<分区>
今天在做一些网络维护时,我注意到我的 GoDaddy 主机帐户上有一个名为“dbboon”的根目录下的一个奇怪的新文件夹,里面有一个名为 proxy.php 的文件。它的代码如下所示,似乎是某种代理功能。
我有点苦恼,因为我没有把它放在那里。我用谷歌搜索了所有这些以了解更多信息,但没有找到任何东西,除了代理文件恰好也存储在 pastebin.com 上:http://pastebin.com/PQsSPbCr
我调用 GoDaddy,他们确认它属于他们,说它是由他们的高级托管组放在那里用于测试目的,但没有更多信息。 我觉得这一切真的很奇怪:为什么他们会在没有提醒我的情况下把东西放在我的文件夹里,为什么他们需要做这样的事情?
有人知道吗?
<?php
$version = '1.2';
if(isset($_GET['dbboon_version'])) {
echo '{"version":"' . $version . '"}';
exit;
}
function dbboon_parseHeaders($subject) {
global $version;
$subject = trim($subject);
$parsed = Array();
$len = strlen($subject);
$position = $field = 0;
$position = strpos($subject, "\r\n") + 2;
while(isset($subject[$position])) {
$nextC = strpos($subject, ':', $position);
$fieldName = substr($subject, $position, ($nextC-$position));
$position += strlen($fieldName) + 1;
$fieldValue = NULL;
while(1) {
$nextCrlf = strpos($subject, "\r\n", $position - 1);
if(FALSE === $nextCrlf) {
$t = substr($subject, $position);
$position = $len;
} else {
$t = substr($subject, $position, $nextCrlf-$position);
$position += strlen($t) + 2;
}
$fieldValue .= $t;
if(!isset($subject[$position]) || (' ' != $subject[$position] && "\t" != $subject[$position])) {
break;
}
}
$parsed[strtolower($fieldName)] = trim($fieldValue);
if($position > $len) {
echo '{"result":false,"error":{"code":4,"message":"Communication error, unable to contact proxy service.","version":"' . $version . '"}}';
exit;
}
}
return $parsed;
}
if(!function_exists('http_build_query')) {
function http_build_query($data, $prefix = '', $sep = '', $key = '') {
$ret = Array();
foreach((array) $data as $k => $v) {
if(is_int($k) && NULL != $prefix) {
$k = urlencode($prefix . $k);
}
if(!empty($key) || $key === 0) {
$k = $key . '[' . urlencode($k) . ']';
}
if(is_array($v) || is_object($v)) {
array_push($ret, http_build_query($v, '', $sep, $k));
} else {
array_push($ret, $k . '=' . urlencode($v));
}
}
if(empty($sep)) {
$sep = '&';
}
return implode($sep, $ret);
}
}
$host = 'dbexternalsubscriber.secureserver.net';
$get = http_build_query($_GET);
$post = http_build_query($_POST);
$url = $get ? "?$get" : '';
$fp = fsockopen($host, 80, $errno, $errstr);
if($fp) {
$payload = "POST /embed/$url HTTP/1.1\r\n";
$payload .= "Host: $host\r\n";
$payload .= "Content-Length: " . strlen($post) . "\r\n";
$payload .= "Content-Type: application/x-www-form-urlencoded\r\n";
$payload .= "Connection: Close\r\n\r\n";
$payload .= $post;
fwrite($fp, $payload);
$httpCode = NULL;
$response = NULL;
$timeout = time() + 15;
do {
while($line = fgets($fp)) {
$response .= $line;
if(!trim($line)) {
break;
}
}
} while($timeout > time() && NULL === $response);
$headers = dbboon_parseHeaders($response);
if(isset($headers['transfer-encoding']) && 'chunked' === $headers['transfer-encoding']) {
do {
$cSize = $read = hexdec(trim(fgets($fp)));
while($read > 0) {
$buff = fread($fp, $read);
$read -= strlen($buff);
$response .= $buff;
}
$response .= fgets($fp);
} while($cSize > 0);
} else {
preg_match('/Content-Length:\s([0-9]+)\r\n/msi', $response, $match);
if(!isset($match[1])) {
echo '{"result":false,"error":{"code":3,"message":"Communication error, unable to contact proxy service.","version":"' . $version . '"}}';
exit;
} else {
while($match[1] > 0) {
$buff = fread($fp, $match[1]);
$match[1] -= strlen($buff);
$response .= $buff;
}
}
}
fclose($fp);
if(!$pos = strpos($response, "\r\n\r\n")) {
echo '{"result":false,"error":{"code":2,"message":"Communication error, unable to contact proxy service.","version":"' . $version . '"}}';
exit;
}
echo substr($response, $pos + 4);
} else {
echo '{"result":false,"error":{"code":1,"message":"Communication error, unable to contact proxy service.","version":"' . $version . '"}}';
exit;
}