Skip to main content

Hey y'all, a query for the hive mind.



We've been running into users installing Awesome Screenshots (horrible name), which beacons out to websites tens of thousands of times a day. As you can imagine, InfoSec is not happy about it. I'm trying to find a way to do reporting to find out what extensions are installed on machines.



I found that the extensions are all stored in the same folder:



~/Library/Application Support/Google/Chrome/Default/Extensions/


But the names of the folders with are just random strings of letters and numbers:
external image link



Within the folder is a manifest.json file, which does have the app name in it:
external image link



So I'm assuming there is some way to grab that and throw it into an extension attribute or something. I think the main problem would be navigating through those extension folders, or at least finding a way to translate those folders into extension names.



Has anyone found a way to successfully report installed extensions? Any input on this would be appreciated. Thanks!

@jrwilcox How do we do this exactly?

I have done this using a configuration profile.





You need to create a plist file with the extensions you don't want. Ours has grown over the years. But it would look something like this:



<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">

<plist version="1.0">

<dict>

    <key>ExtensionInstallBlacklist</key>

    <array>

        <string>fdcgdnkidjaadafnichfpabhfomcebme</string>

        <string>omghfjlpggmjjaagoclmmobgdodcjboh</string>

        <string>ojhgknhfdjheakddcdenanbgaaepcijb</string>

        <string>ckiahbcmlmkpfiijecbpflfahoimklke</string>

        <string>eelphgpfmjhndihoopgadghfonahifel</string>

        <string>gjgadmpbpojbdcehgijdlboanljfmnel</string>

        <string>idefjamndcpplnamdlbodoebjgkpdmpn</string>

        <string>mpmikmnnnoacchojfpdgfdgpkfgajhim</string>

        <string>fcbnikgemihknccdjaihjnfbapinljpi</string>

        <string>bkjcdfmmpdfjohenejbkaaafkoeknjnh</string>

        <string>gnenekpofbpieiafoofnnphgdmloiheo</string>

        <string>jhdlphnpjdilnjmhgepbgaompckdjdbf</string>

        <string>dpplabbmogkhghncfbfdeeokoefdjegm</string>

        <string>egnccllcfmpcmeccejlbbnmobnaglbka</string>

        <string>gbchcmhmhahfdphkhkmpfmihenigjmpp</string>

        <string>pohhhgpookhmdgjnngkgkbhklplbompp</string>

        <string>lledpflfnanamkogoclkgaggfdgoalok</string>

        <string>pdkmdmbjlgckgcffnndhhlmifaobafji</string>

        <string>padekgcemlokbadohgkifijomclgjgif</string>

        <string>omihnninlhneakfglooiofgdbpmnhjgn</string>

        <string>gchhimlnjdafdlkojbffdkogjhhkdepf</string>

        <string>okeigjflfhffjfkjkgaipencahpaiipd</string>

        <string>eifppljhjomneeocmoogcpfdkbemkbln</string>

        <string>jdhebjohjpgicipoimkglgledckdalke</string>

        <string>ipdbcacaocfljmgjidojcfgohgfnjeli</string>

        <string>dffcdhcicpnijbiloigogbgigiepgbpn</string>

        <string>ldikpbpacmiafmhiifihmicokeallbim</string>

        <string>cjnfcmkfdcoeckplikldabeggcohmbmj</string>

        <string>cldflcjakandmfifipfanklcdfhdiaph</string>

        <string>gohbopcmfdjomkmighlcflfjoleafmgj</string>

