The problem is that I am not able to publish extensions to the chrome webstore (fee and for some reason I can’t create a dev account)
Ah, sorry. I overlooked the fact that it’s only downloadable on GitHub for Chromimum. I’d highly recommend it when you have the chance as it seems a lot more convenient imo than downloading it directly.
Well yes installing it now may be a bit confusing, I will publish it as soon as I can while I’ll keep the source available on github
I’m tired of seeing people see .ROBLOSECURITY and immediately go “oh no!1!1! roblo security !! its hackable !1!1!”. He literally made it open source. Why don’t you read the source and determine then if it’s hackable, rather than just jumping to conclusions.
4 Likes
I’m not any sort of JS genius, but If I were to write a simple piece of code to fetch the security cookie, it wouldn’t be flagged as “Malware” by VirusTotal.
If the extension is safe, there is no reason not to upload it to the Chrome Web Store, and wait for it to be approved, because apparently, it’s safe.
It’s also concerning when this message is in your SC zip.
"If you find a security vulnerability please DO NOT share it with others and keep it a confidential information."
1 Like
Why don’t you try to study, before trying to defend a potentially dangerous extension. Your knowledge of the subject is obviously minimal.
1 Like
I looked over the source code and it seems fine to me.
I don’t see how this is concerning as you wouldn’t want to disclose a security vulnerability. (In the same sentence, they provide where to send any)
P.S. Please do not start accusing the developer of malicious intent before looking at the source code.
2 Likes
I don’t see the reason to use this over a more trusted password manager even if it is all local
I don’t mean to pay 5$ to upload a simple extension to the chrome webstore and for some reason I can’t even create a dev account
I didn’t explain well, I meant to report it to me and keep it private so others dont’ exploit it until it’s fixed
It is up to you but this would still help as you won’t need to log out
You are saying that this is not safe since the beginning yet you don’t say why it is unsafe to you
1 Like
Ohh so this is basically an account switcher just like in discord?
Well done!
1 Like
Yes since roblox doesn’t have this feature I decided to make it as a third party feature
I’m convinced you’re just starting an argument for the sake of starting one
I’ve ran all of the files that could contain anything malicious thru VT and all of them came with 0 detections, not like it was already obvious that they would be completely clean
ZIP: VirusTotal
popup.js: VirusTotal
background.js: VirusTotal
Try posting links to VT results next time you’re gonna accuse an innocent resource of being malicious, maybe it’ll help with proving your non-existent points
2 Likes
VirusTotal detects malware (Malicious Software) not malicious code.
1 Like
I’ll ask for the third time: what problem do you have with this? Honestly I think that you didn’t really read the code
1 Like
I have read the code, My previous two replies were reported (by you, almost guaranteed), because you knew I was expressing the vulnerability. When you create something that isn’t useful, actually making stuff more difficult for the community, it raises suspicion. Especially when accessing Security cookies. Even you were afraid to use your main account in the demonstration. The plugin is granted access to the .ROBLOSECURITY cookie, which contains all security information needed to log into an account.
1 Like
It’s honestly ridicolous, I have no interest in having your replies removed, all the others are here and to be honest I didn’t even see them
No i was not but I use my main account on Firefox on which this extension in its current state can’t work
That’s your opinion, I made it, it’s there, if you want to use it you use it, if you don’t want to then just don’t, it’s simple
Ah and also dm me the thing that you call “vulnerability” (if there is one) and I will fix it as soon as I can
3 Likes
I have an idea, you should make it add a button in this menu instead of making a whole extension button
As you can see the panel has also a list other than buttons so that’s why I didn’t put the buttons in that menu
1 Like