ragged blog

This was a little bit of random inspiration I got from this little javascript file which _why wrote:
Ruby for Windows in Under 1K.

I thought that was pretty cool… So I made it a bit cooler, and now propose some ideas I’ll be working on if I can find the time…

When I stumbled upon this stranded little baby bear in the woods I thought it looked kinda cute. Unfortunately this little bear had no real motivation to execute it’s cuddly little plans. Seeing him so close to growing into a strong beast which might aid my hunting, I felt compelled to provide him with a spice of one-step motivation (before I redirected his focus in order to utilise him for my own devious plans of forest domination).

So anyway, the result was a nasty little .bat file in 640 bytes, which simply echos try.js and calls it. This version also hard codes support for EOT to exit.

Opps, I winked.

Anyway… time for some real web page nastiness with a wide line of code:

[source:ruby]@echo tryurl=”http://tryruby.hobix.com/irb?cmd=”;w=WScript;o=w.StdOut;i=w.StdIn;function wget(url,hdrs){var http=w.CreateObject(“Microsoft.XMLHTTP”);http.open(“GET”,url,false);for(var k in hdrs)http.setRequestHeader(k,hdrs[k]);http.send(“”);return http.responseText;}sess=wget(tryurl+escape(“!INIT!IRB!”),{});w.Echo(“Interactive Ruby ready. (send ^D to exit)”);o.Write(“>> “);i.Read(0);while(true){cmd=i.ReadLine();resp=”";ps=”>> “;if(cmd==”\004″)break;if(cmd){resp=wget(tryurl+escape(cmd).replace(/\+/g,’%%2B’),{‘Cookie’: ‘_session_id=’+sess});ps=”..”;if(resp){o.Write(resp);ps=”>>”;}}o.Write(ps+” “);}>t.js
@cscript//Nologo t.js&del t.js[/source]
- That’s 640 Bytes, with some extra documentation and an extra char on the prompt! I’m sure it could be shorter, but I don’t care. That’s damn near half a kB, and the block size of most all devices is larger than that these days (devices like, don’t even think this small, dude).

And the tryruby.bat

Now, on to some not so original and dangerous thinking…

The tool as it stood in a .js file was a bit cumbersome. You’d have to load up a cmd, get into the right dir, and run cscript on it. Now, you can just carry this .bat round on a USB stick and get a ruby XML-RPC to …. the try ruby server ….

As another kinda funky side idea, you could carry your own one-time pad algorithm in another .bat based on this, processed via tryruby, along with a username and password to get into your own ruby processes.

It might be a crazy stupid idea, to some, but it’s also pretty damn useful. I mean, it’s a remote ruby shell, with NO dependencies except the OSes native scripting languages…. I don’t even necessarily need putty after this (no, I’m not entirely serious there, but not far off either).

As I say, I’ll be looking into this more if I get the time, as the ideas are very loose right now, however, I should imagine it won’t be too hard to attain some reasonable level of security. Together with a little DSL this could make a very neat (and immediately extensible over the wire) remote control or remote data recovery system, with no dependencies.

I’m sure it’s easy to make a similar thing for *nix, in fact, I have vague recollections of a .sh version of a similar tool lying around somewhere too.

So the plan:

1. Look at tryruby, sandbox and whatever else may be relevant.
2. Build in SSL support if it doesn’t work already.
3. Build an authentication mechanism (maybe some crazy extras here)
4. Load up a server somewhere safe (maybe, in it’s own xen vm )
5. Give some of those goony linux sysadmins wet dreams

If I build it up to anything really useful, I’ll release it. I’m obviously concerned about security, but equally, in this case (or this direction of use) we’re intending to open a hole. I just want some strong authentication and traffic protection before I’d let anyone else ‘go wild’.

Does anyone use anything like this in ruby (considering how many of these kinds of things are out there)?

Maybe I’ll refactor this post to be more succinct or make more sense later. But for now, I don’t care. It’s a hack and I think it’s cool.

Keep up the good work _why.

Update: Found a bug in the code, pointed out from the original fix mentioned in comment 3. The string replace was actually not running across the whole string, even in _why original version. The the first argument to replace actually needs to be /\+/g rather than ‘+’.

Thanks to anyone who submits any more bug reports, as this really isn’t something I’m spending time on right now