[ new scan ] [ statistics ] [ github ] [ twitter ] [ help ]

Starting analysis...

Javascript Object Browser

Version 1.2.1 View in Chrome Web Store

Last scanned: 3 days ago | force re-scan

Extension Details

Developer: duck-producktions.blogspot.com

Rating: 3.9 ★ (27 ratings)

Users: 3,000

Context-Aware Verdict

CRITICAL

Overall Risk

Trust Factors:

The extension has a concerning trust profile with only 3,000 users and a modest 3.9-star rating from just 27 reviews. The developer identity (duck-producktions.blogspot.com) appears unprofessional and lacks established credibility. The extension name "Javascript Object Browser" doesn't clearly justify the extensive permissions requested, creating a significant mismatch between stated purpose and capabilities.

Concerns:

This extension exhibits classic signs of potential malware or overprivileged software. The permission set is extraordinarily broad and includes highly sensitive capabilities like debugger access, proxy control, clipboard manipulation, browsing history access, and cookie management. The combination of webRequest and webRequestBlocking permissions allows complete interception and modification of web traffic. The unsafe-eval Content Security Policy creates additional attack vectors for code injection. Most critically, these permissions far exceed what would be necessary for a legitimate JavaScript object browser tool.

Recommendations:

Do not install this extension under any circumstances. The risk profile suggests potential malicious intent rather than legitimate functionality. If you absolutely need JavaScript debugging capabilities, use established developer tools like Chrome DevTools or well-reviewed extensions from reputable developers with transparent permission justifications. If already installed, remove immediately and scan your system for potential compromise. Consider reviewing and changing passwords for sensitive accounts as a precautionary measure.

Findings

HIGH

Dangerous Permission Combination: webRequest + webRequestBlocking

This extension can intercept, modify, and block web requests in real-time. This combination could be used to modify sensitive web traffic or steal data.

HIGH

High-Risk Permission: bookmarks

This extension has the bookmarks permission. Can access and modify bookmarks. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: clipboardRead

This extension has the clipboardRead permission. Can read clipboard content. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: clipboardWrite

This extension has the clipboardWrite permission. Can modify clipboard content. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: cookies

This extension has the cookies permission. Can access and modify browser cookies. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: debugger

This extension has the debugger permission. Can debug and manipulate other extensions/apps. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: history

This extension has the history permission. Can access your browsing history. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: management

This extension has the management permission. Can manage other extensions. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: privacy

This extension has the privacy permission. Can modify privacy settings. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: proxy

This extension has the proxy permission. Can control proxy settings. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: tabs

This extension has the tabs permission. Can access browser tab information and manipulate tabs. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: webNavigation

This extension has the webNavigation permission. Can track your web navigation. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: webRequest

This extension has the webRequest permission. Can intercept and modify web requests. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: webRequestBlocking

This extension has the webRequestBlocking permission. Can block and modify web requests in real-time. This could potentially be used maliciously to compromise security or privacy.

HIGH

Unsafe JavaScript Evaluation

This extension's Content Security Policy allows 'unsafe-eval', which permits dynamic JavaScript code execution using eval() and similar functions. This is a significant security risk as it could allow execution of malicious code.

MEDIUM

Medium-Risk Permission: activeTab

This extension has the activeTab permission. Can access the active tab when clicking the extension icon.

MEDIUM

Medium-Risk Permission: contextMenus

This extension has the contextMenus permission. Can add items to the context menu.

MEDIUM

Medium-Risk Permission: geolocation

This extension has the geolocation permission. Can access your location.

MEDIUM

Medium-Risk Permission: notifications

This extension has the notifications permission. Can show notifications.

MEDIUM

Medium-Risk Permission: storage

This extension has the storage permission. Can store data locally.

MEDIUM

Medium-Risk Permission: unlimitedStorage

This extension has the unlimitedStorage permission. Can store unlimited data locally.

MEDIUM

Older Manifest Version

This extension uses Manifest Version 2, which has fewer security restrictions than Manifest V3. Consider using extensions that have upgraded to V3.

Raw Manifest

{
  "app": {
    "launch": {
      "container": "tab",
      "local_path": "index.html",
      "manifest_version": 2
    }
  },
  "name": "Javascript Object Browser",
  "icons": {
    "16": "icon_16.png",
    "128": "icon_128.png"
  },
  "version": "1.2.1",
  "update_url": "https://clients2.google.com/service/update2/crx",
  "description": "Browse through the objects in the default Javascript library and any local or online libraries",
  "permissions": [
    "*://*/*",
    "activeTab",
    "alarms",
    "background",
    "bookmarks",
    "browsingData",
    "chrome://favicon/",
    "clipboardRead",
    "clipboardWrite",
    "contentSettings",
    "contextMenus",
    "cookies",
    "debugger",
    "fileBrowserHandler",
    "fontSettings",
    "geolocation",
    "history",
    "idle",
    "management",
    "nativeMessaging",
    "notifications",
    "pageCapture",
    "power",
    "privacy",
    "proxy",
    "storage",
    "system.cpu",
    "system.display",
    "system.memory",
    "system.storage",
    "tabCapture",
    "tabs",
    "topSites",
    "tts",
    "ttsEngine",
    "unlimitedStorage",
    "webNavigation",
    "webRequest",
    "webRequestBlocking"
  ],
  "permissions_app": [
    "declarativeContent",
    "desktopCapture",
    "dns",
    "downloads",
    "gcm",
    "identity",
    "pushMessaging",
    "processes"
  ],
  "permissions_dev": [
    "infobars",
    "sessions",
    "signedInDevices",
    "ledger",
    "enterprise.platformKeys",
    "location"
  ],
  "manifest_version": 2,
  "content_security_policy": "script-src 'self' 'unsafe-eval'; script-src 'self' 'unsafe-inline'; object-src 'self'"
}

by ✦ Astarte

Javascript Object Browser

Extension Details

Context-Aware Verdict

Findings

Security Analysis Details

Required Permissions:

Content Security Policy:

Embedded URLs (2 total):

Raw Manifest

Detections

Manifest Findings