kpolley
commented
1 year ago Didn't mean to re-request a review sorry! It does say I need two reviewers in order to merge though
Closed kpolley closed 1 year ago
kpolley
commented
1 year ago Didn't mean to re-request a review sorry! It does say I need two reviewers in order to merge though
It is very common for users to have multiple chrome profiles (ex. one for work and one for personal). When this happens, the directory
~/Library/Application Support/Google/Chrome/Defaultwhich normally contain downloads, history, etc. no longer exist and instead there are multiple folders for each profile:~/Library/Application Support/Google/Chrome/Profile 1,~/Library/Application Support/Google/Chrome/Profile 2etc. Because of this directory change, If a machine has multiple chrome profiles then Aftermath does not collect any chrome forensics.This PR modifies the Chrome forensics module to support the scenario where there are multiple chrome profiles.