We've seen an uptick in malicious adware Chrome extensions installed and are looking to implement a Chrome extension whitelist.
It would be helpful if we could report on already installed Chrome extensions (giving name and extension ID) to build our whitelist.
Ideally my report would have serial number, user, installed chrome extensions ID, installed chrome extension name.
Can anyone help me with this report? I assume I need to set up a custom inventory ?
The extension IDs are folder names stored here: C:\Users\currentuser\AppData\Local\Google\Chrome\User Data\Default\Extensions
The extension name is sometimes in C:\Users\currentuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\versionnumber\manifest.json under "name" and other times it's available in C:\Users\currentuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\_locales\en_US\messages.json under "name."
Google does offer beta version of some reporting tools for extensions in v70 which require it's own MSI installed to work, but it may make scraping for the info in a single json easier? "The extension data is stored in a structured log file in JSON format. You can use a common enterprise data-mining tool, such as Splunk or Microsoft System Center Configuration Manager (SCCM), to ingest and parse the data."
https://support.google.com/chrome/a/answer/7652902
https://www.chromium.org/administrators/policy-lis...