- Apr 25, 2015
- 1,845
- 2
- 2,199
- 327
Launch PowerShell,
This is legit stuff, so buckle up kids!
What about cross-referencing the latest stable build?
So in summary, the entire PowerShell looks like this:
I have attempted to colorize the alerts, but that can somewhat clutter up the PowerShell so here is a trimmed down version:
I want to take a moment to explain how I found this information and more importantly why!
Security is important and keeping software updated with latest stable versions is CRITICAL to maintaining security of software via patching.
What if we want our machine(s) to check the latest version hourly? This becomes more of a reality when we consider the idea of parsing JSON for the latest Chrome releases. We can then trigger a security alarm, force the remote system to restart, or just have the Google Chrome browser relaunched (for an update) so your typical user is not leaving an outdated Google Chrome instance running for maybe 30 days before they spill their coffee in their laptop and throw it out the window. Okay seriously, people leave their shit running despite "Please update!"
Thanks heaps to David Bokan for being a fine gent and sharing where to fetch the JSON Chrome versions. From there I read up on documentation to parse JSON via PowerShell.
After running
We can then type
Then just smash your Tab key multiple times! You will see .Count for example - go ahead and press enter, you should get a number like 8.
Because computers start counting lists from 0, this means you will have $j go from [0] up to [7] which means if you just enter
You will see
In your mind, start counting from 0 up to 7 where webview is number 7.
If you get more familiar with computer systems/programming, you will get used to starting lists from the number 0 instead of 1.
So if we enter into PowerShell
What if we use that Tab key trick again?
With
Smash your Tab key and you may find .versions - if we enter this
We will see 5 different channels, but what if we only want stable?
Remember that 0 list tip above? We should notice "stable" is result 4.
Easy! Now just use our Tab key with a . at the end of above to autocomplete for the current version:
Can we get EVERY different OS stable version though? Yes...
Now we can parse through and find our OS of choice in the results.
We should see 7 results with different OS names e.g. Android appears in slot 6 (count from zero)!
We could then use the same concept and autocomplete with
You should have a full understanding of how this could be used to parse JSON, check local version of Chrome, you could kill the Google Chrome process (if outdated) perhaps with a courtesy warning popup.
Furthermore, you could have a centralized update check server that calls out and parses the JSON, then your other machines could simply call to your server via a function like Check-Chrome-Security and you may handle this accordingly via generating email logs, report to SIEM (security logging), or just force a Chrome updated and relaunch browser process.
Let me know if there are questions and I will be happy to investigate a proper solution...
Lastly, this is kind of a silly Linux way of doing this but could work I guess: https://stackoverflow.com/a/35115150 - still I'd honestly prefer to just parse the JSON via Bash like wtf. Whatever man, people are crazy...
Code:
$GCVersionInfo = (Get-Item (Get-ItemProperty 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\chrome.exe').'(Default)').VersionInfo
$GCVersion = $GCVersionInfo.ProductVersion
echo $GCVersionThis is legit stuff, so buckle up kids!
What about cross-referencing the latest stable build?
