Hacker Newsnew | comments | show | ask | jobs | submitlogin
Asteroids JavaScript Bookmarklet to blow up any web site (github.com)
684 points by stevefink 1642 days ago | 74 comments



Awesome. Now someone needs to combine it with websockets/node.js (or similar) so I can see the other players on the same page!

-----


Exactly what you wanted: http://realitymachine.net/asteroids.html

And the HN article, if you want to drum up some more players: http://news.ycombinator.com/item?id=1738543

I hacked together a very (very) basic multiplayer with a paper-thin node.js server in coffeescript.

Yes, really: http://github.com/cushman/asteroids.js

It might deserve a newspost of its own, but I'd like to have a working server running so people can actually, you know, use it. Unfortunately, I haven't thought to get node running on my VPS before now, and it's almost 02:00 here...

-----


So who is up for a shootout on HN? Or were do the asteroiders hang out?

Maybe something like Twitter, where new stuff to shoot appears on a constant basis?

-----


Awesome. Good work!

-----


It'd definitely put a new bent on up or down voting comments. I'm using it to blow away the comments.

-----


collaborative ad filtering

-----


Finally, Farmville can get what it has coming to it.

-----


Hm, thinking about writing defence script to my sites and start js-war.

-----


Surround important elements with DOM shielding...

-----


How did I live for so long without this?

-----


Holy crap, I had an extremely similar idea last month for a bookmarklet that let you machine gun and blow up pages. In fact, it's sitting half complete in a projects folder. Erkie, get out of my head!!!!

At least it's open source, so I guess I can fork it and add in my ideas.

-----


Same here! Except instead of blowing up the page, you shoot at links to follow them. Also, fog that is revealed as you move around, minimap, etc. Maybe this can spark some more ideas?

http://tanksurfing.appspot.com/

-----


Don't feel bad - this idea is pretty old. A program called "Desktop Toys" from the Win95 era comes to mind, and there are probably more examples.

-----


Actually, my memory of Desktop Toys is what was basing it on :)

I didn't realize it was that popular.

-----


ideas are cheap :)

-----


"Perfection is achieved, not when there is nothing more to add, but when there is nothing left to take away." - Antoine de Saint Exupery.

I think these Asteroids are a fun to use, web design tool to cut out what is not necessary. :))

-----


This + the AutoPager extension for Chrome = infinite game

-----


I wish I could give this comment more points. It's a blast!

-----


Not only great, in a few situations it's a useful and fun way to 'cross off' content on a site you don't need to see anymore. Like stories you wish were not on hacker news.

-----


what an awesome stress reliever. now i can get points for destroying facebook.

-----


Protip for the paranoid: the author could nab your session cookie at the same time, too! :)

-----


Could, but doesn't: http://github.com/erkie/erkie.github.com/blob/master/asteroi...

Though, it appears he was trying to implement high scores, which would send some information to another site, including document.location.href, but it is commented out in the version I linked, and removed in the minified version.

-----


> Could, but doesn't

Could, but doesn't yet.

If you're not locally rehosting the 'known-good' version that you just audited, you're not being paranoid enough.

-----


If you're on the internet, you're not being paranoid enough.

Though that's a good reminder :) Thanks for pointing it out!

-----


Heh, yeah, when I saw it earlier I wondered how successfully people could use an approach like this to social engineer people in such a manner. Glad I'm not the only paranoid one. :)

-----


Use HttpOnly on critical cookies!

-----


Okay, sure. :)

A new protip for the paranoid: the author could phish the snot out of you with an overlay that made it look like Facebook needed a re-login, too!

-----


Use Secure Login for Firefox! https://addons.mozilla.org/firefox/addon/4429

(lol, seriously though, it highlights "real" login fields based on domain for the page/frame which can't be spoofed and does a one-click login rather than typing it in - you can't get "fooled" because you should never be typing anything)

-----


This is awesome! Too bad I'm the only one in the office at the moment...I guess I'll just go blow up Stackoverflow until somebody comes back.

-----


Now, this is an ad-blocker with style.

-----


Now to see something like this work with a net-enabled 3D television.

-----


The HN homepage is very reliant on everything being there. One shot to a number did this: http://skitch.com/jackowayed/d29n5/hn-ass-kicked

-----


Tables for layout will do that.

-----


Another disadvantage to tables for layout, they are weak against attack!

-----


This is one of the most creative time sinks I've ran across in a while, had to link it here.

-----


use the bookmarklet mutliple times on the same page if you like armageddon-style destruction

-----


The TDs didn't last long.

-----


Someone should add touch events so it works on iPad / iPhone.

