Webshell                    by Sean Coates and Evan Haas               Smart, Scripted HTTP                               ...
AssumptionsWednesday, March 9, 2011
Assumptions               •You know what HTTP isWednesday, March 9, 2011
Assumptions               •You know what HTTP is               •You have *some* understanding of how HTTP works           ...
Assumptions               •You know what HTTP is               •You have *some* understanding of how HTTP works           ...
Assumptions               •You know what HTTP is               •You have *some* understanding of how HTTP works           ...
What?Wednesday, March 9, 2011
What?               •cURL replacement               •REST(ish/ful/y)               •Scriptable and interactive            ...
Why…Wednesday, March 9, 2011
Why…               …not cURL?Wednesday, March 9, 2011
Why…               …not cURL?               $ curl -s http://twitter.com/users/coates.json |                    sed -e s/^...
Why…               …not cURL?               $ curl -s http://twitter.com/users/coates.json |                    sed -e s/^...
Why…Wednesday, March 9, 2011
Why…               …JavaScript?Wednesday, March 9, 2011
Why…               …JavaScript?                                    Gimme Bar                                         Front...
Why…               …JavaScript?                                    Gimme Bar                                         Front...
Why…Wednesday, March 9, 2011
Why…               …node.js?               •good console “framework”                  •File operations                  •R...
Wednesday, March 9, 2011
ZZZzzzzzzzzzzzzzzzz…Wednesday, March 9, 2011
Simple HTTP requests               http://localhost >Wednesday, March 9, 2011
Simple HTTP requests               http://localhost > GET http://google.com/               HTTP 301 http://google.com/    ...
Simple HTTP requests               http://localhost > GET http://google.com/               HTTP 301 http://google.com/    ...
Simple HTTP requests               http://localhost > GET http://google.com/               HTTP 301 http://google.com/    ...
Simple HTTP requests               http://localhost > GET http://google.com/               HTTP 301 http://google.com/    ...
Simple HTTP requests               http://google.com > $_.headers.location               http://www.google.com/           ...
Simple HTTP requests               http://google.com > $_.headers.location               http://www.google.com/           ...
Simple HTTP requests               http://google.com > $_.headers.location               http://www.google.com/           ...
Simple HTTP requests               http://google.com > $_.headers.location               http://www.google.com/           ...
Simple HTTP requests               http://google.com > $_.headers.location               http://www.google.com/           ...
Relative Requests   (sort of)          http://localhost >Wednesday, March 9, 2011
Relative Requests   (sort of)          http://localhost > GET http://files.seancoates.com/testjson.php          HTTP 404 h...
Relative Requests   (sort of)          http://localhost > GET http://files.seancoates.com/testjson.php          HTTP 404 h...
Relative Requests   (sort of)          http://localhost > GET http://files.seancoates.com/testjson.php          HTTP 404 h...
Relative Requests   (sort of)          http://localhost > GET http://files.seancoates.com/testjson.php          HTTP 404 h...
Relative Requests   (sort of)          http://localhost > GET http://files.seancoates.com/testjson.php          HTTP 404 h...
JSON Processing          http://localhost >Wednesday, March 9, 2011
JSON Processing          http://localhost > GET http://twitter.com/users/coates.json          HTTP 200 http://twitter.com/...
JSON Processing          http://localhost > GET http://twitter.com/users/coates.json          HTTP 200 http://twitter.com/...
JSON Processing          http://localhost > GET http://twitter.com/users/coates.json          HTTP 200 http://twitter.com/...
JSON Processing          http://localhost > GET http://twitter.com/users/coates.json          HTTP 200 http://twitter.com/...
Contexts          sarcasm:~/src/webshell (master)$Wednesday, March 9, 2011
Contexts          sarcasm:~/src/webshell (master)$ node shell.js          Loaded context: _previous          http://localh...
Contexts          sarcasm:~/src/webshell (master)$ node shell.js          Loaded context: _previous          http://localh...
Contexts          sarcasm:~/src/webshell (master)$ node shell.js          Loaded context: _previous          http://localh...
Contexts          sarcasm:~/src/webshell (master)$ node shell.js          Loaded context: _previous          http://localh...
Contexts               Time passes.               You use Webshell               for other things…Wednesday, March 9, 2011
Contexts          sarcasm:~/src/webshell (master)$Wednesday, March 9, 2011
Contexts          sarcasm:~/src/webshell (master)$ node shell.js          Loaded context: _previous          http://localh...
Contexts          sarcasm:~/src/webshell (master)$ node shell.js          Loaded context: _previous          http://localh...
Contexts          sarcasm:~/src/webshell (master)$ node shell.js          Loaded context: _previous          http://localh...
HTTP Auth          http://twitter.com >Wednesday, March 9, 2011
HTTP Auth   (sorry for the line breaks)          http://twitter.com > GET http://coates:notpass@twitter.com/          user...
HTTP Auth   (sorry for the line breaks)          http://twitter.com > GET http://coates:notpass@twitter.com/          user...
HTTP Auth   (sorry for the line breaks)          http://twitter.com > GET http://coates:notpass@twitter.com/          user...
HTTP Auth   (sorry for the line breaks)          http://twitter.com > GET http://coates:notpass@twitter.com/          user...
HTTP Auth   (sorry for the line breaks)          http://twitter.com > GET http://coates:notpass@twitter.com/          user...
HTTP Auth   (sorry for the line breaks)          http://twitter.com > GET http://coates:notpass@twitter.com/          user...
Cookies          http://localhost >Wednesday, March 9, 2011
Cookies     (unless $_.useCookies is set to false)          http://localhost >Wednesday, March 9, 2011
Cookies     (unless $_.useCookies is set to false)          http://localhost > GET http://files.seancoates.com/          c...
Cookies     (unless $_.useCookies is set to false)          http://localhost > GET http://files.seancoates.com/          c...
Cookies     (unless $_.useCookies is set to false)          http://localhost > GET http://files.seancoates.com/          c...
Cookies     (unless $_.useCookies is set to false)          http://localhost > GET http://files.seancoates.com/          c...
HTTP Verbs          http://localhost >Wednesday, March 9, 2011
HTTP Verbs          http://localhost > GET http://localhost/json.php?one=1&two=2          HTTP 200 http://localhost/json.p...
HTTP Verbs          http://localhost > GET http://localhost/json.php?one=1&two=2          HTTP 200 http://localhost/json.p...
HTTP Verbs          http://localhost > GET http://localhost/json.php?one=1&two=2          HTTP 200 http://localhost/json.p...
HTTP Verbs          http://localhost > GET http://localhost/json.php?one=1&two=2          HTTP 200 http://localhost/json.p...
HTTP Verbs          http://localhost > GET http://localhost/json.php?one=1&two=2          HTTP 200 http://localhost/json.p...
HTTP Verbs          http://localhost > result = $_.get(http://fictivekin.com)Wednesday, March 9, 2011
HTTP Verbs          http://localhost > result = $_.get(http://fictivekin.com)          GET http://fictivekin.com          ...
HTTP Verbs          http://localhost > result = $_.get(http://fictivekin.com)          GET http://fictivekin.comin.com    ...
HTTP Verbs          http://localhost > result = $_.get(http://fictivekin.com)          GET http://fictivekin.comin.com    ...
HTTP Verbs          http://localhost > result = $_.get(http://fictivekin.com)          GET http://fictivekin.com          ...
HTTP Headers (inspect)          http://localhost >Wednesday, March 9, 2011
HTTP Headers          http://localhost > GET http://localhost          HTTP 200 http://localhost/          http://localhos...
HTTP Headers          http://localhost > GET http://localhost          HTTP 200 http://localhost/          http://localhos...
HTTP Headers          http://localhost > GET http://localhost          HTTP 200 http://localhost/          http://localhos...
HTTP Headers (set)          http://localhost >Wednesday, March 9, 2011
HTTP Headers          http://localhost > GET http://localhost:5984/          HTTP 200 http://localhost:5984/          http...
HTTP Headers          http://localhost > GET http://localhost:5984/          HTTP 200 http://localhost:5984/          http...
HTTP Headers          http://localhost > GET http://localhost:5984/          HTTP 200 http://localhost:5984/          http...
HTTP Headers          http://localhost > GET http://localhost:5984/          HTTP 200 http://localhost:5984/          http...
Toolbox + Callbacks          http://localhost > $_.toolboxWednesday, March 9, 2011
Toolbox + Callbacks          http://localhost > $_.toolbox.lastTweet = function (username) {          ...   $_.get(http://...
Toolbox + Callbacks          http://twitter.com > $_.toolbox.lastTweet(coates)          HTTP 200 http://twitter.com/status...
Toolbox + Callbacks          http://twitter.com > $_.toolbox.lastTweet(coates)          HTTP 200 http://twitter.com/status...
Toolbox + Callbacks          http://twitter.com > $_.toolbox.lastTweet(coates)          HTTP 200 http://twitter.com/status...
Toolbox + Callbacks          http://localhost > $_.toolbox.prod_unapproved()          HTTP 200 http://prod.gimmebar.vpn:59...
HTML & DOM          webshell> GET http://fictivekin.comWednesday, March 9, 2011
HTML & DOM          webshell> GET http://fictivekin.com          HTTP 200 http://fictivekin.com          webshell>Wednesda...
HTML & DOM          webshell> GET http://fictivekin.com          HTTP 200 http://fictivekin.com          webshell> $_.docu...
HTML & DOM          webshell> GET http://fictivekin.com          HTTP 200 http://fictivekin.com          webshell> $_.docu...
HTML & DOM          webshell> GET http://fictivekin.com          HTTP 200 http://fictivekin.com          webshell> $_.docu...
HTML & DOM          webshell> GET http://fictivekin.com          HTTP 200 http://fictivekin.com          webshell> $_.docu...
HTML & DOMWednesday, March 9, 2011
HTML & DOM               •Needs envjs and libxmljs               •NOT stable               •See the envjs branch on Github...
jQuery          webshell> GET http://fictivekin.comWednesday, March 9, 2011
jQuery          webshell> GET http://fictivekin.com          HTTP 200 http://fictivekin.com          webshell>Wednesday, M...
jQuery          webshell> GET http://fictivekin.com          HTTP 200 http://fictivekin.com          webshell> $(img).leng...
jQuery          webshell> GET http://fictivekin.com          HTTP 200 http://fictivekin.com          webshell> $(img).leng...
jQuery          webshell> GET http://fictivekin.com          HTTP 200 http://fictivekin.com          webshell> $(img).leng...
jQuery          webshell> GET http://fictivekin.com          HTTP 200 http://fictivekin.com          webshell> $(img).leng...
jQueryWednesday, March 9, 2011
jQuery               •Needs envjs and libxmljs               •NOT stable               •See the envjs branch on GithubWedn...
ConcurrencyWednesday, March 9, 2011
Concurrency               •Node == powerful (story time)               •$_.requestConcurrency               •Still a littl...
Future?Wednesday, March 9, 2011
Future?              •Broken on new versions of Node )-:              •First things are to get that in order, and do some ...
New name?Wednesday, March 9, 2011
New name?               •Looking for a new name               •Too much noise on “web shell”               •We look like a...
Webshell               https://github.com/fictivekin/webshell               http://joind.in/2805               Me:         ...
Upcoming SlideShare
Loading in...5
×

WebShell - confoo 2011 - sean coates

1,154

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,154
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
23
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

WebShell - confoo 2011 - sean coates

  1. 1. Webshell by Sean Coates and Evan Haas Smart, Scripted HTTP Sean Coates ConFoo March 2011Wednesday, March 9, 2011
  2. 2. AssumptionsWednesday, March 9, 2011
  3. 3. Assumptions •You know what HTTP isWednesday, March 9, 2011
  4. 4. Assumptions •You know what HTTP is •You have *some* understanding of how HTTP works •(verbs, status codes, requests, responses)Wednesday, March 9, 2011
  5. 5. Assumptions •You know what HTTP is •You have *some* understanding of how HTTP works •(verbs, status codes, requests, responses) •You have a cursory understanding of JSWednesday, March 9, 2011
  6. 6. Assumptions •You know what HTTP is •You have *some* understanding of how HTTP works •(verbs, status codes, requests, responses) •You have a cursory understanding of JS •You care about any of this…Wednesday, March 9, 2011
  7. 7. What?Wednesday, March 9, 2011
  8. 8. What? •cURL replacement •REST(ish/ful/y) •Scriptable and interactive •Persistent •node.js •(like http-console) •https://github.com/fictivekin/webshellWednesday, March 9, 2011
  9. 9. Why…Wednesday, March 9, 2011
  10. 10. Why… …not cURL?Wednesday, March 9, 2011
  11. 11. Why… …not cURL? $ curl -s http://twitter.com/users/coates.json | sed -e s/^.*"name":"// -e s/".*$// Sean CoatesWednesday, March 9, 2011
  12. 12. Why… …not cURL? $ curl -s http://twitter.com/users/coates.json | sed -e s/^.*"name":"// -e s/".*$// Sean Coates Webshell: http://localhost > GET http://twitter.com/users/coates.json HTTP 200 http://twitter.com/users/coates.json http://twitter.com > $_.json.name Sean CoatesWednesday, March 9, 2011
  13. 13. Why…Wednesday, March 9, 2011
  14. 14. Why… …JavaScript?Wednesday, March 9, 2011
  15. 15. Why… …JavaScript? Gimme Bar Front-End Back-End ExtensionsWednesday, March 9, 2011
  16. 16. Why… …JavaScript? Gimme Bar Front-End Back-End ExtensionsWednesday, March 9, 2011
  17. 17. Why…Wednesday, March 9, 2011
  18. 18. Why… …node.js? •good console “framework” •File operations •REPL + Readline •HTTP client •non-blockingWednesday, March 9, 2011
  19. 19. Wednesday, March 9, 2011
  20. 20. ZZZzzzzzzzzzzzzzzzz…Wednesday, March 9, 2011
  21. 21. Simple HTTP requests http://localhost >Wednesday, March 9, 2011
  22. 22. Simple HTTP requests http://localhost > GET http://google.com/ HTTP 301 http://google.com/ http://google.com >Wednesday, March 9, 2011
  23. 23. Simple HTTP requests http://localhost > GET http://google.com/ HTTP 301 http://google.com/ http://google.com > $_Wednesday, March 9, 2011