Code:
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
$j = Invoke-WebRequest 'https://omahaproxy.appspot.com/all.json' | ConvertFrom-Json
echo $j[1].versions[4].current_version
if($j[1].versions[4].current_version -eq $GCVersion) {echo "Chrome is running stable"} else { echo "Not safe, trigger alert" }So in summary, the entire PowerShell looks like this:
Code:
[console]::BackgroundColor = 0 #same as "black"
[console]::ForegroundColor = 13
clear
$GCVersionInfo = (Get-Item (Get-ItemProperty 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\chrome.exe').'(Default)').VersionInfo
$GCVersion = $GCVersionInfo.ProductVersion
echo $GCVersion
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
$j = Invoke-WebRequest 'https://omahaproxy.appspot.com/all.json' | ConvertFrom-Json
echo $j[1].versions[4].current_version
clear
if($j[1].versions[4].current_version -eq $GCVersion) {[console]::BackgroundColor = 10; echo "Chrome is running stable"} else {[console]::BackgroundColor = 5; echo "Not safe, trigger alert" }
pause
[console]::BackgroundColor = 0
echo "All done checking."I have attempted to colorize the alerts, but that can somewhat clutter up the PowerShell so here is a trimmed down version:
Code:
$GCVersionInfo = (Get-Item (Get-ItemProperty 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\chrome.exe').'(Default)').VersionInfo
$GCVersion = $GCVersionInfo.ProductVersion
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
$j = Invoke-WebRequest 'https://omahaproxy.appspot.com/all.json' | ConvertFrom-Json
clear
if($j[1].versions[4].current_version -eq $GCVersion) {echo "Chrome is running stable"} else {echo "Not safe, trigger alert" }I want to take a moment to explain how I found this information and more importantly why!
Security is important and keeping software updated with latest stable versions is CRITICAL to maintaining security of software via patching.
What if we want our machine(s) to check the latest version hourly? This becomes more of a reality when we consider the idea of parsing JSON for the latest Chrome releases. We can then trigger a security alarm, force the remote system to restart, or just have the Google Chrome browser relaunched (for an update) so your typical user is not leaving an outdated Google Chrome instance running for maybe 30 days before they spill their coffee in their laptop and throw it out the window. Okay seriously, people leave their shit running despite "Please update!"
Thanks heaps to David Bokan for being a fine gent and sharing where to fetch the JSON Chrome versions. From there I read up on documentation to parse JSON via PowerShell.
After running
Code:
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
$j = Invoke-WebRequest 'https://omahaproxy.appspot.com/all.json' | ConvertFrom-JsonWe can then type
$j.Then just smash your Tab key multiple times! You will see .Count for example - go ahead and press enter, you should get a number like 8.
Because computers start counting lists from 0, this means you will have $j go from [0] up to [7] which means if you just enter
$jYou will see
In your mind, start counting from 0 up to 7 where webview is number 7.
If you get more familiar with computer systems/programming, you will get used to starting lists from the number 0 instead of 1.
So if we enter into PowerShell
$j[1] we will certainly see just win64 {@{branch_commit=XXX; branch_base_position=XXX; skia_commit=XXX...What if we use that Tab key trick again?
With
$j[1].Smash your Tab key and you may find .versions - if we enter this
$j[1].versions we will notice many channels containing some different versions.We will see 5 different channels, but what if we only want stable?
$j[1].versions | findstr "channel"Remember that 0 list tip above? We should notice "stable" is result 4.
$j[1].versions[4]Easy! Now just use our Tab key with a . at the end of above to autocomplete for the current version:
$j[1].versions[4].current_versionCan we get EVERY different OS stable version though? Yes...
Code:
$stable = $j.versions | where { $_.channel -eq "stable" }
echo $stableNow we can parse through and find our OS of choice in the results.
$stable | findstr "^os"We should see 7 results with different OS names e.g. Android appears in slot 6 (count from zero)!
We could then use the same concept and autocomplete with
$stable[6].$stable[6].current_version is going to result 74.0.3729.157You should have a full understanding of how this could be used to parse JSON, check local version of Chrome, you could kill the Google Chrome process (if outdated) perhaps with a courtesy warning popup.
Furthermore, you could have a centralized update check server that calls out and parses the JSON, then your other machines could simply call to your server via a function like Check-Chrome-Security and you may handle this accordingly via generating email logs, report to SIEM (security logging), or just force a Chrome updated and relaunch browser process.
Let me know if there are questions and I will be happy to investigate a proper solution...
Lastly, this is kind of a silly Linux way of doing this but could work I guess: https://stackoverflow.com/a/35115150 - still I'd honestly prefer to just parse the JSON via Bash like wtf. Whatever man, people are crazy...
Last edited: