Quick reminder before I go any further. Definition of hacking in my book is, using something for a purpose other than what it was intended for. This is not some crazy sql injection where I stole a gabazillion usernames and passwords that match password123 which I promptly dumped onto pastebin. This was simply an intuitive use that I pushed out of a product that really wasn’t built with that purpose in mind.
A Quick Introduction to Spool
For the uninitiated and those who did not actively watch the videos of the TC disrupt competition, Spool is, in the words of TC itself, Instapaper on steroids. For the even more uninitiated, Instapaper is a service which allows you to save web pages to read later where the pages you save and read are synced across various devices. Instapaper and Spool share a very similar purpose (as do a plethora of Instapaper clones out there) and even execute in a very similar manner with users being able to save web pages both across their mobile devices as well as via Google Chrome using an extension. While most of the clones of Instapaper do the same thing, Spool takes a more advanced approach in not only saving a web page and syncing it to your device but in also making the web more readable. It uses an AI engine in the backend that reads the document like a human would and gets the necessary text (major time saver when it works on paginated articles). But most important is that it takes videos on the web page you wanted to save and converts it to a format that plays smoothly on your mobile device. In fact, given the language used in the app where upon saving the web page it says “recording…” I have a feeling that this was meant to be The killer feature in Spool.
The unique way Spool records
At first I wondered how Spool does the recording. I was thinking maybe they act as a download accelerator of sorts and simply rip the video out of wherever it is saved. I was surprised however, when I saved a Techcrunch TV article and found that instead of just the video, I was actually watching a video of the TCTV video playing inside TC player. Let me rephrase. Instead of just the raw video, I was actually watching the player on the Techcrunch website, playing the video. This meant that I could see the 3 second ad before, the play and pause button, the little tabs on top displaying the various categories and it was literally how I would see the player on the screen when looking at it with my own two eyes. What the AI engine was doing was actually taking a screencast of the video after having pressed play too. To be honest, I was mind blown. This just seemed really really advanced and in fact quite a cool solution to me. And then I saw the hack in front of my eyes.
Hulu around the world.
I live in Sri Lanka. That is a fact. Hulu, is not available in Sri Lanka. That is also a fact. The only solutions to this are to either use a proxy server (unreliable and after using fiddler to monitor traffic I feel better off without them) OR to use a VPN (setting up is not for the layman. In fact I borrowed my friends VPN connection to use Hulu). That is also a fact. Spool like most good startups these days, especially one that clearly needs a bit of horsepower like what Spool must require, uses Amazon EC2 or Rackspace for their hosting needs. That is an assumption. What is not an assumption is that these servers are located within the United States. I hope that that is a fact. Therefore, surely, Spool’s cute little AI bot with its excellent peripheral vision must be able to access Hulu instead of me. A quick search on Hulu for Naruto’s latest EP (I received the message, “Sorry Hulu is not available in your country. We are racists”) showed up. No problem! I clicked the spool extension icon and a few seconds later I found it recording in my queued list. This step is a waiting one since whatever video you add has to actually play fully. So if you put a 20 minute video to play it actually records all 20 minutes and will therefore take 20 minutes to complete. (I didn’t repeat it for this article but you can try it yourself). And 20 minutes later, the episode downloads on to my device and tadaaa
Yes, Sasuke can haz your kittens for breakfast :D
This goes even further. Using a very intuitive feature that lets the user click on a link within a spooled article to save to spool directly I can then use the rest of the web page that got saved to actually navigate the entire Naruto directory on Hulu.
Taking it a step further
Well what’s the thing that’s blocked in countries that people really want to look at? Facebook. What? You thought it was porn? That’s the second on the list. Well this provides an obvious use case for porn anyway so let’s go with it. Yes I know you saw this coming. But I thought it was important since it happens in a rather strange way. I asked my friend what porn sites have been blocked in Sri Lanka and I settled for xvideos. Check this out.
Don’t hate on IIS7 for being on my localhost. But this is where xvideos.com directs. Notice the Spool extension primed and ready on top.
By George! Saved to your Spool… “IIS7”. Well that’s useful isn’t it.
Turns out it is useful. And you know what’s even more useful than the homepage? The links from it to other videos and other pages to browse. Yeps. If you do Spool those links you’ll find porn delivered straight to your phone.
Enjoy the ‘hack’. I’m not entirely sure this is what the Spool team would want since this probably puts a lot of strain on their servers to essentially be a download center for a bunch of people so do go easy on them.
I didn’t bother going into the data to try and retrieve the videos to watch on a larger screen since I couldn’t be bothered. If anyone else wants to give it a go let me know the results
If you like what you read do give me a follow on Twitter @area51research.