        <string>hghdlbnadahkknlbmckfljpcoilldcoa</string>

        <string>gcknhkkoolaabfmlnjonogaaifnjlfnp</string>

        <string>eiojlieidcgfibngioiipcabhhheklpi</string>

        <string>ocneleoikjgphlhjpeoabocgcegemegd</string>

        <string>kpiecbcckbofpmkkkdibbllpinceiihk</string>

        <string>dookpfaalaaappcdneeahomimbllocnb</string>

        <string>kphedknfgjnjghfjgjnggidjefechgak</string>

        <string>gjknjjomckknofjidppipffbpoekiipm</string>

        <string>kdgfdpeigidmiagopmgmnpkaokkofnbb</string>

        <string>ikdfimhecflbddjmblgbkinhfjlkmeni</string>

        <string>bibmocmlcdhadgblaekimealfcnafgfn</string>

        <string>deoodoglhbmpafkajmlggnjnngdclnie</string>

        <string>kcndmbbelllkmioekdagahekgimemejo</string>

        <string>iobkgicmookonkhaijnhoodijfhiljha</string>

        <string>eggfigcgijdfegcagkmkbdjokhkhgiek</string>

        <string>cmgnmcnlncejehjlnhaglpnoolgbflbd</string>

        <string>iilpibhiihokecnbdkaminemnmecjfed</string>

        <string>angbhbjbplfpkbcijbkhecjfcfgjbjoc</string>

        <string>nijojjpfbokhhlkphhjdlhdigfhgpndd</string>

        <string>fepeagfcjjbnchdgkglpinpiocbjbbhn</string>

        <string>ondofellpdgkikhlhfkiecjnkdmghpah</string>

        <string>gonhdadhgidiinkldgjolmnjlcekjffj</string>

        <string>gdocgbfmddcfnlnpmnghmjicjognhonm</string>

        <string>maicibfoihmlppibfkljeljefamfndbp</string>

        <string>mnjmjnofadekgmfahkikcjbckdofddbb</string>

        <string>mdlcjoghfabibdedbcpobangfgppnnbo</string>

        <string>lcojcmfieongdpblaefmjnegimcilifa</string>

        <string>cbipoicmapnmmmcbaagfagnlcdhgohfj</string>

        <string>bjgbkkeghhelcgfnklahganohbmpldke</string>

        <string>gpabelodkfbnigmjdlhdjcbjoimjjmap</string>

        <string>ggmdpepbjljkkkdaklfihhngmmgmpggp</string>

        <string>pminladjmndipkjkmdjhhbidegbjoemn</string>

        <string>bojjojmafbggldbgcohmpnedmimmicjf</string>

        <string>cegfejpmmodikpdebjkdnkgcifhfepfi</string>

        <string>cmnfgkpgdakahclbpekkppahnkcbogka</string>

        <string>gkojfkhlekighikafcpjkiklfbnlmeio</string>

        <string>epbfmioobedknooiakdehepogalbgkng</string>

        <string>gcbommkclmclpchllfjekcdonpmejbdp</string>

        <string>aadhbdhoolgcjfdplbjpfmmobcjmhklf</string>

        <string>gkopihinfioonpbajbajblgphaicajpn</string>

        <string>mnloefcpaepkpmhaoipjkpikbnkmbnic</string>

        <string>kbiknomhfomgpmobhoapjocngjmhdlhk</string>

        <string>nokjbkkpjgooeoegnbodmelenklgabpm</string>

        <string>bghpialiocekfipnbidmbhcbibpchjpb</string>

        <string>nabijffolhanhlbkmakkfgfeadcgkmna</string>

        <string>mjnbclmflcpookeapghfhapeffmpodij</string>

        <string>joglidlgpbjaokkllogcnodcjckajdni</string>

        <string>nlbejmccbhkncgokjcmghpfloaajcffj</string>

        <string>hbgknjagaclofapkgkeapamhmglnbphi</string>

        <string>baiknijknkfpoaehpnnjnjiidjonhfbb</string>

        <string>haagnpmcndhgepbnileochmgmdenapjg</string>

        <string>lebpnjmmkockepeffbadcnechelmhekc</string>

        <string>ifalmiidchkjjmkkbkoaibpmoeichmki</string>

        <string>lpgemjggacakklinlcfamaemnkbngmcf</string>