-----


Not a bad idea. Trying to think through them. I might mess with this today. Too bad you couldn't get the entire page to tilt/rotate, or you could use the motion sensor too.

-----


Fun, and it doubles as an easy way to spot table layouts.

-----


Spot....and kill them

-----


It's oddly non-deterministic. Add two ships and fly around a bit. They're paths will quickly diverge.

-----


It's not that it's non-deterministic, it's just that, since your javascript interpreter doesn't execute each instance and its event handlers in parallel, each instance will receive slightly different inputs. This is because the number of times each instance's main loop fires before its keyup/down handler gets called will vary.

If you load up, say, 6 instances, hold the up button for a while to get them up to full speed, then turn for 4 or 5 seconds and let go, they'll be a bit divergent, but not too badly. They should all be going roughly the same direction, and wrapping around at roughly the same time.

If you load up 6 instances again, hold the up button for a while, and then turn back and forth very rapidly for a short period of time, they'll be much more divergent.

-----


I'm surprised no one has commented on the security issue about the bookmarklet allowing javascript to be placed/executed on any website... I can see the next wave of session hijacking in the making. Your DOM is not safe ;]

-----


Let's have a leader board for every site with Points accumulated/second. "Kunjan Killed this site with a score of 1700". Are headings and hidden fields worth more points?

-----


Reminds me of Quelsolaar's excellent toolkit for his LOVE game: http://www.quelsolaar.com/love/tool_video.html

It also has Asteroids integrated in a similar way, as shown at around 70% into the video (unfortunately the video doesn't have a timecode, but it's worth watching in its entirety anyway.)

-----


The best bookmarklet I've had since Readability!

-----


This should be integrated in Adblock. Adding filters by blasting the ads you don't like actually sounds fun.

-----


this wins 2010's most innovative app ever

-----


It's even more fun if you load several copies - they are choreographed!

-----


Nice! Maybe it can be hooked up to a gmail or facebook stream to literally "destroy" spam or unwanted messages... email cleanliness could be a few laser shots away :-)

-----


Facebook profile pages are pretty fun to destroy.

-----


Does anyone want to explain how this works? I had no idea dragging onto a tab could start up javascript on a page. It's amazing!

-----


Here is an example that will search hacker news (via google). This is based on the wikipedia example:

javascript:function se(d) {return d.selection ? d.selection.createRange().text : d.getSelection()} s = se(document); for (i=0; i<frames.length && !s; i++) s = se(frames[i].document); if (!s || s=='') s = prompt('Enter%20search%20terms%20for%20HackerNews',''); var goo = 'http:'; var g = '//'; var le = 'www.google.com/'; open(goo + g + le + (s ? '#q=site%3Anews.ycombinator.com ' + encodeURIComponent(s) : '')).focus();

-----


What you're talking about has been around forever, and is called a "bookmarklet"

http://en.wikipedia.org/wiki/Bookmarklet

-----


What a terrible explanation..

-----


I thought it was bad too, so I blew the shit out of it!

-----


Awesome. Doesn't seem to work on Gmail.

-----


Interesting. It worked great on google reader. On Gmail I can sometimes get to the point where I can thrust & fire, but as soon as I destroy anything the gmail client seems to reset itself.

-----


Interesting, it does work on the "basic HTML" version of Gmail. For me it seems like the "keyboard shortcut" functionality gets in the way of controller the "ship"

-----


This is one of those creations which seems so obvious after it has been made. Good Job!

-----


This guy better get a job offer from Chad Hurley. Seriously though...genius idea.

-----


This is absolutely brilliant.

-----


It would be awesome to add some js to a website you own to spawn a computer controlled defender if someone uses this script on your site.

-----


I wrote a defense: http://github.com/bl4k/astroid-defense

(bit scrappy, 10 min of code, but funny)

(test it by running asteroids on this page: http://bl4k.github.com/)

-----


ha nice one, but astley video is blocked.

-----


Nooo! You're spoiling it for everyone who hasn't seen it yet!

-----


Eh, I clicked the link without reading the replies :[

-----


Got 4880 points for blowing up current HN new links.

-----


Simply ingenious :) Loved the idea!

-----


Best used on clients web sites =)

-----


yahoo was a great site to play on. endless targets.

-----


so many container divs on twitter to blow through!

-----


Try it on John Gruber's Daring Fireball. Everything collapses quite nicely and it's fun to start at the top and then shoot everything as you go down!

-----




Applications are open for YC Summer 2015

Guidelines | FAQ | Support | API | Lists | Bookmarklet | DMCA | Y Combinator | Apply | Contact

Search: