When doing some web maintenance today, I noticed a strange new folder on my GoDaddy hosting account at the root level named "dbboon", with a single file inside, called proxy.php. It's code is listed below, and seems to be some sort of proxy function.
I was kind of troubled because I didn't put it there. I googled all this to learn more, but didn't find anything, except for the proxy file happened to be also stored at pastebin.com: http://pastebin.com/PQsSPbCr
I called GoDaddy and they confirmed that it belonged to them, said it was put there by their advanced hosting group for testing purposes but didn't have any more information. I thought this was all really weird: why would they put something in my folder without giving me a heads-up, and why would they need to do something like this?
anybody know anything about this?
<?php
$version = '1.2';
if(isset($_GET['dbboon_version'])) {
echo '{"version":"' . $version . '"}';
exit;
}
function dbboon_parseHeaders($subject) {
global $version;
$subject = trim($subject);
$parsed = Array();
$len = strlen($subject);
$position = $field = 0;
$position = strpos($subject, "\r\n") + 2;
while(isset($subject[$position])) {
$nextC = strpos($subject, ':', $position);
$fieldName = substr($subject, $position, ($nextC-$position));
$position += strlen($fieldName) + 1;
$fieldValue = NULL;
while(1) {
$nextCrlf = strpos($subject, "\r\n", $position - 1);
if(FALSE === $nextCrlf) {
$t = substr($subject, $position);
$position = $len;
} else {
$t = substr($subject, $position, $nextCrlf-$position);
$position += strlen($t) + 2;
}
$fieldValue .= $t;
if(!isset($subject[$position]) || (' ' != $subject[$position] && "\t" != $subject[$position])) {
break;
}
}
$parsed[strtolower($fieldName)] = trim($fieldValue);
if($position > $len) {
echo '{"result":false,"error":{"code":4,"message":"Communication error, unable to contact proxy service.","version":"' . $version . '"}}';
exit;
}
}
return $parsed;
}
if(!function_exists('http_build_query')) {
function http_build_query($data, $prefix = '', $sep = '', $key = '') {
$ret = Array();
foreach((array) $data as $k => $v) {
if(is_int($k) && NULL != $prefix) {
$k = urlencode($prefix . $k);
}
if(!empty($key) || $key === 0) {
$k = $key . '[' . urlencode($k) . ']';
}
if(is_array($v) || is_object($v)) {
array_push($ret, http_build_query($v, '', $sep, $k));
} else {
array_push($ret, $k . '=' . urlencode($v));
}
}
if(empty($sep)) {
$sep = '&';
}
return implode($sep, $ret);
}
}
$host = 'dbexternalsubscriber.secureserver.net';
$get = http_build_query($_GET);
$post = http_build_query($_POST);
$url = $get ? "?$get" : '';
$fp = fsockopen($host, 80, $errno, $errstr);
if($fp) {
$payload = "POST /embed/$url HTTP/1.1\r\n";
$payload .= "Host: $host\r\n";
$payload .= "Content-Length: " . strlen($post) . "\r\n";
$payload .= "Content-Type: application/x-www-form-urlencoded\r\n";
$payload .= "Connection: Close\r\n\r\n";
$payload .= $post;
fwrite($fp, $payload);
$httpCode = NULL;
$response = NULL;
$timeout = time() + 15;
do {
while($line = fgets($fp)) {
$response .= $line;
if(!trim($line)) {
break;
}
}
} while($timeout > time() && NULL === $response);
$headers = dbboon_parseHeaders($response);
if(isset($headers['transfer-encoding']) && 'chunked' === $headers['transfer-encoding']) {
do {
$cSize = $read = hexdec(trim(fgets($fp)));
while($read > 0) {
$buff = fread($fp, $read);
$read -= strlen($buff);
$response .= $buff;
}
$response .= fgets($fp);
} while($cSize > 0);
} else {
preg_match('/Content-Length:\s([0-9]+)\r\n/msi', $response, $match);
if(!isset($match[1])) {
echo '{"result":false,"error":{"code":3,"message":"Communication error, unable to contact proxy service.","version":"' . $version . '"}}';
exit;
} else {
while($match[1] > 0) {
$buff = fread($fp, $match[1]);
$match[1] -= strlen($buff);
$response .= $buff;
}
}
}
fclose($fp);
if(!$pos = strpos($response, "\r\n\r\n")) {
echo '{"result":false,"error":{"code":2,"message":"Communication error, unable to contact proxy service.","version":"' . $version . '"}}';
exit;
}
echo substr($response, $pos + 4);
} else {
echo '{"result":false,"error":{"code":1,"message":"Communication error, unable to contact proxy service.","version":"' . $version . '"}}';
exit;
}
Source: Tips4all
It looks like the code tests a connection to dbexternalsubscriber.secureserver.net and returns the result in some sort of JSON output. It could be used as some type of connection tester. I've heard less than stellar things about GoDaddy hosting, but reputation aside I would delete it, if you can. Also, check your .htaccess file for any changes that might reflect this code.