        <string>oicamophdnojgacgbobolcnhbbgpiknb</string>

        <string>baaclllfceolpgfimibgppgeojbeebcd</string>

        <string>mfoejjmlljjjiokompekfbdhaikjpijg</string>

        <string>mbnapgdcalopgfpleapnelndfhlebpmg</string>

        <string>njconeaigoafkdkcoaioddgmcioocabh</string>

        <string>lecomokapcbeofiomnjihgbkfcnhogil</string>

        <string>omdakjcmkglenbhjadbccaookpfjihpa</string>

        <string>dbgcbfajoppbhoakhjnfcpbkhomfabko</string>

        <string>eiddfaedmgnpnnojolcknhpjbmmpplgd</string>

        <string>eaadkdmjbccopjhknndhjpnbhbklonbc</string>

        <string>jlgkdcolhnlfkojbhjdbgeghollibcga</string>

        <string>ocmcdcmdgjejpidljphlgcgedlpjbfhh</string>

        <string>aifcmpjfhomafllokdkefjkbepbghhlk</string>

        <string>fhmfcdjnaimddaiemgmnggelpajkhngi</string>

        <string>jincbfompjbjnkbldjdhnkekihdanila</string>

        <string>lbggnklgidgdboipgkcefdeojekpcomo</string>

        <string>jnepnignpggeebkgdmdbmjgdkeapkhmp</string>

        <string>fjpglcmmjcmnfigjjgpnajgiejppjfha</string>

        <string>iklpfnjfjjdghbldecfhmkpnnojaifpk</string>

        <string>objkcphggobldholmnidihoibcapbmdi</string>

        <string>lbhdjpmomigdcfkidmimojhnoacaffcg</string>

        <string>gammobjddihgegcpnbmgipcmbejcjffn</string>

        <string>pooljnboifbodgifngpppfklhifechoe</string>

        <string>ngppcmdmopkgobmmcankecnpkkdkoeng</string>

        <string>deoeenbkoccjaefmmhpmlegngdjohdcm</string>

        <string>ikdfimhecflbddjmblgbkinhfjlkmeni</string>

        <string>alakcphnkenhpgmjgcpapeiaifddhbop</string>

        <string>ojfgcfilbphjeipkknjlkkkjboklihcn</string>

        <string>jcgcdicmlhepcpjcnafjfdcgdofcoleo</string>

        <string>omghfjlpggmjjaagoclmmobgdodcjboh</string>

        <string>acbclpnddfeendndgplngifjjihimbcg</string>

        <string>nfhpjjacpaacbcncddkhmhdgkfgnkffh</string>

        <string>opalpjjboefohnelaemnhdhlceibbcgl</string>

        <string>kfblffmcfhcclgeeialffpdamibbpkma</string>

        <string>aennjkgpfcjeilhccfkohcpmkgpeaiih</string>

        <string>edljfdnikiehndnhcfaohnijpfidhhpc</string>

        <string>fjfggdolkejgbladjgiafdfdddahiipg</string>

        <string>aonncbclmineeaebnfdadmaclpbogbdl</string>

        <string>bihmplhobchoageeokmgbdihknkjbknd</string>

        <string>opalpjjboefohnelaemnhdhlceibbcgl</string>

        <string>apepmbbejdeohmablkgnmngfpfapkhba</string>

        <string>bohjiepdaibaajbeedilfpdniijmmccf</string>

        <string>fdehilofdbonobjnkoijeiggnaddekdm</string>

        <string>aghegkgojapdjklinomabbgdlanpkdmk</string>

        <string>jbmkeiogkjmcmmkojnebgaglcideikab</string>

        <string>pphbjiclbdndpilnpjiamjonmpfddfma</string>

        <string>kebmnjndjbfhllgaengdjdobfhokkpca</string>

        <string>jccmoegogckfgbnllaapbhbpcohhknmc</string>

        <string>loenplbihejlgppngjjplpnejgdmhlpc</string>

        <string>fdhfkpocplboibnjgpiijhnchmeffalo</string>

        <string>enhcpffgidjhkgnnmiaeennhgjldopeh</string>

        <string>mfmeacflmeoggmfbimnmoobleekojlca</string>

        <string>ibgnlbelphlakpocgjhmfgeegfminhel</string>

        <string>gmolfjcfkljcegibacpmhnanbfkbmcnh</string>

