The security of capacitive touchscreens is crucial since they have become the primary human-machine interface on smart devices. This paper presents Marionette, the first wired attack that creates ghost touches on capacitive touchscreens via charging cables and can manipulate the victim's devices with undesired consequences, e.g., establishing malicious Bluetooth connections. Our study provides a new threat vector against touchscreens that only requires connecting to a malicious charging port, which could be a public charging station, and is effective across various USB data blockers and power adapters. Despite the fact that smartphones employ abundant noise reduction and voltage management techniques, we manage to inject carefully crafted signals that can induce ghost touches within a chosen range. The underlying principle is to inject common-mode noises over the power line to avoid being effectively filtered yet affecting the touch measurement mechanism and synchronize the malicious noise with the screen measurement scanning cycles to place the ghost touches at target locations. We achieve three types of attacks, i.e., injection, alteration, and Denial-of-Service, and the evaluation of 12 commercial electronics, 6 power adapters, and 13 charging cables demonstrate the feasibility of Marionette.