced_at":"2025-07-27T04:33:52.450Z","repository":{"id":133208493,"uuid":"111597509","full_name":"xdavidhu/lanGhost","owner":"xdavidhu","description":"👻 A LAN dropbox chatbot controllable via Telegram","archived":true,"fork":false,"pushed_at":"2019-11-03T11:33:44.000Z","size":5115,"stargazers_count":354,"open_issues_count":8,"forks_count":60,"subscribers_count":28,"default_branch":"master","last_synced_at":"2024-08-12T03:06:32.230Z","etag":null,"topics":["chatbot","dropbox","hacking","network-monitoring","pentesting","python","telegram"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/xdavidhu.png","metadata":{"files":{"readme":"README.MD","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-11-21T20:24:48.000Z","updated_at":"2024-08-12T03:06:33.065Z","dependencies_parsed_at":null,"dependency_job_id":"7fac235b-79dc-4a8b-b0d3-93d964431c98","html_url":"https://github.com/xdavidhu/lanGhost","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xdavidhu%2FlanGhost","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xdavidhu%2FlanGhost/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xdavidhu%2FlanGhost/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xdavidhu%2FlanGhost/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/xdavidhu","download_url":"https://codeload.github.com/xdavidhu/lanGhost/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":227762416,"owners_count":17816024,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["chatbot","dropbox","hacking","network-monitoring","pentesting","python","telegram"],"created_at":"2024-08-12T03:02:27.381Z","updated_at":"2024-12-02T16:31:42.133Z","avatar_url":"https://github.com/xdavidhu.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"\u003cp align=center\u003e\n\u003ca href=\"https://github.com/xdavidhu/lanGhost/blob/master/README.MD\"\u003e\u003cimg src=\"https://github.com/xdavidhu/lanGhost/raw/master/img/lanGhost.png\"/\u003e\n\u003c/a\u003e\n\u003ca href=\"https://travis-ci.org/xdavidhu/lanGhost\"\u003e\n    \u003cimg src=\"https://travis-ci.org/xdavidhu/lanGhost.svg?branch=master\" align=center/\u003e\n\u003c/a\u003e\n\u003ca href=\"https://github.com/xdavidhu/lanGhost\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/python-3.3%2C%203.4%2C%203.5%2C%203.6-brightgreen.svg\" align=center/\u003e\n\u003c/a\u003e\n\u003ca href=\"https://github.com/xdavidhu/lanGhost/blob/master/LICENSE\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/license-MIT-blue.svg\" align=center/\u003e\n\u003c/a\u003e\n\u003ca href=\"https://github.com/xdavidhu/lanGhost\"\u003e\n    \u003cimg src=\"https://img.shields.io/github/stars/xdavidhu/lanGhost.svg\" align=center/\u003e\n\u003c/a\u003e\n\u003c/p\u003e\n\n\u003ch3 align=center\u003e⚠️ Warning! This project is no longer maintained and may not work as excepted.\u003c/h3\u003e\n\n\u003ch3 align=center\u003e\u003ci\u003eA LAN dropbox chatbot controllable via Telegram\u003c/i\u003e\u003c/h3\u003e\n\n\u003ch1 align=center\u003efeatures:\u003c/h1\u003e\n\u003cp align=center\u003e\n\u003ca href=\"https://github.com/xdavidhu/lanGhost/blob/master/README.MD\"\u003e\u003cimg src=\"https://raw.githubusercontent.com/xdavidhu/lanGhost/master/img/features.png\"/\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\u003cbr\u003e\u003cbr\u003e\n\n\u003cp align=center\u003e\n\u003ca href=\"https://github.com/xdavidhu/lanGhost/blob/master/DEMOS.MD\"\u003e\u003cimg src=\"img/demos-button.png\" align=center width=40%/\u003e\u003c/a\u003e\n\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e\n\u003c/p\u003e\n\n\u003ch1 align=center\u003einstallation:\u003c/h1\u003e\n\n\u003ch3 align=center\u003ewarning:\u003c/h3\u003e\n\n\u003cp align=center\u003elanGhost is designed for \u003cb\u003eRaspberry Pis\u003c/b\u003e (\u003cb\u003eRaspbian\u003c/b\u003e/\u003cb\u003eKali for RPi\u003c/b\u003e). Running it on other/desktop distros could cause issues and may not work as excepted.