Chromium installation in Kali Linux

Chromium exists within the Kali repositories and can be installed using:

apt-get install chromium

By default chromium won’t launch on Kali Linux, this is due to chromium running as the root user. You can fix this by opening /etc/chromium.d/default-flags in vim and adding the following lines:

# Run as root Kali
export CHROMIUM_FLAGS="$CHROMIUM_FLAGS --password-store=detect --no-sandbox --user-data-dir"

It user-data-dir and sandboxing, disabling sandboxing will have some obvious security issues but this browser is for web application penetration testing only.

To use chromium for Web Application Penetration Testing you need to disable all the security features, allowing for DOM based XSS testing in chromium.

# Disable Chromium security features for web app testing
export CHROMIUM_FLAGS="$CHROMIUM_FLAGS --disable-web-security"

To summarize the steps used,

# A set of command line flags that we want to set by default.

# Do not hide any extensions in the about:extensions dialog
export CHROMIUM_FLAGS="$CHROMIUM_FLAGS --show-component-extension-options"

# Don't use the GPU blacklist (bug #802933)
export CHROMIUM_FLAGS="$CHROMIUM_FLAGS --ignore-gpu-blacklist"

# Run as root Kali
export CHROMIUM_FLAGS="$CHROMIUM_FLAGS --password-store=detect --no-sandbox --user-data-dir"

# Disable Chromium security features for web app testing
export CHROMIUM_FLAGS="$CHROMIUM_FLAGS --disable-web-security"

Finally Kali will give this error message and you can ignore this,

You Are using an Unsupported Command line flag –disable-web-security. Security and Stability will suffer

Note : DOM is document object model and XSS is cross site scripting

What is Chromium ??

Chromium is an open source web browser run by the Chromium Project, first released in 2008. Any developer can modify or update the source code (but only small number of Chromium devs can actually add their very own code).

How Chrome and Chromium is related ??

1. Google's Chrome is actually built on top of Chromium's source code they share the same bones, as we've already established.
2. Their logos are also quite similar. Chrome's is Google-themed multi-color, and Chromium's is a few shades of blue.

Biggest difference between chromium and chrome !!

1. Chromium updates all the time as the developers would release the new code then an there its done and you have to update chromium manually whereas Google chrome doesn't update nearly as often as Chromium
2. Security : Chrome is easy to use and Google tracks the data. Chromium doesn't do this.
3. Support for Flash Adobe: As Flash is not a open source, Chromium does not support it whereas Chrome does.

Hope this information is useful !! please do leave your thoughts on chromium and the stuff you know about it in the comment section ....