Crosh and VMC Disable Extensions - Disable extensions such as Securly by using the Crosh terminal on Chromebooks

Crosh and VMC Disable Extensions - Disable extensions such as Securly by using the Crosh terminal on Chromebooks

This method to disable extensions was found independently by vk6#7391. This exploit has only been tested to work on ChromeOS version 111, but this exploit probably works on pretty much any ChromeOS version.

Prerequisites/Requirements:

There are two variations to this method:

1. Disabling all extensions. This is probably the most reliable variation, but you would be left without useful extensions such as any adblockers. You also are not able to install anything from the Chrome Web Store either.
2. Disabling specific extensions. This variation is less reliable, since this only becomes possible once Chrome OS has installed at least one extension already, which could be the extension that you are trying to disable.

Testing if this method is possible to perform:

1. Open the crosh terminal (on your school Chromebook of course) by hitting Ctrl+Alt+T. If a command line pops up then you have crosh enabled and you can now move on to Step 2.
2. Test the VmManagementCliAllowed policy by running the vmc command in crosh. If a list of subcommands is shown in the terminal, then you are good to go.

Exploit Instructions:

1. Back up any data that you want before you powerwash your Chromebook.

2. If you are doing the second variation, note down any Extension IDs. You may also want to do this if you intend on disabling all extensions, since sometimes that will fail and require you to specify each extension that you want to disable.

3. Powerwash the Chromebook by attempting to enable Developer Mode. The instructions are available here on how to powerwash your Chromebook: https://chromium.googlesource.com/chromiumos/docs/+/master/developer_mode.md#dev-mode

4. After your Chromebook has been powerwashed, log into your Google Account as normal, but immediately disable your internet connection right after you sign in.

5. You should now be logged into your Google Account, but without any extensions installed due to being offline.

6. From here, the instructions are split, so follow the instructions for the method of the exploit that you want to do.

To disable all extensions:

1. Open the Crosh terminal. This can be done by pressing the Ctrl+Alt+T keys on your keyboard.

2. Type in vmc create-extra-disk --size 1 /home/chronos/user/Extensions
   into the terminal.

3. Run that command.

4. If the command fails with a “file exists” error, then you must individually specify each extension that you want to remove and disable. Move on to Step 5 of the next section (disabling specific extensions) to do that.

5. Re-enable your internet connection, and no extensions should be installed automatically by themselves.

To disable specific extensions:

1. Navigate to chrome://extensions.

2. Enable your internet connection, and immediately disable it when an extension is installed.

3. Assuming the installed extension was not one that you were trying to enable, move on to Step 4. If it was, you would have to powerwash the Chromebook to try again.

4. Open the Crosh terminal. This can be done by pressing the Ctrl+Alt+T keys on your keyboard.

5. For each extension you want to disable, run this command: vmc create-extra-disk --size 1 /home/chronos/user/Extensions/{extension_id}.

6. Each command should look something like this: vmc create-extra-disk --size 1 /home/chronos/user/Extensions/cjpalhdlnbpafiamejdnhcphjbkeiagm.

7. Re-enable your internet connection, and if you typed/pasted in the Extension IDs correctly, those specific extensions should be blocked from ever being installed automatically by themselves.