\u003c/p\u003e\n\nYou will need a **Raspberry Pi** with **fresh Raspbian/Kali** on the SD card, because you don't want anything else running in the background.\n\nBoot up the Pi, get an SSH sell or connect a monitor and a keyboard and enter these commands:\n\n```\n$ sudo apt update \u0026\u0026 sudo apt install python3 python3-pip\n$ git clone https://github.com/xdavidhu/lanGhost\n$ cd lanGhost\n$ sudo ./setup.py\n```\n\nPlease **read** the questions/messages while running the setup script!\n\n\u003ch4\u003estep 1/4 - setup.py\u003c/h4\u003e\n\n```\n[+] Please enter the name of the network interface connected/will\nbe connected to the target LAN. Default wired interface is 'eth0',\nand the default wireless interface is 'wlan0' on most systems, but\nyou can check it in a different terminal with the 'ifconfig' command.\n```\n\n\u003ch4\u003estep 2/4 - setup.py\u003c/h4\u003e\n\n```\n[+] Please create a Telegram API key by messaging @BotFather on Telegram\nwith the command '/newbot'.\n\nAfter this, @BotFather will ask you to choose a name for your bot.\nThis can be anything you want.\n\nLastly, @BotFather will ask you for a username for your bot. You have\nto choose a unique username here which ends with 'bot'. For\nexample: xdavidbot. Make note of this username, since later\nyou will have to search for this to find your bot, which lanGhost\nwill be running on.\n\nAfter you send your username of choise to @BotFather, you will recieve\nyour API key.\n```\n\n\u003cp align=center\u003e\n\u003cimg src=\"https://github.com/xdavidhu/lanGhost/raw/master/img/screenshot-telegram-1.png\"/\u003e\n\u003cbr\u003e\u003cbr\u003e\n\u003cimg src=\"https://github.com/xdavidhu/lanGhost/raw/master/img/screenshot-telegram-2.png\"/\u003e\n\u003c/p\u003e\n\n\u003ch4\u003estep 3/4 - setup.py\u003c/h4\u003e\n\n```\n[+] Now for lanGhost to only allow access to you, you need to verify yourself.\n\nSend the verification code below TO THE BOT you just created. Just search for your\nbot's @username (what you sent to @BotFather) to find it.\n\n[+] Verification code to send: ******\n```\n\n\u003cp align=center\u003e\n\u003cimg src=\"https://github.com/xdavidhu/lanGhost/raw/master/img/screenshot-telegram-3.png\"/\u003e\n\u003c/p\u003e\n\n\u003ch4\u003estep 4/4 - setup.py\u003c/h4\u003e\n\n```\n[+] Do you want lanGhost to start on boot? This option is necessary if you are using\nthis device as a dropbox, because when you are going to drop this device into a\nnetwork, you will not have the chanse to start lanGhost remotely! (autostart works\nby adding a new cron '@reboot' entry)\n```\n\n\u003ch3 align=center\u003eIf you are ready with the setup just reboot the Pi and lanGhost will start right up!\u003c/3\u003e\n\u003cbr\u003e\u003cbr\u003e\n\u003cp align=center\u003e\n\u003cimg src=\"https://github.com/xdavidhu/lanGhost/raw/master/img/screenshot-telegram-4.png\"/\u003e\n\u003c/p\u003e\n\n\u003ch1 align=center\u003eusage:\u003c/h1\u003e\n\n\u003ch3 align=center\u003ewarnings:\u003c/h3\u003e\n\n\u003cp align=center\u003eUsing lanGhost on a networks bigger than /24 is \u003cb\u003enot recommended\u003c/b\u003e because the scans will take too long.\u003c/p\u003e\n\n\u003cp align=center\u003elanGhost is \u003cb\u003enot quiet\u003c/b\u003e. Anyone monitoring the traffic can see the ARP packets!\u003c/p\u003e\n\n\u003ch3\u003edrop it into a network:\u003c/h3\u003e\n\nIf you have selected `yes` at `step 4/4 (autostart)` the Pi is fully set up for dropping. lanGhost should start up on boot, and send you a message on Telegram with the text: `lanGhost started! 👻`.\n\nMake sure to try it out in your lab first and test if lanGhost is responding to your messages!\n\nIf you are all set, just connect it to the target network by plugging in the Ethernet cable into the Pi and connecting the power via micro USB and you are ready to go!\n\n(lanGhost can also work over WiFi, but you will need to set up `wpa_supplicant` to connect to the network automatically first)\n\n\u003ch3\u003eavailable commands:\u003c/h3\u003e\n\n```\n/scan - Scan LAN network\n/scanip [TARGET-IP] - Scan a specific IP address.\n/kill [TARGET-IP] - Stop the target's network connection.\n/mitm [TARGET-IP] - Capture HTTP/DNS traffic from target.\n/replaceimg [TARGET-IP] - Replace HTTP images requested by target.\n/injectjs [TARGET-IP] [JS-FILE-URL] - Inject JavaScript into HTTP pages requested by target.\n/spoofdns [TARGET-IP] [DOMAIN] [FAKE-IP] - Spoof DNS records for target.\n/attacks - View currently running attacks.\n/stop [ATTACK-ID] - Stop a currently running attack.\n/restart - Restart lanGhost.\n/reversesh [TARGET-IP] [PORT] - Create a netcat reverse shell to target.\n/help - Display the help menu.\n/ping - Pong.\n```\n\n\u003ch3\u003eattack system:\u003c/h3\u003e\n\nYou can start an attack by using one of these commands: `/kill, /mitm, /replaceimg, /injectjs, /spoofdns`\n\nAter you have one or more attacks running, you can use the `/attack` command to get a list of them containing the `ATTACK-ID`'s.\n\nTo stop an attack type `/stop [ATTACK-ID]`.\n\n\u003ch3\u003ereverse shell:\u003c/h3\u003e\n\n\u003ch3 align=center\u003ewarning:\u003c/h3\u003e\n\n\u003cp align=center\u003e\u003ccode\u003e/reversesh\u003c/code\u003e only makes a netcat TCP connection which is not encrypted and all the traffic can be monitored! Only use it for emergency fixes or for setting up an encrypted reverse connection if necessary.\u003c/p\u003e\n\nThe `/reversesh` command is for getting a reverse shell on the Pi, when its not accessable from the outside.\n\nTo use the `/reversesh` command you will need to have a server listening for the shell.\n\nNetcat command to start up the listener on your server:\n\n```\n$ nc -l 0.0.0.0 [PORT]\n```\n\nTelegram command:\n\n```\n/reversesh [IP-of-your-listening-server] [PORT]\n```\n\n\u003ch3\u003eattacks:\u003c/h3\u003e\n\n  * `/kill` - Stops the internet connectivity for the target.\n  * `/mitm` - Captures HTTP and DNS traffic from the target and sends it in text messages.\n  * `/replaceimg` -  Replaces HTTP images for the target to what picture you send to the bot.\n  * `/injectjs` - Injects JavaScript into every HTTP HTML response for the target. You need to host the the JS file on your server and give the URL as a parameter.\n  * `/spoofdns` - Spoofs DNS responses for the target.\n\nAll attacks use **ARP Spoofing**!\n\n\u003ch3\u003escans:\u003c/h3\u003e\n\n  * `/scan` - Scans the local network and returns the hosts online. Uses `nmap -sn` scan to discover hosts.\n  * `/scanip` - Scans an IP address for open ports and other info. Uses `nmap -sS` scan.\n\n\u003ch3\u003enotifications:\u003c/h3\u003e\n\nYou will get a message every time when a new device connects/leaves the network.\n\n\u003ch1 align=center\u003edisclaimer:\u003c/h1\u003e\n\n\u003ch3 align=center\u003eI'm not responsible for anything you do with this program, so please only use it for good and educational purposes.\u003c/h3\u003e\n\n\u003ch1 align=center\u003elegal:\u003c/h1\u003e\n\n\u003cp align=center\u003e\nCopyright (c) 2018 by David Schütz. Some rights reserved.\u003cbr\u003e\u003cbr\u003e\nlanGhost is under the terms of the MIT License, following all clarifications stated in the license file. You can also go ahead and email me at xdavid{at}protonmail{dot}com.\n\u003c/p\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxdavidhu%2FlanGhost","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fxdavidhu%2FlanGhost","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxdavidhu%2FlanGhost/lists"}