{"id":15146887,"url":"https://github.com/jimywork/cromos","last_synced_at":"2025-10-24T01:31:19.082Z","repository":{"id":134058847,"uuid":"106891774","full_name":"jimywork/cromos","owner":"jimywork","description":"Cromos is a tool for downloading legitimate extensions of the Chrome Web Store and inject codes in the background of the application.","archived":false,"fork":false,"pushed_at":"2017-12-13T02:19:50.000Z","size":925,"stargazers_count":120,"open_issues_count":3,"forks_count":35,"subscribers_count":10,"default_branch":"master","last_synced_at":"2024-09-27T12:20:56.362Z","etag":null,"topics":["chrome","chrome-extension","coinhive","currency","dropbox","force-installation","gpo","injection","keylogger","linux","monero","python","web-store","windows"],"latest_commit_sha":null,"homepage":"https://twitter.com/6IX7ine","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jimywork.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2017-10-14T02:34:18.000Z","updated_at":"2024-05-31T05:58:27.000Z","dependencies_parsed_at":null,"dependency_job_id":"7a3055f3-0edf-4039-aabe-8cd6846a5669","html_url":"https://github.com/jimywork/cromos","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jimywork%2Fcromos","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jimywork%2Fcromos/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jimywork%2Fcromos/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jimywork%2Fcromos/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jimywork","download_url":"https://codeload.github.com/jimywork/cromos/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":219867198,"owners_count":16555821,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["chrome","chrome-extension","coinhive","currency","dropbox","force-installation","gpo","injection","keylogger","linux","monero","python","web-store","windows"],"created_at":"2024-09-26T12:20:25.376Z","updated_at":"2025-10-24T01:31:13.693Z","avatar_url":"https://github.com/jimywork.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Cromos \n\nCromos is a tool for downloading legitimate extensions of the Chrome Web Store and inject codes in the background of the application and more cromos create executable files to force installation via \u003cstrong\u003ePowerShell\u003c/strong\u003e for example, and also upload files to dropbox to host the malicious files.\n\n  - Download extension\n  - Injections\n  - Upload files on dropbox\n  - Windows infection\n  \n  ### Demo\n  This is a demonstration of the tool at work in this examples I'm downloading a famous Google extension called G Suite Training on Google Chrome Web Store and injecting a keylogger module.\n  \n  \n\u003ca href=\"https://asciinema.org/a/ENrke3a5kU83jC3hXIDdgWWyd?autoplay=1\"\u003e\u003cimg src=\"https://asciinema.org/a/ENrke3a5kU83jC3hXIDdgWWyd.png\"/\u003e\u003c/a\u003e\n  \n  ### Installation\n  \n```\n$ cd $HOME/\n$ git clone https://github.com/fbctf/cromos\n$ sudo chmod -R 777 cromos/\n$ cd cromos \u0026\u0026 python setup.py\n```\n ### Usage\n ##### Downloading the extension\n ```\nUsage: python cromos.py --extension {id}\n ```\n ##### Downloading the extension and loading module\n \n ```\nUsage: python cromos.py --extension {id} --load {currency/keylogger}\n```\n ##### Build a batch file and upload the files in dropbox\n \n ```\n Usage: python cromos.py --extension {id} --build {bat} --token {dropboxToken}\n ```\n\n \n \n### Modules\nYou can also inject some predefined modules in the background as \u003cstrong\u003ekeylogger\u003c/strong\u003e, \u003cstrong\u003evirtual currency\u003c/strong\u003e.\n\nModule | Description\n--------|------------\nmodules/keylogger | This module captures all the passwords you type in an infected browser over https or not. All you need is to have a php server for example to receive the requests get the parameters are email, password, cookies and userAgent.\nmodules/currency | This module allows you to mine virtual coins using the coinhive API, you just need to have an account.\n\n  \n### Group Policy Object (GPO) \nChrome allows you to add extensions using Windows\nGroup Policy Object (GPO) if you need to force installation on multiple machines just follow the steps in the \u003ca href=\"https://docs.google.com/document/d/1iu6I0MhyrvyS5h5re5ai8RSVO2sYx2gWI4Zk4Tp6fgc\"\u003e Chrome Deployment Guide \u003c/a\u003e \nthen modify the original extension with few modifications you can publish your extension in the Chrome Web Store requires to pay $5. \n\n\n### Disclaimer\nCode samples are provided for educational purposes. Adequate defenses can only be built by researching attack techniques available to malicious actors. Using this code against target systems without prior permission is illegal in most jurisdictions. The authors are not liable for any damages from misuse of this information or code.\n\n\n## Donations\n* XMR: `49m12JEEC6HPCHkLMX5QL4SrDQdKwh6eb4Muu8Z9CwA9MwemhzFQ3VcgHwyuR73rC22WCymTUyep7DVrfN3GPt5JBCekPrR `\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjimywork%2Fcromos","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjimywork%2Fcromos","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjimywork%2Fcromos/lists"}