ReplyDeleteI noticed the same folder/file in my GoDaddy hosting after being notified they were migrating my account to another server.. the reply from GoDaddy when I asked about it was "Please note that this directory was added by us during the migration and should be left in-tact, as it adds to the functionality of your hosting plan."
ReplyDeleteWhen I pressed them further as to what it does the reply was "The file and directory in question are added as part of a security feature that will be standard for all new accounts. Unfortunately we are unable to disclose the exact purpose. We apologize for the inconvenience, however we appreciate your understanding."
Sounded like crap to me at the time.. anyone else?
SteveAx
I found this as well on a newish account. In looking over the script it appears to be a remote script that could take the output of your site and place it into whatever package the remote server requests. The function is called payload.
ReplyDeleteThere could be and likely are very good reasons for having the file on your server however the lack of documentation combined with the responsibility everyone has over their own server makes this file a potential problem.
It can be deleted, it's not forcefully protected by Godaddy.
With the appointment of a US internet security czar and the lack of documentation detailing WHO controls and has access to the remote server in the script it could also be part of a nationwide attempt to protect the net (or filter it) or??
Why can't Godaddy not just document and post exact details about the file ??
I would delete it.
ReplyDeleteYou are responsible for any code thats on your server. If their security obscurity protocol demands they not tell you what it is, delete it!
I deleted them and my site started working again.
ReplyDeleteI had the same folder (dbboon) and file (proxy.php) and that had my site returning a 500 error completely breaking it.
After comparing a previous working version with the current site I found those two differences that looked suspicious. I deleted them and all worked fine.
When I contacted GoDaddy I was told that certain features that use "widgets" on the site required that in order to work properly. Since I didn't have any such features, they were breaking my site.
access_db appears if you request a directory for an access database in your control panel. Then you need to use that directory for your access database, so proper permissions are set and so that no one can download the entire database.
ReplyDeleteI noticed this the mysterious dbboon in my GoDaddy root today. I called them and was told it probably had something to do with Wordpress which I had installed recently. Also installed a contact widget today. I, like many I suppose, don't like it when things just kinda 'appear' in the root. However, I will take GoDaddy at their word on this one.
ReplyDeleteI found this file as well but, found a php5.ini file tha set PHP5(fastcgi). I deleted both. They appeared when I installed programs from the Hosting Connection software installer.
ReplyDeleteCheck out this link to a Godaddy support page that explains the what the dbboon directory is for and what the proxy.php file does.
ReplyDeleteCraig
http://community.godaddy.com/help/article/5992
that is the proxy file needed by easy database if you were to use it on your website. For example, you create an inventory database, you can implant the search bar on your website and it will search for records in your database. I'm currently trying to figure out how to add it to my website so if anyone knows how to please let me know. I'm using the free 5 page setup. Don't really want to upgrade.
ReplyDeleteYou can delete this folder if you desire. It's not needed unless you use easy database for websites.