forked from palant/malicious-extensions-list
-
Notifications
You must be signed in to change notification settings - Fork 0
/
produce_chromium_extension_list.sh
38 lines (31 loc) · 1.38 KB
/
produce_chromium_extension_list.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
#!/bin/bash
# Written by randomaccess3 at https://github.com/randomaccess3/detections/tree/main/extensions/chromium
# Produce a list of chromium extension ids that have been flagged as malicious
# to produce csv from web sources of malicious extension IDs
# Sources are listed in sources.txt
# Output is written to live_extensions.csv and dead_extensions.csv
# Function to check if a Chrome extension is live using its ID
check_extension_live() {
extension_id="$1"
webstore_url="https://chrome.google.com/webstore/detail/$extension_id"
response=$(curl -s -o /dev/null -w "%{http_code}" "$webstore_url")
if [[ $response -eq 200 || $response -eq 301 ]]; then
echo "$extension_id,$webstore_url,$link" >> live_extensions.csv
else
echo "$extension_id,$webstore_url,$link" >> dead_extensions.csv
fi
}
# Create the output CSV files
echo "extensionID,link,source" > live_extensions.csv
echo "extensionID,link,source" > dead_extensions.csv
# Read each source URL from sources.txt
cat "./sources.txt" | while read link
do
echo "Parsing $link"
escaped_link=$(printf '%s\n' "$link" | sed -e 's/[]\/$*.^[]/\\&/g')
curl -sL "$link" | egrep -o "[a-z]{32}" | sort | uniq | sed "s/$/,\"${escaped_link}\"/g" | while IFS= read -r line
do
extension_id=$(echo "$line" | awk -F ',' '{print $1}')
check_extension_live "$extension_id"
done
done