  24. 24. Simple HTTP requests http://localhost > GET http://google.com/ HTTP 301 http://google.com/ http://google.com > $_.headers { location: http://www.google.com/ , content-type: text/html; charset=UTF-8 , date: Sat, 06 Nov 2010 17:38:56 GMT , expires: Mon, 06 Dec 2010 17:38:56 GMT , cache-control: public, max-age=2592000 , server: gws , content-length: 219 , x-xss-protection: 1; mode=block , connection: close } http://google.com >Wednesday, March 9, 2011
  25. 25. Simple HTTP requests http://localhost > GET http://google.com/ HTTP 301 http://google.com/ http://google.com > $_.headers { location: http://www.google.com/ , content-type: text/html; charset=UTF-8 , date: Sat, 06 Nov 2010 17:38:56 GMT , expires: Mon, 06 Dec 2010 17:38:56 GMT , cache-control: public, max-age=2592000 , server: gws , content-length: 219 , x-xss-protection: 1; mode=block , connection: close } http://google.com >Wednesday, March 9, 2011
  26. 26. Simple HTTP requests http://google.com > $_.headers.location http://www.google.com/ http://google.com >Wednesday, March 9, 2011
  27. 27. Simple HTTP requests http://google.com > $_.headers.location http://www.google.com/ http://google.com > $_.follow()Wednesday, March 9, 2011
  28. 28. Simple HTTP requests http://google.com > $_.headers.location http://www.google.com/ http://google.com > $_.follow() HTTP 302 http://www.google.com/ http://www.google.com > $_.headers.location http://www.google.ca/ http://www.google.com >Wednesday, March 9, 2011
  29. 29. Simple HTTP requests http://google.com > $_.headers.location http://www.google.com/ http://google.com > $_.follow() HTTP 302 http://www.google.com/ http://www.google.com > $_.headers.location http://www.google.ca/ http://www.google.com > $_.follow() HTTP 200 http://www.google.ca/ http://www.google.ca >Wednesday, March 9, 2011
  30. 30. Simple HTTP requests http://google.com > $_.headers.location http://www.google.com/ http://google.com > $_.follow() HTTP 302 http://www.google.com/ http://www.google.com > $_.headers.location http://www.google.ca/ http://www.google.com > $_.follow() HTTP 200 http://www.google.ca/ http://www.google.ca > $_.raw.substring(0, 50) <!doctype html><html><head><meta http-equiv="conteWednesday, March 9, 2011
  31. 31. Relative Requests (sort of) http://localhost >Wednesday, March 9, 2011
  32. 32. Relative Requests (sort of) http://localhost > GET http://files.seancoates.com/testjson.php HTTP 404 http://files.seancoates.com/testjson.php http://files.seancoates.com >Wednesday, March 9, 2011
  33. 33. Relative Requests (sort of) http://localhost > GET http://files.seancoates.com/testjson.php HTTP 404 http://files.seancoates.com/testjson.php http://files.seancoates.com >Wednesday, March 9, 2011
  34. 34. Relative Requests (sort of) http://localhost > GET http://files.seancoates.com/testjson.php HTTP 404 http://files.seancoates.com/testjson.php http://files.seancoates.com > // oops http://files.seancoates.com >Wednesday, March 9, 2011
  35. 35. Relative Requests (sort of) http://localhost > GET http://files.seancoates.com/testjson.php HTTP 404 http://files.seancoates.com/testjson.php http://files.seancoates.com > // oops http://files.seancoates.com > GET /test_json.php HTTP 200 http://files.seancoates.com/test_json.php http://files.seancoates.com >Wednesday, March 9, 2011
  36. 36. Relative Requests (sort of) http://localhost > GET http://files.seancoates.com/testjson.php HTTP 404 http://files.seancoates.com/testjson.php http://files.seancoates.com > // oops http://files.seancoates.com > GET /test_json.php HTTP 200 http://files.seancoates.com/test_json.php http://files.seancoates.com > $_.json { one: 1, two: 2, three: 3 }Wednesday, March 9, 2011
  37. 37. JSON Processing http://localhost >Wednesday, March 9, 2011
  38. 38. JSON Processing http://localhost > GET http://twitter.com/users/coates.json HTTP 200 http://twitter.com/users/coates.json http://twitter.com >Wednesday, March 9, 2011
  39. 39. JSON Processing http://localhost > GET http://twitter.com/users/coates.json HTTP 200 http://twitter.com/users/coates.json http://twitter.com > $_.json.name Sean CoatesWednesday, March 9, 2011
  40. 40. JSON Processing http://localhost > GET http://twitter.com/users/coates.json HTTP 200 http://twitter.com/users/coates.json http://twitter.com > $_.json.name Sean Coates http://twitter.com > $_.headers[content-type] application/json; charset=utf-8Wednesday, March 9, 2011
  41. 41. JSON Processing http://localhost > GET http://twitter.com/users/coates.json HTTP 200 http://twitter.com/users/coates.json http://twitter.com > $_.json.name Sean Coates http://twitter.com > $_.headers[content-type] application/json; charset=utf-8Wednesday, March 9, 2011
  42. 42. Contexts sarcasm:~/src/webshell (master)$Wednesday, March 9, 2011
  43. 43. Contexts sarcasm:~/src/webshell (master)$ node shell.js Loaded context: _previous http://localhost >Wednesday, March 9, 2011
  44. 44. Contexts sarcasm:~/src/webshell (master)$ node shell.js Loaded context: _previous http://localhost >Wednesday, March 9, 2011
  45. 45. Contexts sarcasm:~/src/webshell (master)$ node shell.js Loaded context: _previous http://localhost > GET http://twitter.com/users/coates.json HTTP 200 http://twitter.com/users/coates.json http://twitter.com >Wednesday, March 9, 2011
  46. 46. Contexts sarcasm:~/src/webshell (master)$ node shell.js Loaded context: _previous http://localhost > GET http://twitter.com/users/coates.json HTTP 200 http://twitter.com/users/coates.json http://twitter.com > $_.saveContext("twitter-coates") Saved context: twitter-coates http://twitter.com > ^D Saved context: _previousWednesday, March 9, 2011
  47. 47. Contexts Time passes. You use Webshell for other things…Wednesday, March 9, 2011
  48. 48. Contexts sarcasm:~/src/webshell (master)$Wednesday, March 9, 2011
  49. 49. Contexts sarcasm:~/src/webshell (master)$ node shell.js Loaded context: _previous http://localhost > $_.json //empty http://localhost >Wednesday, March 9, 2011
  50. 50. Contexts sarcasm:~/src/webshell (master)$ node shell.js Loaded context: _previous http://localhost > $_.json //empty http://localhost > $_.loadContext("twitter-coates") Loaded context: twitter-coates http://twitter.com >Wednesday, March 9, 2011
  51. 51. Contexts sarcasm:~/src/webshell (master)$ node shell.js Loaded context: _previous http://localhost > $_.json //empty http://localhost > $_.loadContext("twitter-coates") Loaded context: twitter-coates http://twitter.com > $_.json.name Sean CoatesWednesday, March 9, 2011
  52. 52. HTTP Auth http://twitter.com >Wednesday, March 9, 2011
  53. 53. HTTP Auth (sorry for the line breaks) http://twitter.com > GET http://coates:notpass@twitter.com/ users/coates.jsonWednesday, March 9, 2011
  54. 54. HTTP Auth (sorry for the line breaks) http://twitter.com > GET http://coates:notpass@twitter.com/ users/coates.json HTTP 401 http://coates:***@twitter.com/users/coates.json http://coates:***@twitter.com >Wednesday, March 9, 2011
  55. 55. HTTP Auth (sorry for the line breaks) http://twitter.com > GET http://coates:notpass@twitter.com/ users/coates.json HTTP 401 http://coates:***@twitter.com/users/coates.json http://coates:***@twitter.com > GET http:// coates:real@twitter.com/users/coates.jsonWednesday, March 9, 2011
  56. 56. HTTP Auth (sorry for the line breaks) http://twitter.com > GET http://coates:notpass@twitter.com/ users/coates.json HTTP 401 http://coates:***@twitter.com/users/coates.json http://coates:***@twitter.com > GET http:// coates:real@twitter.com/users/coates.json HTTP 200 http://coates:***@twitter.com/users/coates.json http://coates:***@twitter.com >Wednesday, March 9, 2011
  57. 57. HTTP Auth (sorry for the line breaks) http://twitter.com > GET http://coates:notpass@twitter.com/ users/coates.json HTTP 401 http://coates:***@twitter.com/users/coates.json http://coates:***@twitter.com > GET http:// coates:real@twitter.com/users/coates.json HTTP 200 http://coates:***@twitter.com/users/coates.json http://coates:***@twitter.com > GET http://twitter.com/ statuses/replies.json HTTP 200 http://coates:***@twitter.com/statuses/replies.json http://coates:***@twitter.com >Wednesday, March 9, 2011
  58. 58. HTTP Auth (sorry for the line breaks) http://twitter.com > GET http://coates:notpass@twitter.com/ users/coates.json HTTP 401 http://coates:***@twitter.com/users/coates.json http://coates:***@twitter.com > GET http:// coates:real@twitter.com/users/coates.json HTTP 200 http://coates:***@twitter.com/users/coates.json http://coates:***@twitter.com > GET http://twitter.com/ statuses/replies.json HTTP 200 http://coates:***@twitter.com/statuses/replies.json http://coates:***@twitter.com > $_.json[0].in_reply_to_ screen_name coatesWednesday, March 9, 2011
  59. 59. Cookies http://localhost >Wednesday, March 9, 2011
  60. 60. Cookies (unless $_.useCookies is set to false) http://localhost >Wednesday, March 9, 2011
  61. 61. Cookies (unless $_.useCookies is set to false) http://localhost > GET http://files.seancoates.com/ cookiecounter.php HTTP 200 http://files.seancoates.com/cookiecounter.php http://files.seancoates.com >Wednesday, March 9, 2011
  62. 62. Cookies (unless $_.useCookies is set to false) http://localhost > GET http://files.seancoates.com/ cookiecounter.php HTTP 200 http://files.seancoates.com/cookiecounter.php http://files.seancoates.com > $_.raw You have visited this page 1 times. http://files.seancoates.com >Wednesday, March 9, 2011
  63. 63. Cookies (unless $_.useCookies is set to false) http://localhost > GET http://files.seancoates.com/ cookiecounter.php HTTP 200 http://files.seancoates.com/cookiecounter.php http://files.seancoates.com > $_.raw You have visited this page 1 times. http://files.seancoates.com > GET http://files.seancoates.com/ cookiecounter.php HTTP 200 http://files.seancoates.com/cookiecounter.php http://files.seancoates.com > $_.raw You have visited this page 2 times. http://files.seancoates.com >Wednesday, March 9, 2011
  64. 64. Cookies (unless $_.useCookies is set to false) http://localhost > GET http://files.seancoates.com/ cookiecounter.php HTTP 200 http://files.seancoates.com/cookiecounter.php http://files.seancoates.com > $_.raw You have visited this page 1 times. http://files.seancoates.com > GET http://files.seancoates.com/ cookiecounter.php HTTP 200 http://files.seancoates.com/cookiecounter.php http://files.seancoates.com > $_.raw You have visited this page 2 times. http://files.seancoates.com > GET http://files.seancoates.com/ cookiecounter.php HTTP 200 http://files.seancoates.com/cookiecounter.php http://files.seancoates.com > GET http://files.seancoates.com/ cookiecounter.php HTTP 200 http://files.seancoates.com/cookiecounter.php http://files.seancoates.com > GET http://files.seancoates.com/ cookiecounter.php HTTP 200 http://files.seancoates.com/cookiecounter.php http://files.seancoates.com > $_.raw You have visited this page 5 times.Wednesday, March 9, 2011
  65. 65. HTTP Verbs http://localhost >Wednesday, March 9, 2011
  66. 66. HTTP Verbs http://localhost > GET http://localhost/json.php?one=1&two=2 HTTP 200 http://localhost/json.php http://localhost > $_.json.get { one: 1, two: 2 } http://localhost > $_.json.server.REQUEST_METHOD GET http://localhost >Wednesday, March 9, 2011
  67. 67. HTTP Verbs http://localhost > GET http://localhost/json.php?one=1&two=2 HTTP 200 http://localhost/json.php http://localhost > $_.json.get { one: 1, two: 2 } http://localhost > $_.json.server.REQUEST_METHOD GET http://localhost > $_.requestData = {three:3, four:4} { three: 3, four: 4 } http://localhost >Wednesday, March 9, 2011
  68. 68. HTTP Verbs http://localhost > GET http://localhost/json.php?one=1&two=2 HTTP 200 http://localhost/json.php http://localhost > $_.json.get { one: 1, two: 2 } http://localhost > $_.json.server.REQUEST_METHOD GET http://localhost > $_.requestData = {three:3, four:4} { three: 3, four: 4 } http://localhost > POST http://localhost/json.php?one=1&two=2 HTTP 200 http://localhost/json.php http://localhost > $_.json.post { three: 3, four: 4 }Wednesday, March 9, 2011
  69. 69. HTTP Verbs http://localhost > GET http://localhost/json.php?one=1&two=2 HTTP 200 http://localhost/json.php http://localhost > $_.json.get { one: 1, two: 2 } http://localhost > $_.json.server.REQUEST_METHOD GET http://localhost > $_.requestData = {three:3, four:4} { three: 3, four: 4 } http://localhost > POST http://localhost/json.php?one=1&two=2 HTTP 200 http://localhost/json.php http://localhost > $_.json.post { three: 3, four: 4 }Wednesday, March 9, 2011
  70. 70. HTTP Verbs http://localhost > GET http://localhost/json.php?one=1&two=2 HTTP 200 http://localhost/json.php http://localhost > $_.json.get { one: 1, two: 2 } http://localhost > $_.json.server.REQUEST_METHOD GET http://localhost > $_.requestData = {three:3, four:4} { three: 3, four: 4 } http://localhost > POST http://localhost/json.php?one=1&two=2 HTTP 200 http://localhost/json.php http://localhost > $_.json.post { three: 3, four: 4 } $_.postToRequestData $_.fileToRequestDataWednesday, March 9, 2011
  71. 71. HTTP Verbs http://localhost > result = $_.get(http://fictivekin.com)Wednesday, March 9, 2011
  72. 72. HTTP Verbs http://localhost > result = $_.get(http://fictivekin.com) GET http://fictivekin.com HTTP 200 http://fictivekin.com/ http://www.fictivekin.com >Wednesday, March 9, 2011
  73. 73. HTTP Verbs http://localhost > result = $_.get(http://fictivekin.com) GET http://fictivekin.comin.com HTTP 200 http://fictivekin.com/ http://www.google.com > result2 = $_.get(http:// www.google.ca) GET http://www.google.ca HTTP 200 http://www.google.ca/ http://www.google.ca >Wednesday, March 9, 2011
  74. 74. HTTP Verbs http://localhost > result = $_.get(http://fictivekin.com) GET http://fictivekin.comin.com HTTP 200 http://fictivekin.com/ http://www.google.com > result2 = $_.get(http:// www.google.ca) GET http://www.google.ca HTTP 200 http://www.google.ca/ http://www.google.ca > result.headers[content-type] text/html http://www.google.ca > result2.headers[content-type] text/html; charset=ISO-8859-1Wednesday, March 9, 2011
  75. 75. HTTP Verbs http://localhost > result = $_.get(http://fictivekin.com) GET http://fictivekin.com HTTP 200 http://fictivekin.com/ http://www.google.com > result2 = $_.get(http:// www.google.ca) GET http://www.google.ca HTTP 200 http://www.google.ca/ http://www.google.ca > result.headers[content-type] text/html http://www.google.ca > result2.headers[content-type] text/html; charset=ISO-8859-1Wednesday, March 9, 2011
  76. 76. HTTP Headers (inspect) http://localhost >Wednesday, March 9, 2011
  77. 77. HTTP Headers http://localhost > GET http://localhost HTTP 200 http://localhost/ http://localhost >Wednesday, March 9, 2011
  78. 78. HTTP Headers http://localhost > GET http://localhost HTTP 200 http://localhost/ http://localhost > $_.requestHeaders { host: localhost , user-agent: Webshell/0.1-dev node.js/v0.2.1 , accept: application/json, */* , content-type: application/x-www-form-urlencoded } http://localhost >Wednesday, March 9, 2011
  79. 79. HTTP Headers http://localhost > GET http://localhost HTTP 200 http://localhost/ http://localhost > $_.requestHeaders { host: localhost , user-agent: Webshell/0.1-dev node.js/v0.2.1 , accept: application/json, */* , content-type: application/x-www-form-urlencoded } http://localhost > $_.headers { date: Sat, 06 Nov 2010 21:14:02 GMT , server: Apache/2.2.15 (Unix) PHP/5.3.3-dev mod_ssl/2.2.15 OpenSSL/0.9.8l , content-length: 3617 , connection: close , content-type: text/html;charset=ISO-8859-1 }Wednesday, March 9, 2011
  80. 80. HTTP Headers (set) http://localhost >Wednesday, March 9, 2011
  81. 81. HTTP Headers http://localhost > GET http://localhost:5984/ HTTP 200 http://localhost:5984/ http://localhost:5984 > $_.json { couchdb: Welcome, version: 1.0.1 } http://localhost:5984 > $_.json.version 1.0.1 http://localhost:5984 >Wednesday, March 9, 2011
  82. 82. HTTP Headers http://localhost > GET http://localhost:5984/ HTTP 200 http://localhost:5984/ http://localhost:5984 > $_.json { couchdb: Welcome, version: 1.0.1 } http://localhost:5984 > $_.json.version 1.0.1 http://localhost:5984 > $_.headers[content-type] application/json http://localhost:5984 > $_.requestHeaders.accept application/json, */* http://localhost:5984 >Wednesday, March 9, 2011
  83. 83. HTTP Headers http://localhost > GET http://localhost:5984/ HTTP 200 http://localhost:5984/ http://localhost:5984 > $_.json { couchdb: Welcome, version: 1.0.1 } http://localhost:5984 > $_.json.version 1.0.1 http://localhost:5984 > $_.headers[content-type] application/json http://localhost:5984 > $_.requestHeaders.accept application/json, */* http://localhost:5984 > $_.requestHeaders.accept = */* // not json explicitly */* http://localhost:5984 > GET http://localhost:5984/ HTTP 200 http://localhost:5984/ http://localhost:5984 >Wednesday, March 9, 2011
  84. 84. HTTP Headers http://localhost > GET http://localhost:5984/ HTTP 200 http://localhost:5984/ http://localhost:5984 > $_.json { couchdb: Welcome, version: 1.0.1 } http://localhost:5984 > $_.json.version 1.0.1 http://localhost:5984 > $_.headers[content-type] application/json http://localhost:5984 > $_.requestHeaders.accept application/json, */* http://localhost:5984 > $_.requestHeaders.accept = */* // not json explicitly */* http://localhost:5984 > GET http://localhost:5984/ HTTP 200 http://localhost:5984/ http://localhost:5984 > $_.headers[content-type] text/plain;charset=utf-8 http://localhost:5984 > $_.json http://localhost:5984 > // no JSON )-:Wednesday, March 9, 2011
  85. 85. Toolbox + Callbacks http://localhost > $_.toolboxWednesday, March 9, 2011
  86. 86. Toolbox + Callbacks http://localhost > $_.toolbox.lastTweet = function (username) { ... $_.get(http://twitter.com/statuses/user_timeline + username + .json, ... function () { if ($_.status == 200) { ... console.log("Last tweet: " + $_.json[0].text) ... }}); ... } [Function]Wednesday, March 9, 2011
  87. 87. Toolbox + Callbacks http://twitter.com > $_.toolbox.lastTweet(coates) HTTP 200 http://twitter.com/statuses/user_timeline/coates.json Last tweet: Doing a bunch of work on Webshell. Fixed some bugs, added relative URLs, and re-writing the docs. http:// github.com/fictivekin/webshell http://twitter.com >Wednesday, March 9, 2011
  88. 88. Toolbox + Callbacks http://twitter.com > $_.toolbox.lastTweet(coates) HTTP 200 http://twitter.com/statuses/user_timeline/coates.json Last tweet: Doing a bunch of work on Webshell. Fixed some bugs, added relative URLs, and re-writing the docs. http:// github.com/fictivekin/webshell http://twitter.com > $_.toolbox.lastTweet(sirevanhaas) HTTP 200 http://twitter.com/statuses/user_timeline/ sirevanhaas.json Last tweet: If only Firefox extensions were as simple as Chrome/Safari extensions http://twitter.com >Wednesday, March 9, 2011
  89. 89. Toolbox + Callbacks http://twitter.com > $_.toolbox.lastTweet(coates) HTTP 200 http://twitter.com/statuses/user_timeline/coates.json Last tweet: Doing a bunch of work on Webshell. Fixed some bugs, added relative URLs, and re-writing the docs. http:// github.com/fictivekin/webshell http://twitter.com > $_.toolbox.lastTweet(sirevanhaas) HTTP 200 http://twitter.com/statuses/user_timeline/ sirevanhaas.json Last tweet: If only Firefox extensions were as simple as Chrome/Safari extensions http://twitter.com > $_.toolbox.lastTweet(userwhodoesntexist) HTTP 404 http://twitter.com/statuses/user_timeline/ userwhodoesntexist.json http://twitter.com >Wednesday, March 9, 2011
  90. 90. Toolbox + Callbacks http://localhost > $_.toolbox.prod_unapproved() HTTP 200 http://prod.gimmebar.vpn:5984/gimmebar/_design/ InviteRequest/_view/by_unapproved Unapproved: 99 http://prod.gimmebar.vpn:5984 >Wednesday, March 9, 2011
  91. 91. HTML & DOM webshell> GET http://fictivekin.comWednesday, March 9, 2011
  92. 92. HTML & DOM webshell> GET http://fictivekin.com HTTP 200 http://fictivekin.com webshell>Wednesday, March 9, 2011
  93. 93. HTML & DOM webshell> GET http://fictivekin.com HTTP 200 http://fictivekin.com webshell> $_.document.getElementsByClassName(message).lengthWednesday, March 9, 2011
  94. 94. HTML & DOM webshell> GET http://fictivekin.com HTTP 200 http://fictivekin.com webshell> $_.document.getElementsByClassName(message).length 8 webshell>Wednesday, March 9, 2011
  95. 95. HTML & DOM webshell> GET http://fictivekin.com HTTP 200 http://fictivekin.com webshell> $_.document.getElementsByClassName(message).length 8 webshell> $_.document.getElementById(faq).innerHTMLWednesday, March 9, 2011
  96. 96. HTML & DOM webshell> GET http://fictivekin.com HTTP 200 http://fictivekin.com webshell> $_.document.getElementsByClassName(message).length 8 webshell> $_.document.getElementById(faq).innerHTML n <a href=>FAQ</a>n <h2>Frequently Asked Questions</h2>nWednesday, March 9, 2011
  97. 97. HTML & DOMWednesday, March 9, 2011
  98. 98. HTML & DOM •Needs envjs and libxmljs •NOT stable •See the envjs branch on GithubWednesday, March 9, 2011
  99. 99. jQuery webshell> GET http://fictivekin.comWednesday, March 9, 2011
  100. 100. jQuery webshell> GET http://fictivekin.com HTTP 200 http://fictivekin.com webshell>Wednesday, March 9, 2011
  101. 101. jQuery webshell> GET http://fictivekin.com HTTP 200 http://fictivekin.com webshell> $(img).lengthWednesday, March 9, 2011
  102. 102. jQuery webshell> GET http://fictivekin.com HTTP 200 http://fictivekin.com webshell> $(img).length 4Wednesday, March 9, 2011
  103. 103. jQuery webshell> GET http://fictivekin.com HTTP 200 http://fictivekin.com webshell> $(img).length 4 webshell> $(img).each(function() { sys.puts($(this).attr (src));})Wednesday, March 9, 2011
  104. 104. jQuery webshell> GET http://fictivekin.com HTTP 200 http://fictivekin.com webshell> $(img).length 4 webshell> $(img).each(function() { console.log($(this).attr (src));}) images/fk2_no.png images/dot1.png images/dot2.png images/dot3.pngWednesday, March 9, 2011
  105. 105. jQueryWednesday, March 9, 2011
  106. 106. jQuery •Needs envjs and libxmljs •NOT stable •See the envjs branch on GithubWednesday, March 9, 2011
  107. 107. ConcurrencyWednesday, March 9, 2011
  108. 108. Concurrency •Node == powerful (story time) •$_.requestConcurrency •Still a little flakyWednesday, March 9, 2011
  109. 109. Future?Wednesday, March 9, 2011
  110. 110. Future? •Broken on new versions of Node )-: •First things are to get that in order, and do some cleanup •More distant future: •Mongo? •Import browser cookies •Improve readline/UIWednesday, March 9, 2011
  111. 111. New name?Wednesday, March 9, 2011
  112. 112. New name? •Looking for a new name •Too much noise on “web shell” •We look like a security exploit )-:Wednesday, March 9, 2011
  113. 113. Webshell https://github.com/fictivekin/webshell http://joind.in/2805 Me: http://seancoates.com sean@seancoates.com @coates Work: https://gimmebar.com http://fictivekin.comWednesday, March 9, 2011
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×