1.下载并安装Tor

在Parrot中或Kali中直接用apt安装

apt-get update && apt-get install tor

2.下载并安装obfs4

apt-get install obfs4proxy

3.配置Tor Bridges

在Parrot中的配置文件：

SocksPort 9050
SocksListenAddress 127.0.0.1:9050  #为SOCKS代理地址
ClientOnly 1
#VirtualAddrNetwork 10.192.0.0/10
DNSPort 53
DNSListenAddress 127.0.0.1
AutomapHostsOnResolve 1
AutomapHostsSuffixes .onion,.exit
TransPort 9040
TransListenAddress 127.0.0.1
Log notice file /var/log/tor/notices.log
RunAsDaemon 1
ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy managed
UseBridges 1
Bridge obfs4 194.132.208.5:30581 7ED2B054B0E265BC10E3E277F4C0093455E87181 cert=Jm5OAs3DNqSsrsKBFAZzbaq/c7fq9M8+mxJXAO4ohUp0xFeImzxuEJmiT1mk0hAicTw0KA iat-mode=0
Bridge obfs4 155.94.238.154:443 F90B999AF1B4A0F5EEDA2E7E131A892609D7243D cert=NRCBE4aF9XCyRs3T5f8g5gzDV+Mj4oEFHx2prmSrz6vOni4H9BIxGSMIH6KK6H1SMATCEw iat-mode=0
Bridge obfs4 209.141.35.221:33965 A5BE53F078FC472002791D8C037D189EDEB6DE06 cert=jlzZIUA1z7ILTpUsgliL4ulissYmolqKxufObRQiObe0wPDYtPsDxuRrlr/r/QLwrgg+Vw iat-mode=0

其中网桥需要bridges@torproject.org发送邮件申请，其主题和内容为get transport obfs4，obfs4可换成其他类型网桥。

4.重启Tor

service tor restart

成功连接网桥之后可看到notices.log中有详细的信息：

Jun 18 23:02:15.000 [notice] Interrupt: exiting cleanly.
Jun 18 23:02:16.000 [notice] Tor 0.2.9.11 (git-572f4570e1771890) opening log file.
Jun 18 23:02:16.225 [warn] OpenSSL version from headers does not match the version we're running with. If you get weird crashes, that might be why. (Compiled with 1010006f: OpenSSL 1.1.0f  25 May 2017; running with 1010005f: OpenSSL 1.1.0e  16 Feb 2017).
Jun 18 23:02:16.242 [notice] Tor 0.2.9.11 (git-572f4570e1771890) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.1.0e and Zlib 1.2.8.
Jun 18 23:02:16.242 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Jun 18 23:02:16.242 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
Jun 18 23:02:16.242 [notice] Read configuration file "/etc/tor/torrc".
Jun 18 23:02:16.245 [warn] The SocksListenAddress option is deprecated, and will most likely be removed in a future version of Tor. Use SocksPort instead. (If you think this is a mistake, please let us know!)
Jun 18 23:02:16.245 [warn] The DNSListenAddress option is deprecated, and will most likely be removed in a future version of Tor. Use DNSPort instead. (If you think this is a mistake, please let us know!)
Jun 18 23:02:16.245 [warn] The TransListenAddress option is deprecated, and will most likely be removed in a future version of Tor. Use TransPort instead. (If you think this is a mistake, please let us know!)
Jun 18 23:02:16.245 [notice] Opening Socks listener on 127.0.0.1:9050
Jun 18 23:02:16.245 [notice] Opening DNS listener on 127.0.0.1:53
Jun 18 23:02:16.245 [notice] Opening Transparent pf/netfilter listener on 127.0.0.1:9040
Jun 18 23:02:16.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip.
Jun 18 23:02:16.000 [notice] Parsing GEOIP IPv6 file /usr/share/tor/geoip6.
Jun 18 23:02:16.000 [notice] Bootstrapped 0%: Starting
Jun 18 23:02:16.000 [notice] Delaying directory fetches: No running bridges
Jun 18 23:02:16.000 [notice] Signaled readiness to systemd
Jun 18 23:02:17.000 [notice] Opening Control listener on /var/run/tor/control
Jun 18 23:02:18.000 [notice] Bootstrapped 5%: Connecting to directory server
Jun 18 23:02:18.000 [notice] Bootstrapped 10%: Finishing handshake with directory server
Jun 18 23:02:19.000 [notice] Bootstrapped 15%: Establishing an encrypted directory connection
Jun 18 23:02:19.000 [notice] Bootstrapped 20%: Asking for networkstatus consensus
Jun 18 23:02:19.000 [notice] Bridge 'Unnamed' has both an IPv4 and an IPv6 address.  Will prefer using its IPv4 address (155.94.238.154:443) based on the configured Bridge address.
Jun 18 23:02:19.000 [notice] new bridge descriptor 'Unnamed' (fresh): $F90B999AF1B4A0F5EEDA2E7E131A892609D7243D~Unnamed at 155.94.238.154
Jun 18 23:02:19.000 [notice] I learned some more directory information, but not enough to build a circuit: We have no usable consensus.
Jun 18 23:02:21.000 [notice] Bootstrapped 25%: Loading networkstatus consensus
Jun 18 23:02:34.000 [notice] I learned some more directory information, but not enough to build a circuit: We have no usable consensus.
Jun 18 23:02:34.000 [notice] Bootstrapped 40%: Loading authority key certs
Jun 18 23:02:35.000 [notice] Bootstrapped 45%: Asking for relay descriptors
Jun 18 23:02:35.000 [notice] I learned some more directory information, but not enough to build a circuit: We need more microdescriptors: we have 0/7216, and can only build 0% of likely paths. (We have 0% of guards bw, 0% of midpoint bw, and 0% of exit bw = 0% of path bw.)
Jun 18 23:02:35.000 [notice] Bootstrapped 50%: Loading relay descriptors
Jun 18 23:03:52.000 [warn] Rejecting request for anonymous connection to private address [scrubbed] on a TransPort or NATDPort.  Possible loop in your NAT rules?
Jun 18 23:04:09.000 [notice] Bootstrapped 57%: Loading relay descriptors
Jun 18 23:04:09.000 [notice] Bootstrapped 64%: Loading relay descriptors
Jun 18 23:04:09.000 [notice] Bootstrapped 74%: Loading relay descriptors
Jun 18 23:04:09.000 [notice] Bootstrapped 80%: Connecting to the Tor network
Jun 18 23:04:10.000 [notice] Bootstrapped 90%: Establishing a Tor circuit
Jun 18 23:04:12.000 [notice] Tor has successfully opened a circuit. Looks like client functionality is working.
Jun 18 23:04:12.000 [notice] Bootstrapped 100%: Done
Jun 18 23:04:27.000 [warn] Proxy Client: unable to connect to 209.141.35.221:33965 ("general SOCKS server failure")
Jun 18 23:04:27.000 [warn] Proxy Client: unable to connect to 194.132.208.5:30581 ("general SOCKS server failure")
Jun 18 23:08:55.000 [warn] Rejecting request for anonymous connection to private address [scrubbed] on a TransPort or NATDPort.  Possible loop in your NAT rules? [337 similar message(s) suppressed in last 300 seconds]

其中的proxychains是默认有9050端口代理的，如果没有在/etc/proxychains.conf中添加：

socks4     127.0.0.1 9050

最后使用proxychains启动火狐浏览器，直接使用Tor代理上网，也可在Chrome中的SwitchySharp设置IP为127.0.0.1、端口为9050的SOCKS代理

proxychains fixefor

PandoraBox连接vpn时出现错误Non-zero Async Control Character Maps are not supported! 其大概意思是不支持非零Async控制字符映射！

