Inventory Query for Chrome Extensions?
With the news of the Cisco Webex Chrome plugin having a fairly massive vulnerability (source, summary article), I am interested to know which machines in our environment might have this plugin, as well as other plugins.
Is there any string, in the registry or file system, that could reliably be used as a PDQ Inventory query to see what Chrome plugins are installed?
(I understand Chrome updates plugins automatically, but I still think there is value in knowing which are installed in our environment. We are not using any of Google's ADMX templates to block extensions, but even if we did, I am sure Cisco Webex would be on the allow list)
-
$targetdir = "$env:LOCALAPPDATA\Google\Chrome\User Data\Default\Extensions"
$extensions = Get-ChildItem $targetdir
Foreach($ext in $extensions){
Set-Location $targetdir\$ext\* -ErrorAction SilentlyContinue
$json = Get-Content manifest.json | ConvertFrom-Json
Write-Output $json.name
}Couple caveats to this approach, if the extension has multiple versions, this won't traverse the folder correctly. It'll take a little bit of work to get that functionality, but I can add it if you want.
You should be able to package this up, and send the output to Output.log in a Powershell step. Let me know if you need help with that. I know its not Inventory.....but it is what it is. Though, you could put the ps1 file on a fileshare and dot source it as a remote command in Inventory against a collection of machines. That'll return the results to the results window of the remote command.
-
I hated the format. Updated it to include Name AND Version as an object for readability
$targetdir = "$env:LOCALAPPDATA\Google\Chrome\User Data\Default\Extensions"
$extensions = Get-ChildItem $targetdir
Foreach($ext in $extensions){
Set-Location $targetdir\$ext\* -ErrorAction SilentlyContinue
$json = Get-Content manifest.json | ConvertFrom-Json
$obj = New-Object System.Object
$obj | Add-Member -MemberType NoteProperty -Name Name -Value $json.name
$obj | Add-Member -MemberType NoteProperty -Name Version -Value $json.version
Write-Output $obj
} -
Ok, last update. Promise. Script now traverses extensions with multiple versions
$targetdir = "$env:LOCALAPPDATA\Google\Chrome\User Data\Default\Extensions"
$extensions = Get-ChildItem $targetdir
Foreach($ext in $extensions){
Set-Location $targetdir\$ext -ErrorAction SilentlyContinue
$folders = (Get-ChildItem).Name
Foreach($folder in $folders){
Set-Location $folder -ErrorAction SilentlyContinue
$json = Get-Content manifest.json | ConvertFrom-Json
$obj = New-Object System.Object
$obj | Add-Member -MemberType NoteProperty -Name Name -Value $json.name
$obj | Add-Member -MemberType NoteProperty -Name Version -Value $json.version
Write-Output $obj
}
} -
PS C:\Users\testr> $targetdir = "$env:LOCALAPPDATA\Google\Chrome\User Data\Default\Extensions"
$extensions = Get-ChildItem $targetdir
Foreach($ext in $extensions){
Set-Location $targetdir\$ext -ErrorAction SilentlyContinue
$folders = (Get-ChildItem).Name
Foreach($folder in $folders){
Set-Location $folder -ErrorAction SilentlyContinue
$json = Get-Content manifest.json | ConvertFrom-Json
$obj = New-Object System.Object
$obj | Add-Member -MemberType NoteProperty -Name Name -Value $json.name
$obj | Add-Member -MemberType NoteProperty -Name Version -Value $json.versionWrite-Output $obj
}
}
ConvertFrom-Json : Invalid object passed in, ':' or '}' expected. (1): {
At line:17 char:37
+ $json = Get-Content manifest.json | ConvertFrom-Json
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [ConvertFrom-Json], ArgumentException
+ FullyQualifiedErrorId : System.ArgumentException,Microsoft.PowerShell.Commands.ConvertFromJsonCommandName Version
---- -------
ConvertFrom-Json : Invalid object passed in, ':' or '}' expected. (1): {
At line:17 char:37
+ $json = Get-Content manifest.json | ConvertFrom-Json
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [ConvertFrom-Json], ArgumentException
+ FullyQualifiedErrorId : System.ArgumentException,Microsoft.PowerShell.Commands.ConvertFromJsonCommand
ConvertFrom-Json : Invalid object passed in, ':' or '}' expected. (1): {
At line:17 char:37
+ $json = Get-Content manifest.json | ConvertFrom-Json
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [ConvertFrom-Json], ArgumentException
+ FullyQualifiedErrorId : System.ArgumentException,Microsoft.PowerShell.Commands.ConvertFromJsonCommand
ConvertFrom-Json : Invalid object passed in, ':' or '}' expected. (1): {
At line:17 char:37
+ $json = Get-Content manifest.json | ConvertFrom-Json
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [ConvertFrom-Json], ArgumentException
+ FullyQualifiedErrorId : System.ArgumentException,Microsoft.PowerShell.Commands.ConvertFromJsonCommand
ConvertFrom-Json : Invalid object passed in, ':' or '}' expected. (1): {
At line:17 char:37
+ $json = Get-Content manifest.json | ConvertFrom-Json
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [ConvertFrom-Json], ArgumentException
+ FullyQualifiedErrorId : System.ArgumentException,Microsoft.PowerShell.Commands.ConvertFromJsonCommand
ConvertFrom-Json : Invalid object passed in, ':' or '}' expected. (1): {
At line:17 char:37
+ $json = Get-Content manifest.json | ConvertFrom-Json
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [ConvertFrom-Json], ArgumentException
+ FullyQualifiedErrorId : System.ArgumentException,Microsoft.PowerShell.Commands.ConvertFromJsonCommand
ConvertFrom-Json : Invalid object passed in, ':' or '}' expected. (1): {
At line:17 char:37
+ $json = Get-Content manifest.json | ConvertFrom-Json
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [ConvertFrom-Json], ArgumentException
+ FullyQualifiedErrorId : System.ArgumentException,Microsoft.PowerShell.Commands.ConvertFromJsonCommand
ConvertFrom-Json : Invalid object passed in, ':' or '}' expected. (1): {
At line:17 char:37
+ $json = Get-Content manifest.json | ConvertFrom-Json
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [ConvertFrom-Json], ArgumentException
+ FullyQualifiedErrorId : System.ArgumentException,Microsoft.PowerShell.Commands.ConvertFromJsonCommandPS C:\Users\tese\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5516.1005.0.3_0>
-
Also please tell me if you have .Net installed and what versions? The cmdlet uses a .Net class inside itself to work properly. So knowing, those two pieces of information I can move forward with assisting.
I just deployed the latest version of Chrome Enterprise to my workstation, as I hadn't in a little while, and re-tested, and my output is still good. I can't re-create your error!
-
We now have a PowerShell Scanner that gathers an inventory of Google Chrome Extensions: https://github.com/pdq/PowerShell-Scanners/tree/master/PowerShell%20Scanners/Google%20Chrome%20Extensions
Please sign in to leave a comment.
Comments
28 comments