Mysterious dbboon folder with proxy.php file on my godaddy account

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by Paul on Stack Overflow See other posts from Stack Overflow or by Paul
Published on 2010-04-20T23:16:44Z Indexed on 2010/04/20 23:23 UTC
Read the original article Hit count: 2529

Filed under:

When doing some web maintenance today, I noticed a strange new folder on my GoDaddy hosting account at the root level named "dbboon", with a single file inside, called proxy.php. It's code is listed below, and seems to be some sort of proxy function.

I was kind of troubled because I didn't put it there. I googled all this to learn more, but didn't find anything, except for the proxy file happened to be also stored at pastebin.com: http://pastebin.com/PQsSPbCr

I called GoDaddy and they confirmed that it belonged to them, said it was put there by their advanced hosting group for testing purposes but didn't have any more information. I thought this was all really weird: why would they put something in my folder without giving me a heads-up, and why would they need to do something like this?

anybody know anything about this? 

<?php

$version = '1.2';

if(isset($_GET['dbboon_version'])) {
echo '{"version":"' . $version . '"}';
exit;
}

function dbboon_parseHeaders($subject) {

global $version;

$subject = trim($subject);
$parsed = Array();
$len = strlen($subject);
$position = $field = 0;
$position = strpos($subject, "\r\n") + 2;

while(isset($subject[$position])) {

$nextC = strpos($subject, ':', $position);
$fieldName = substr($subject, $position, ($nextC-$position));
$position += strlen($fieldName) + 1;
$fieldValue = NULL;

while(1) {
  $nextCrlf = strpos($subject, "\r\n", $position - 1);
  if(FALSE === $nextCrlf) {
    $t = substr($subject, $position);
    $position = $len;
  } else {
    $t = substr($subject, $position, $nextCrlf-$position);
    $position += strlen($t) + 2;
  }

  $fieldValue .= $t;
  if(!isset($subject[$position]) || (' ' != $subject[$position] && "\t" !=    $subject[$position])) {
    break;
  }
}

$parsed[strtolower($fieldName)] = trim($fieldValue);
if($position > $len) {
  echo '{"result":false,"error":{"code":4,"message":"Communication error, unable to contact proxy service.","version":"' . $version . '"}}';
  exit;
}
}
return $parsed;
}

if(!function_exists('http_build_query')) {
function http_build_query($data, $prefix = '', $sep = '', $key = '') {
$ret = Array();
foreach((array) $data as $k => $v) {
  if(is_int($k) && NULL != $prefix) {
    $k = urlencode($prefix . $k);
  }
  if(!empty($key) || $key === 0) {
    $k = $key . '[' . urlencode($k) . ']';
  }
  if(is_array($v) || is_object($v)) {
    array_push($ret, http_build_query($v, '', $sep, $k));
  } else {
    array_push($ret, $k . '=' . urlencode($v));
  }
}
if(empty($sep)) {
  $sep = '&';
}
return implode($sep, $ret);
}
}

$host = 'dbexternalsubscriber.secureserver.net';
$get  = http_build_query($_GET);
$post = http_build_query($_POST);
$url = $get ? "?$get" : '';
$fp = fsockopen($host, 80, $errno, $errstr);

if($fp) {

$payload  = "POST /embed/$url HTTP/1.1\r\n";
$payload .= "Host: $host\r\n";
$payload .= "Content-Length: " . strlen($post) . "\r\n";
$payload .= "Content-Type: application/x-www-form-urlencoded\r\n";
$payload .= "Connection: Close\r\n\r\n";
$payload .= $post;

fwrite($fp, $payload);

$httpCode = NULL;
$response = NULL;
$timeout = time() + 15;

do {
while($line = fgets($fp)) {
  $response .= $line;
  if(!trim($line)) {
    break;
  }
}
} while($timeout > time() && NULL === $response);

$headers = dbboon_parseHeaders($response);
if(isset($headers['transfer-encoding']) && 'chunked' === $headers['transfer-encoding']) {
do {
  $cSize = $read = hexdec(trim(fgets($fp)));
  while($read > 0) {
    $buff = fread($fp, $read);
    $read -= strlen($buff);
    $response .= $buff;
  }
  $response .= fgets($fp);
} while($cSize > 0);
} else {
preg_match('/Content-Length:\s([0-9]+)\r\n/msi', $response, $match);
if(!isset($match[1])) {
  echo '{"result":false,"error":{"code":3,"message":"Communication error, unable to  contact proxy service.","version":"' . $version . '"}}';
  exit;
} else {
  while($match[1] > 0) {
    $buff = fread($fp, $match[1]);
    $match[1] -= strlen($buff);
    $response .= $buff;
  }
}
}

fclose($fp);

if(!$pos = strpos($response, "\r\n\r\n")) {
echo '{"result":false,"error":{"code":2,"message":"Communication error, unable to contact proxy service.","version":"' . $version . '"}}';
exit;
}

echo substr($response, $pos + 4);

} else {
echo '{"result":false,"error":{"code":1,"message":"Communication error, unable to  contact proxy service.","version":"' . $version . '"}}';
exit;
}

© Stack Overflow or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about godaddy

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle