Embedded Files
#1: SKIOVOX Misc exploits
#1: SKIOVOX Misc exploits
Versions allowed: 119-120 | 121 may not work.
Versions allowed: 119-120 | 121 may not work.
Found by @akabutnice, expanded on by aero
Go to the Skiovox page on my website, or download the official PDF
https://skiovox.com is the official website, but it's blocked.
#1: VMC/Crosh Disable
Found by VK6 on Discord.
Go to https://local.ading.dev/vmc.html for the instructions
Prerequisites:
A managed Chromebook with crosh enabled
The VmManagementCliAllowed policy either unset or set to true
Some form of removable media for noting down extension IDs (only useful for the second method on the site and not required, but this prevents you from mistyping an extension ID).
#2: Insecurly
Unpatched but website is blocked by securly
(I'm 99% sure to block this exploit, Securly just blocked the websites.
Found by Bypassi
Go to any of the following sites:
Drag the button from the page onto a new tab, and click the switch to off. If you need to re-enable it, flip the switch
#3: Dextensify
All versions (Not Known-Not Patched).
Found by ading2210
(From the Dextensify website) Dextensify is an exploit that lets you disable most admin-installed Chrome extensions from any webpage. It can be used from regular websites, HTML files, and data URLs.
#1: Open chrome://extensions in a new tab. Keep this page open.
#2: Go to the settings page for the extension you want to disable.
#3: (Optional) If your Chromebook fully crashes or lags a lot while doing the exploit and reboots itself: Enable"Allow Access To File URLs" on the extension's page and keep going with the exploit.
#4: Go to https://dextensify.pages.dev/ and click on "Main HTML file"
#4: On the page, click the "freeze extension" button.
It should take about 15 seconds to stop hanging. Sometimes it doesn't work and crashes your Chromebook after about a minute, this is normal. Just reload the pages and try again.
#5: Back on the chrome://extensions page, spam the "allow access to file URLs" switch for a few seconds.
The extension should now be temporarily disabled. For this effect to persist, flip the "allow access to file URLs" again every few minutes, or if pages start getting blocked again.
(IMPORTANT) You may also need to reopen the page every once in a while to prevent an unavoidable memory leak from crashing the system.
#4: Certificate Manager Bruteforce
All versions (Widely Known-Widely Patched)
This is a worse method, while it still unblocks all sites, it sets off certificate errors, which can cause some red flags when loading sites. It can also cause some HTML/JS errors such as images not loading, coming up blank ETC.
#1:Go to chrome://certificate-manager/ OR chrome://settings/certificates
#2: Click on the Authorities tab
#3: Find the Org-amazon dropdown menu and click on the three dots on the Amazon Root CA 1
#4: Disable all permissions that it has, and do the same for Amazon Root CA 2, and Amazon Root CA 3. Do not remove permissions for Amazon Root CA 4. This will break most webpages.
#5: Find org-Starfield Technologies, Inc. and disable all of the permissions on that tab too.
#6: Bookmark the tab just in case
If you run into a site that you can't access for school, that you can't unblock do the following
Open back up the certificates tab, go back to the org-Amazon tab,
Re-enable the first two permissions on Amazon Root CA 1. This will reactivate the blocker, but you will be able to access the site that you needed to.
3. If you want to unblock sites again just disable the permissions.
#5: JPCMG
All versions (Not Known if Patched, doesn't work for me)
Found by Nyaann#3881
This is another variation of the LTBeef exploit, it is very much like the other ones on the list.
#1: Go to chrome://serviceworker-internals
#2: Find your extension, it has varying levels of success but you should be able to find it by searching for your extension ID with CTRL+F and pasting it in
#3: Hit the start button then the inspect button, and run this code:
chrome.management.setEnabled('<plugin id here>',false)
This is a link to the unreleased methods I have, some work, some don't and it's not organized it's just a list of ones I haven't gotten around to testing: Link
This is a page that lists the patched exploits and the versions that they still work on: Link
If you have a method you do not want public that I host on my site currently, go here: Link
(These methods are purely for educational and archival purposes only, you should not use them to break your school's rules or Google's ToS)
Page updated
Google Sites
Report abuse