SlideShare a Scribd company logo

Smuggling TCP traffic through HTTP

Download as PPTX, PDF
D
Dávid Halász

This document discusses smuggling TCP traffic through HTTP by leveraging HTTP upgrades. It proposes a new project called Purr that implements a TCP "smuggling" server in Ruby using Rack and a client-side proxy. Purr aims to allow anything TCP-based to be tunneled through HTTP, controlled by a browser extension using native messaging and accessible from web apps via a JS library. The incomplete implementation has a server and basic client-side proxy functionality, but more work is needed for distribution, libraries, HTTPS support, and testing.

Technology
1 of 24
Smuggling TCP traffic through HTTP Dávid Halász dhalasz@redhat.com
About me Software Engineer at Red Hat in Brno Working on the ManageIQ UI and remote consoles and notifications and many other stuff mostly in Ruby Maintaining the SASS port of PatternFly @skateman on GitHub 💓💎💓
ManageIQ Control all the things Infrastructure Middleware Containers Networking Automation C&U Metrics ...
VM Remote Consoles Hypervisors usually provide a remote desktop server VNC SPICE Traffic encapsulated into WebSocket frames by a proxy Websockify (used by OpenStack) ManageIQ WebSocket Worker In-browser clients implemented using JavaScript and <canvas> noVNC
How the proxy is implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server
How the proxy is implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server HTTP Upgrade
How the proxy is implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server HTTP Upgrade Socket Hijacking
How the proxy is implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server HTTP UpgradeTCP Open
How the proxy is implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server TCP HTTP 101
How the proxy is implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server TCP WebSocket Proxying
HTTP Upgrade Introduced in HTTP/1.1 Upgrade from older versions of HTTP Upgrade to HTTPS Upgrade to anything based on TCP VNC SPICE SSH … Request: GET / HTTP/1.1 Upgrade: websocket Connection: Upgrade Host: example.com Origin: http://example.com Sec-WebSocket-Version: 13 Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ== Response: HTTP/1.1 101 Switching Protocols Upgrade: websocket Connection: Upgrade Sec-WebSocket-Accept: s3pPLMBiTxaQ9kYGzzhZRbK+xOo=
Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client
Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client Request
Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client Response
Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client
Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP Open
Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP OpenHTTP Upgrade
Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP OpenHTTP Upgrade Socket Hijacking
Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP OpenHTTP UpgradeTCP Open
Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP OpenTCP HTTP 101
Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP OpenTCP Proxying “TCP”
Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP Proxying “TCP” TCP Proxying
Purr An (incomplete) implementation of the TCP “smuggling” Server implemented in Ruby using Rack Client-side proxy The scary part implemented in Go Controlled by a browser extension using the Native Messaging API Extension accessible from Web Applications using a JS library (TODO) It can “smuggle” anything TCP-based through HTTP It has a nice logo of a purring cat
Thank you for your attention! Find the project on GitHub: http://github.com/skateman/purr Reach out if you are interested in integrating it in your product Feel free to contribute, there is a lot to do: Distribution of the client JS frontend library HTTPS support Tests for the Go code Integration tests

Recommended

Using Communication and Messaging API in the HTML5 World
Using Communication and Messaging API in the HTML5 WorldUsing Communication and Messaging API in the HTML5 World
Using Communication and Messaging API in the HTML5 World
Gil Fink
 
Http/2
Http/2Http/2
Http/2
Adrian Cardenas
 
HTTP/2 standard for video streaming
HTTP/2 standard for video streamingHTTP/2 standard for video streaming
HTTP/2 standard for video streaming
Hung Thai Le
 
HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0
HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0
HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0
Cory Forsyth
 
Codecamp iasi-26 nov 2011-web sockets
Codecamp iasi-26 nov 2011-web socketsCodecamp iasi-26 nov 2011-web sockets
Codecamp iasi-26 nov 2011-web sockets
Codecamp Romania
 
What HTTP/2.0 Will Do For You
What HTTP/2.0 Will Do For YouWhat HTTP/2.0 Will Do For You
What HTTP/2.0 Will Do For You
Mark Nottingham
 
dotNetConf2019
dotNetConf2019dotNetConf2019
dotNetConf2019
Andrea Tosato
 
cPanel conf 2017 - How to Speak cPanel
cPanel conf 2017 - How to Speak cPanelcPanel conf 2017 - How to Speak cPanel
cPanel conf 2017 - How to Speak cPanel
cPanel
 

Recommended

Using Communication and Messaging API in the HTML5 World
Using Communication and Messaging API in the HTML5 WorldUsing Communication and Messaging API in the HTML5 World
Using Communication and Messaging API in the HTML5 World
Gil Fink
 
Http/2
Http/2Http/2
Http/2
Adrian Cardenas
 
HTTP/2 standard for video streaming
HTTP/2 standard for video streamingHTTP/2 standard for video streaming
HTTP/2 standard for video streaming
Hung Thai Le
 
HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0
HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0
HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0
Cory Forsyth
 
Codecamp iasi-26 nov 2011-web sockets
Codecamp iasi-26 nov 2011-web socketsCodecamp iasi-26 nov 2011-web sockets
Codecamp iasi-26 nov 2011-web sockets
Codecamp Romania
 
What HTTP/2.0 Will Do For You
What HTTP/2.0 Will Do For YouWhat HTTP/2.0 Will Do For You
What HTTP/2.0 Will Do For You
Mark Nottingham
 
dotNetConf2019
dotNetConf2019dotNetConf2019
dotNetConf2019
Andrea Tosato
 
cPanel conf 2017 - How to Speak cPanel
cPanel conf 2017 - How to Speak cPanelcPanel conf 2017 - How to Speak cPanel
cPanel conf 2017 - How to Speak cPanel
cPanel
 
WebSockets On Fire
WebSockets On FireWebSockets On Fire
WebSockets On Fire
Jef Claes
 
SPDY and HTTP/2
SPDY and HTTP/2SPDY and HTTP/2
SPDY and HTTP/2
Fabian Frank
 
Alex carcea, radu macovei a story of how java script joined the big league
Alex carcea, radu macovei a story of how java script joined the big leagueAlex carcea, radu macovei a story of how java script joined the big league
Alex carcea, radu macovei a story of how java script joined the big league
Codecamp Romania
 
Dataservices - Data Processing mit Microservices
Dataservices - Data Processing mit MicroservicesDataservices - Data Processing mit Microservices
Dataservices - Data Processing mit Microservices
QAware GmbH
 
HTTP/2 Changes Everything
HTTP/2 Changes EverythingHTTP/2 Changes Everything
HTTP/2 Changes Everything
Lori MacVittie
 
O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2
O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2
O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2
Load Impact
 
HTML5, HTTP2, and You 1.1
HTML5, HTTP2, and You 1.1HTML5, HTTP2, and You 1.1
HTML5, HTTP2, and You 1.1
Daniel Austin
 
Cfg Mgmtcamp 2015 - Releases
Cfg Mgmtcamp 2015 - ReleasesCfg Mgmtcamp 2015 - Releases
Cfg Mgmtcamp 2015 - Releases
CFEngine
 
HTTP/2 : why upgrading the web? - apidays Paris
HTTP/2 : why upgrading the web? - apidays ParisHTTP/2 : why upgrading the web? - apidays Paris
HTTP/2 : why upgrading the web? - apidays Paris
Quentin Adam
 
Config Management Camp 2015 - How to Deploy CFEngine in the Open Internet
Config Management Camp 2015 - How to Deploy CFEngine in the Open InternetConfig Management Camp 2015 - How to Deploy CFEngine in the Open Internet
Config Management Camp 2015 - How to Deploy CFEngine in the Open Internet
CFEngine
 
Introduction to HTTP/2
Introduction to HTTP/2Introduction to HTTP/2
Introduction to HTTP/2
Ido Flatow
 
HTTP2 is Here!
HTTP2 is Here!HTTP2 is Here!
HTTP2 is Here!
Andy Davies
 
11.Open Data Protocol(ODATA)
11.Open Data Protocol(ODATA) 11.Open Data Protocol(ODATA)
11.Open Data Protocol(ODATA)
Nguyen Tuan
 
Debugging with Fiddler
Debugging with FiddlerDebugging with Fiddler
Debugging with Fiddler
Ido Flatow
 
Introduction to Web Sockets
Introduction to Web SocketsIntroduction to Web Sockets
Introduction to Web Sockets
Jumping Bean
 
Cowboy rabbit-websockets
Cowboy rabbit-websocketsCowboy rabbit-websockets
Cowboy rabbit-websockets
Wade Mealing
 
Websocket 101 in Python
Websocket 101 in PythonWebsocket 101 in Python
Websocket 101 in Python
Juti Noppornpitak
 
Web Sockets
Web SocketsWeb Sockets
Web Sockets
Paul Fryer
 
Web Sockets - HTML5
Web Sockets - HTML5Web Sockets - HTML5
Web Sockets - HTML5
Matheus Marabesi
 
DIY Async Message Pump: Lessons from the trenches
DIY Async Message Pump: Lessons from the trenchesDIY Async Message Pump: Lessons from the trenches
DIY Async Message Pump: Lessons from the trenches
Particular Software
 
Introduction to router
Introduction to routerIntroduction to router
Introduction to router
Farhan Galib
 
Switching seminar ppt
Switching seminar pptSwitching seminar ppt
Switching seminar ppt
Ashish Kushwah
 

More Related Content

What's hot

WebSockets On Fire
WebSockets On FireWebSockets On Fire
WebSockets On Fire
Jef Claes
 
SPDY and HTTP/2
SPDY and HTTP/2SPDY and HTTP/2
SPDY and HTTP/2
Fabian Frank
 
Alex carcea, radu macovei a story of how java script joined the big league
Alex carcea, radu macovei a story of how java script joined the big leagueAlex carcea, radu macovei a story of how java script joined the big league
Alex carcea, radu macovei a story of how java script joined the big league
Codecamp Romania
 
Dataservices - Data Processing mit Microservices
Dataservices - Data Processing mit MicroservicesDataservices - Data Processing mit Microservices
Dataservices - Data Processing mit Microservices
QAware GmbH
 
HTTP/2 Changes Everything
HTTP/2 Changes EverythingHTTP/2 Changes Everything
HTTP/2 Changes Everything
Lori MacVittie
 
O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2
O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2
O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2
Load Impact
 
HTML5, HTTP2, and You 1.1
HTML5, HTTP2, and You 1.1HTML5, HTTP2, and You 1.1
HTML5, HTTP2, and You 1.1
Daniel Austin
 
Cfg Mgmtcamp 2015 - Releases
Cfg Mgmtcamp 2015 - ReleasesCfg Mgmtcamp 2015 - Releases
Cfg Mgmtcamp 2015 - Releases
CFEngine
 
HTTP/2 : why upgrading the web? - apidays Paris
HTTP/2 : why upgrading the web? - apidays ParisHTTP/2 : why upgrading the web? - apidays Paris
HTTP/2 : why upgrading the web? - apidays Paris
Quentin Adam
 
Config Management Camp 2015 - How to Deploy CFEngine in the Open Internet
Config Management Camp 2015 - How to Deploy CFEngine in the Open InternetConfig Management Camp 2015 - How to Deploy CFEngine in the Open Internet
Config Management Camp 2015 - How to Deploy CFEngine in the Open Internet
CFEngine
 
Introduction to HTTP/2
Introduction to HTTP/2Introduction to HTTP/2
Introduction to HTTP/2
Ido Flatow
 
HTTP2 is Here!
HTTP2 is Here!HTTP2 is Here!
HTTP2 is Here!
Andy Davies
 
11.Open Data Protocol(ODATA)
11.Open Data Protocol(ODATA) 11.Open Data Protocol(ODATA)
11.Open Data Protocol(ODATA)
Nguyen Tuan
 
Debugging with Fiddler
Debugging with FiddlerDebugging with Fiddler
Debugging with Fiddler
Ido Flatow
 
Introduction to Web Sockets
Introduction to Web SocketsIntroduction to Web Sockets
Introduction to Web Sockets
Jumping Bean
 
Cowboy rabbit-websockets
Cowboy rabbit-websocketsCowboy rabbit-websockets
Cowboy rabbit-websockets
Wade Mealing
 
Websocket 101 in Python
Websocket 101 in PythonWebsocket 101 in Python
Websocket 101 in Python
Juti Noppornpitak
 
Web Sockets
Web SocketsWeb Sockets
Web Sockets
Paul Fryer
 
Web Sockets - HTML5
Web Sockets - HTML5Web Sockets - HTML5
Web Sockets - HTML5
Matheus Marabesi
 
DIY Async Message Pump: Lessons from the trenches
DIY Async Message Pump: Lessons from the trenchesDIY Async Message Pump: Lessons from the trenches
DIY Async Message Pump: Lessons from the trenches
Particular Software
 

What's hot (20)

WebSockets On Fire
WebSockets On FireWebSockets On Fire
WebSockets On Fire
 
SPDY and HTTP/2
SPDY and HTTP/2SPDY and HTTP/2
SPDY and HTTP/2
 
Alex carcea, radu macovei a story of how java script joined the big league
Alex carcea, radu macovei a story of how java script joined the big leagueAlex carcea, radu macovei a story of how java script joined the big league
Alex carcea, radu macovei a story of how java script joined the big league
 
Dataservices - Data Processing mit Microservices
Dataservices - Data Processing mit MicroservicesDataservices - Data Processing mit Microservices
Dataservices - Data Processing mit Microservices
 
HTTP/2 Changes Everything
HTTP/2 Changes EverythingHTTP/2 Changes Everything
HTTP/2 Changes Everything
 
O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2
O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2
O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2
 
HTML5, HTTP2, and You 1.1
HTML5, HTTP2, and You 1.1HTML5, HTTP2, and You 1.1
HTML5, HTTP2, and You 1.1
 
Cfg Mgmtcamp 2015 - Releases
Cfg Mgmtcamp 2015 - ReleasesCfg Mgmtcamp 2015 - Releases
Cfg Mgmtcamp 2015 - Releases
 
HTTP/2 : why upgrading the web? - apidays Paris
HTTP/2 : why upgrading the web? - apidays ParisHTTP/2 : why upgrading the web? - apidays Paris
HTTP/2 : why upgrading the web? - apidays Paris
 
Config Management Camp 2015 - How to Deploy CFEngine in the Open Internet
Config Management Camp 2015 - How to Deploy CFEngine in the Open InternetConfig Management Camp 2015 - How to Deploy CFEngine in the Open Internet
Config Management Camp 2015 - How to Deploy CFEngine in the Open Internet
 
Introduction to HTTP/2
Introduction to HTTP/2Introduction to HTTP/2
Introduction to HTTP/2
 
HTTP2 is Here!
HTTP2 is Here!HTTP2 is Here!
HTTP2 is Here!
 
11.Open Data Protocol(ODATA)
11.Open Data Protocol(ODATA) 11.Open Data Protocol(ODATA)
11.Open Data Protocol(ODATA)
 
Debugging with Fiddler
Debugging with FiddlerDebugging with Fiddler
Debugging with Fiddler
 
Introduction to Web Sockets
Introduction to Web SocketsIntroduction to Web Sockets
Introduction to Web Sockets
 
Cowboy rabbit-websockets
Cowboy rabbit-websocketsCowboy rabbit-websockets
Cowboy rabbit-websockets
 
Websocket 101 in Python
Websocket 101 in PythonWebsocket 101 in Python
Websocket 101 in Python
 
Web Sockets
Web SocketsWeb Sockets
Web Sockets
 
Web Sockets - HTML5
Web Sockets - HTML5Web Sockets - HTML5
Web Sockets - HTML5
 
DIY Async Message Pump: Lessons from the trenches
DIY Async Message Pump: Lessons from the trenchesDIY Async Message Pump: Lessons from the trenches
DIY Async Message Pump: Lessons from the trenches
 

Viewers also liked

Introduction to router
Introduction to routerIntroduction to router
Introduction to router
Farhan Galib
 
Switching seminar ppt
Switching seminar pptSwitching seminar ppt
Switching seminar ppt
Ashish Kushwah
 
Presentation on router
Presentation on routerPresentation on router
Presentation on router
Iqra university islamabad
 
difference between hub, bridge, switch and router
difference between hub, bridge, switch and routerdifference between hub, bridge, switch and router
difference between hub, bridge, switch and router
Akmal Cikmat
 
5. icmp
5. icmp5. icmp
5. icmp
Swati Arora
 
ICMP
ICMPICMP
ICMP
selvakumar_b1985
 
Icmp
IcmpIcmp
Icmp
Abhishek Kesharwani
 
Network protocol
Network protocolNetwork protocol
Network protocol
Online
 
Routers.ppt
Routers.pptRouters.ppt
Routers.ppt
kirbadh
 
Internet control message protocol
Internet control message protocolInternet control message protocol
Internet control message protocol
asimnawaz54
 

Viewers also liked (10)

Introduction to router
Introduction to routerIntroduction to router
Introduction to router
 
Switching seminar ppt
Switching seminar pptSwitching seminar ppt
Switching seminar ppt
 
Presentation on router
Presentation on routerPresentation on router
Presentation on router
 
difference between hub, bridge, switch and router
difference between hub, bridge, switch and routerdifference between hub, bridge, switch and router
difference between hub, bridge, switch and router
 
5. icmp
5. icmp5. icmp
5. icmp
 
ICMP
ICMPICMP
ICMP
 
Icmp
IcmpIcmp
Icmp
 
Network protocol
Network protocolNetwork protocol
Network protocol
 
Routers.ppt
Routers.pptRouters.ppt
Routers.ppt
 
Internet control message protocol
Internet control message protocolInternet control message protocol
Internet control message protocol
 

Similar to Smuggling TCP traffic through HTTP

ITCamp 2011 - Florin Cardasim - Duplex Communications with WCF and Azure
ITCamp 2011 - Florin Cardasim - Duplex Communications with WCF and AzureITCamp 2011 - Florin Cardasim - Duplex Communications with WCF and Azure
ITCamp 2011 - Florin Cardasim - Duplex Communications with WCF and Azure
Florin Cardasim
 
Windows Phone 8 - 12 Network Communication
Windows Phone 8 - 12 Network CommunicationWindows Phone 8 - 12 Network Communication
Windows Phone 8 - 12 Network Communication
Oliver Scheer
 
vCenter and ESXi network port communications
vCenter and ESXi network port communicationsvCenter and ESXi network port communications
vCenter and ESXi network port communications
Animesh Dixit
 
WebSockets: The Current State of the Most Valuable HTML5 API for Java Developers
WebSockets: The Current State of the Most Valuable HTML5 API for Java DevelopersWebSockets: The Current State of the Most Valuable HTML5 API for Java Developers
WebSockets: The Current State of the Most Valuable HTML5 API for Java Developers
Viktor Gamov
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetes
Paul Czarkowski
 
Null HYD VRTDOS
Null HYD VRTDOSNull HYD VRTDOS
Null HYD VRTDOS
Raghunath G
 
Websocket
WebsocketWebsocket
Websocket
艾鍗科技
 
HTTP/2 Comes to Java: Servlet 4.0 and what it means for the Java/Jakarta EE e...
HTTP/2 Comes to Java: Servlet 4.0 and what it means for the Java/Jakarta EE e...HTTP/2 Comes to Java: Servlet 4.0 and what it means for the Java/Jakarta EE e...
HTTP/2 Comes to Java: Servlet 4.0 and what it means for the Java/Jakarta EE e...
Edward Burns
 
Push the web with HTML5
Push the web with HTML5Push the web with HTML5
Push the web with HTML5
Stoyan Zhekov
 
Get Hands-On with NGINX and QUIC+HTTP/3
Get Hands-On with NGINX and QUIC+HTTP/3Get Hands-On with NGINX and QUIC+HTTP/3
Get Hands-On with NGINX and QUIC+HTTP/3
NGINX, Inc.
 
Web Services 2009
Web Services 2009Web Services 2009
Web Services 2009
Cathie101
 
Web Services 2009
Web Services 2009Web Services 2009
Web Services 2009
Cathie101
 
WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)
WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)
WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)
Ericom Software
 
Web server
Web serverWeb server
Web server
Nirav Daraniya
 
Decoding real time web communication
Decoding real time web communicationDecoding real time web communication
Decoding real time web communication
AMiT JAiN
 
Webconnection
WebconnectionWebconnection
Webconnection
Rick Strahl
 
Realtime with-websockets-2015
Realtime with-websockets-2015Realtime with-websockets-2015
Realtime with-websockets-2015
ColdFusionConference
 
Web Server Administration
Web Server AdministrationWeb Server Administration
Web Server Administration
webhostingguy
 
Web Server Administration
Web Server AdministrationWeb Server Administration
Web Server Administration
webhostingguy
 
Web Server Administration
Web Server AdministrationWeb Server Administration
Web Server Administration
webhostingguy
 

Similar to Smuggling TCP traffic through HTTP (20)

ITCamp 2011 - Florin Cardasim - Duplex Communications with WCF and Azure
ITCamp 2011 - Florin Cardasim - Duplex Communications with WCF and AzureITCamp 2011 - Florin Cardasim - Duplex Communications with WCF and Azure
ITCamp 2011 - Florin Cardasim - Duplex Communications with WCF and Azure
 
Windows Phone 8 - 12 Network Communication
Windows Phone 8 - 12 Network CommunicationWindows Phone 8 - 12 Network Communication
Windows Phone 8 - 12 Network Communication
 
vCenter and ESXi network port communications
vCenter and ESXi network port communicationsvCenter and ESXi network port communications
vCenter and ESXi network port communications
 
WebSockets: The Current State of the Most Valuable HTML5 API for Java Developers
WebSockets: The Current State of the Most Valuable HTML5 API for Java DevelopersWebSockets: The Current State of the Most Valuable HTML5 API for Java Developers
WebSockets: The Current State of the Most Valuable HTML5 API for Java Developers
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetes
 
Null HYD VRTDOS
Null HYD VRTDOSNull HYD VRTDOS
Null HYD VRTDOS
 
Websocket
WebsocketWebsocket
Websocket
 
HTTP/2 Comes to Java: Servlet 4.0 and what it means for the Java/Jakarta EE e...
HTTP/2 Comes to Java: Servlet 4.0 and what it means for the Java/Jakarta EE e...HTTP/2 Comes to Java: Servlet 4.0 and what it means for the Java/Jakarta EE e...
HTTP/2 Comes to Java: Servlet 4.0 and what it means for the Java/Jakarta EE e...
 
Push the web with HTML5
Push the web with HTML5Push the web with HTML5
Push the web with HTML5
 
Get Hands-On with NGINX and QUIC+HTTP/3
Get Hands-On with NGINX and QUIC+HTTP/3Get Hands-On with NGINX and QUIC+HTTP/3
Get Hands-On with NGINX and QUIC+HTTP/3
 
Web Services 2009
Web Services 2009Web Services 2009
Web Services 2009
 
Web Services 2009
Web Services 2009Web Services 2009
Web Services 2009
 
WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)
WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)
WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)
 
Web server
Web serverWeb server
Web server
 
Decoding real time web communication
Decoding real time web communicationDecoding real time web communication
Decoding real time web communication
 
Webconnection
WebconnectionWebconnection
Webconnection
 
Realtime with-websockets-2015
Realtime with-websockets-2015Realtime with-websockets-2015
Realtime with-websockets-2015
 
Web Server Administration
Web Server AdministrationWeb Server Administration
Web Server Administration
 
Web Server Administration
Web Server AdministrationWeb Server Administration
Web Server Administration
 
Web Server Administration
Web Server AdministrationWeb Server Administration
Web Server Administration
 

Recently uploaded

Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
Hiroshi SHIBATA
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
Chart Kalyan
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
Jason Packer
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
Zilliz
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
Tatiana Kojar
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
IndexBug
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
Zilliz
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
Zilliz
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Edge AI and Vision Alliance
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
MichaelKnudsen27
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
Pixlogix Infotech
 

Recently uploaded (20)

Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
 

Smuggling TCP traffic through HTTP

  • 1. Smuggling TCP traffic through HTTP Dávid Halász dhalasz@redhat.com
  • 2. About me Software Engineer at Red Hat in Brno Working on the ManageIQ UI and remote consoles and notifications and many other stuff mostly in Ruby Maintaining the SASS port of PatternFly @skateman on GitHub 💓💎💓
  • 3. ManageIQ Control all the things Infrastructure Middleware Containers Networking Automation C&U Metrics ...
  • 4. VM Remote Consoles Hypervisors usually provide a remote desktop server VNC SPICE Traffic encapsulated into WebSocket frames by a proxy Websockify (used by OpenStack) ManageIQ WebSocket Worker In-browser clients implemented using JavaScript and <canvas> noVNC
  • 5. How the proxy is implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server
  • 6. How the proxy is implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server HTTP Upgrade
  • 7. How the proxy is implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server HTTP Upgrade Socket Hijacking
  • 8. How the proxy is implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server HTTP UpgradeTCP Open
  • 9. How the proxy is implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server TCP HTTP 101
  • 10. How the proxy is implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server TCP WebSocket Proxying
  • 11. HTTP Upgrade Introduced in HTTP/1.1 Upgrade from older versions of HTTP Upgrade to HTTPS Upgrade to anything based on TCP VNC SPICE SSH … Request: GET / HTTP/1.1 Upgrade: websocket Connection: Upgrade Host: example.com Origin: http://example.com Sec-WebSocket-Version: 13 Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ== Response: HTTP/1.1 101 Switching Protocols Upgrade: websocket Connection: Upgrade Sec-WebSocket-Accept: s3pPLMBiTxaQ9kYGzzhZRbK+xOo=
  • 12. Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client
  • 13. Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client Request
  • 14. Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client Response
  • 15. Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client
  • 16. Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP Open
  • 17. Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP OpenHTTP Upgrade
  • 18. Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP OpenHTTP Upgrade Socket Hijacking
  • 19. Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP OpenHTTP UpgradeTCP Open
  • 20. Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP OpenTCP HTTP 101
  • 21. Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP OpenTCP Proxying “TCP”
  • 22. Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP Proxying “TCP” TCP Proxying
  • 23. Purr An (incomplete) implementation of the TCP “smuggling” Server implemented in Ruby using Rack Client-side proxy The scary part implemented in Go Controlled by a browser extension using the Native Messaging API Extension accessible from Web Applications using a JS library (TODO) It can “smuggle” anything TCP-based through HTTP It has a nice logo of a purring cat
  • 24. Thank you for your attention! Find the project on GitHub: http://github.com/skateman/purr Reach out if you are interested in integrating it in your product Feel free to contribute, there is a lot to do: Distribution of the client JS frontend library HTTPS support Tests for the Go code Integration tests