        <string>ocdlmemhcamdekmepajibiaepaajaepo</string>

        <string>bkommgglgedojaffpdbadghkofkjfiej</string>

        <string>jiicoamlefgfcjdiaoggmclhndecenpm</string>

        <string>kcgfoobdbmnnpmoagfkgjgmiipnolhbj</string>

        <string>aieheoflmhngknnnimkhooklagfidikp</string>

        <string>olkbmocoahljgmegapgaefipjpdklpdd</string>

        <string>gmakhlakpiackdmiodepgbllmejakkgf</string>

        <string>epophiljpfjmehfmmifggbgpdhlpflfa</string>

        <string>bjdoolacknjicapllfnlnmfmppifnpba</string>

        <string>ogfnpoaboimnmogpddgkphgkbgooomhg</string>

        <string>nbkcgajmoblcepfdmpfnphjjmbfnckhp</string>

        <string>eoeecjmgnmpnljngnagabdpmahamaaoh</string>

        <string>heajfgnegopeedndeahkdjedjkjcmnpb</string>

        <string>mafcnffiekamcoipelofhbnpnhjppged</string>

        <string>odiddbcijempnhhobijfbggjogofdlgl</string>

        <string>hoapmlpnmpaehilehggglehfdlnoegck</string>

        <string>oknedbefhljbabbioodiahaapfbogceg</string>

        <string>cocfojppfigjeefejbpfmedgjbpchcng</string>

        <string>gacjfopciepniimkpbikjinckfncgmid</string>

        <string>ledoohjcfaalphjbfhldfdpnpmnfgdhe</string>

        <string>kgdohnpohekcfdpcindahcedncliibij</string>

        <string>gfmpdjndpbomeamnkmjepilkkcoeicma</string>

        <string>oeejfcielojbbeepbdginbpijbfhmkcg</string>

        <string>ajfiodhbiellfpcjjedhmmmpeeaebmep</string>

        <string>fjhcpnpblahnhdmalehachcdlnlggehd</string>

        <string>idgiipeogajjpkgheijapngmlbohdhjg</string>

        <string>pddlkidaibpbhpkfbhkbeolbagpmkhhn</string>

        <string>bdbcklhdhokpgjjdhilhaoaidapanofb</string>

        <string>mlekbhaipaoidoahjmgecceeecfondjb</string>

        <string>ojedkepkekklpjcgdfiahladdbopbooh</string>

        <string>nbcojefnccbanplpoffopkoepjmhgdgh</string>

        <string>lkjblbljedhgggafaigpdpjjpphhmnoo</string>

        <string>ehfljgbbpjgcfondpjcmbfmmpnhchfkg</string>

        <string>hpfbfcdoiipkblfeknfggcmfppacjife</string>

        <string>lgpiomikidaaibmkadpabhakjeapkgnm</string>

        <string>ibdpficdcmlkjnaigfebpbomaneenpll</string>

        <string>johnlmmilpdeggdcdbgepopajkbmbheh</string>

        <string>joaobgacfnccmhgahonaofjigfiadllb</string>

        <string>lfbhcdkmkklcpifcnknkjhogjpijihkl</string>

        <string>jfjeodcjjbbmblgpakgmaedoilnhmcnp</string>

        <string>eaflheocdgkooaonmhhfjfalgeljkknk</string>

        <string>degbkghkliblcgkegaeofdmfjfbfnmfb</string>

        <string>ghfbbjimolmcijjfnohefkggjgnpmmcg</string>

        <string>bgfegfkfcickgjmkibdilgmmdoobpdkb</string>

        <string>hlacajbkonocfmdfgdkdjmpneojpbllj</string>

        <string>epepldfkiegplfikfabpojdolifladlk</string>

        <string>bhapkddefgijeoiecegphobpgpjcgbcj</string>

        <string>hbfeadheangdffoapflbkeablgbgloja</string>

        <string>pbajhjcjhieagcbiljmekgechllcdhcd</string>

        <string>gjpmoooajbcolkelmdengjinljlcbiie</string>

        <string>ljejahkefpkedlaabpmepcikgmnknile</string>

        <string>oofgbpoabipfcfjapgnbbjjaenockbdp</string>

        <string>dgflkllhdalglbkeogdoihcigiekmjgk</string>

        <string>ojagfgibjiofppmilfbgmipfelkhcccn</string>

        <string>hnmpcagpplmpfojmgmnngilcnanddlhb</string>

        <string>gfglncanejnkbknnmemmelgcjfodcejl</string>

        <string>bdbmnbbkhbnhamnhndkacfibdlbooihm</string>

        <string>lflaacejokglacdflhelmdnneieidhmj</string>

        <string>agooajdlfljhhbliomhpincjnnndgffk</string>

        <string>obdgehdaihabnaagihegbkacgfefdjpc</string>

        <string>flgagpabgbihkajlfcaeplgnpicdojab</string>

        <string>dlmiaagjplojbkjdceggjmaabanocndi</string>

        <string>mpcaainmfjjigeicjnlkdfajbioopjko</string>

        <string>jopjlpjeekmmnpdiplggikdjkgkfklno</string>

        <string>pcmmjfpfjlcdhhngjkkfbeoaohbgjhgp</string>

        <string>nenecalochlgjiegbfppigfhkjdpglnm</string>

        <string>mhjhchlgdmkmgfgjobpbajakhlmajjpj</string>

        <string>egjnnogealenpdnalnponnakmimmhklf</string>

        <string>nijebgacophnpgohfblkmdbjbmfcjagd</string>

        <string>lobjodcpekhnpndpjgkikjecmcjbdifd</string>

        <string>mpcaainmfjjigeicjnlkdfajbioopjko</string>

        <string>apkmkagbnjdldlchjaodkghnknglccal</string>

        <string>eocembdiaelakgjoheclffagagbgpejg</string>

        <string>nocfiicinjlacbcpohmbcndlmmfmlidk</string>

        <string>nknebiagdodnminbdpflhpkgfpeijdbf</string>

    </array>

</dict>

</plist>

Thank you @jrwilcox for sharing all those ID's to add to my list. This has seemed like the best way for me to handle it too. It works very well!

Worked like a charm! Thanks Emily.

Hey all,
Loving these extension attributes, but looking for one that reports the Extension name from chrome, then the ID number for the same extension. Anyone have a working version that does this?



Gabe Shackney
Princeton Public Schools

In looking at our installs of Chrome, most (if not all) of our users have multiple profiles, making the 



/Users/${loggedInUser}/Library/Application Support/Google/Chrome/Default/Extensions/


line irrelevant. Instead of "Default", we see "Profile 1", "Profile 2", etc.
I am having trouble making the "find" command work with a wildcard in place of "Default" in the path.
Any suggestions?

Anyone have an updated EA script that works with Monterey & Big Sur with the profile changes to Google Chrome?

/Users/${loggedInUser}/Library/Application Support/Google/Chrome/Profile [#]/Extensions/

Like @gburcham stated, does anyone have a new EA script? Can't get any of the ones above to work correctly.

@gburcham and @MPL 

FWIF, I am using $(whoami) in place of ${loggedINUser} and at least getting output. It is not reporting an extension that I know is installed and listing more information than the extension, but with the script below, this is the furthest I have made it.

I am very much a beginner with scripting, but let me know if it helped at all?

 

#!/bin/bash

# Get logged in user
CURRENT_USER=$(whoami)

# Path to the Chrome extension directory
JSONS=$( find "/Users/$(whoami)/Library/Application Support/Google/Chrome/Default/Extensions/" -name "manifest.json" )

while read JSON; do
NAME=$(awk -F'"' '/name/{print $4}' "$JSON")
if [[ ! -z "$NAME" ]] && [[ ! "$NAME" =~ "__MSG_appName__","__MSG_APP_NAME__" ]]; then
EXTS+=("${NAME}
" )
fi
done < <(echo "$JSONS")

echo "$(echo "${EXTS[@]}")"

 

Terms & ConditionsCookie settings