Wed May 10 21:19:44 2017 daemon.info pppd[3806]: Using interface pptp-vpn135
Wed May 10 21:19:44 2017 daemon.notice pppd[3806]: Connect: pptp-vpn135 <--> pptp (202.198.96.135)
Wed May 10 21:19:44 2017 daemon.warn pppd[3891]: Non-zero Async Control Character Maps are not supported!
Wed May 10 21:19:44 2017 daemon.warn pppd[3891]: Non-zero Async Control Character Maps are not supported!
Wed May 10 21:19:44 2017 daemon.info pppd[3806]: LCP terminated by peer (Q^Y#M-a^@<M-Mt^@^@^CM-.)
Wed May 10 21:19:47 2017 daemon.notice pppd[3806]: Connection terminated.
Wed May 10 21:19:47 2017 daemon.notice pppd[3806]: Modem hangup

编辑路由器中pppd中的options的文件，添加内容为

refuse-eap
refuse-pap

并且注释掉lock：

[root@PandoraBox_FF6F1A:/root]#cat /etc/ppp/options
#debug
logfile /dev/null
noipdefault
noaccomp
nopcomp
nocrtscts
refuse-eap
refuse-pap
#lock
maxfail 0
#PPP超时参数设置
lcp-echo-failure 15  #发送间隔秒
lcp-echo-interval 3  #重复次数

主要的原因是MS-CHAP v2验证方式

Perl 子程序(函数)

Perl 子程序可以出现在程序的任何地方，语法格式如下：

sub subroutine{
   statements;
}

调用子程序语法格式

subroutine( 参数列表 );

在 Perl 5.0 以下版本调用子程序方法如下

&subroutine( 参数列表 );
向子程序传递参数

Perl 子程序可以和其他编程一样接受多个参数，子程序参数使用特殊数组 @_ 标明。

因此子程序第一个参数为 $_[0], 第二个参数为 $_[1], 以此类推。

不论参数是标量型还是数组型的，用户把参数传给子程序时，perl默认按引用的方式调用它们。

子程序返回值

子程序可以向其他编程语言一样使用 return 语句来返回函数值。

如果没有使用 return 语句，则子程序的最后一行语句将作为返回值。

#!/usr/bin/perl

# 方法定义
sub add_a_b{
   # 不使用 return
   $_[0]+$_[1];  

   # 使用 return
   # return $_[0]+$_[1];  
}
print add_a_b(1, 2)
Perl 包和模块

Perl 中每个包有一个单独的符号表，定义语法为：

package mypack;

例子程序：

文件名为db_operate.pm的库perl文件

#!/usr/bin/perl -w

use strict;
use DBI;

package sql;
sub execute {
        my $host = "localhost";
        my $driver = "Pg";
        my $database = "library";
        my $user = "admin";
        my $passwd = "157359";

        my $stmt = $_[0];
        my $dsn = "DBI:$driver:dbname=$database;host=127.0.0.1;port=5432";;
        my $dbh = DBI->connect($dsn,$user,$passwd) or die $DBI::errstr;
        my $sth = $dbh->prepare($stmt);
        $sth->execute();

        my @array;
        while ( my @row = $sth->fetchrow_array() ) {
                push(@array,[@row]);
        }

        return @array;

        $sth->finish();
        $dbh->disconnect;

}
1;              #不添加执行db_test.cgi时会出现错误db_operate.pm did not return a true value at db_test.cgi line 7.
                #                              BEGIN failed--compilation aborted at db_test.cgi line 7.

文件名为db_test.cgi文件去调用模块文件db_operate.pm中的包sql里的execute函数，传入参数为$sql，传出参数为@array:

#!/usr/bin/perl -w

use strict;
use JSON;
use CGI;
use Encode;
use db_operate;   #调用模块文件db_operate.pm,还可用require函数调用文件，但是其调用方式为require db_operate.om;

my $sql = "select * from lib_user";
my @array = sql::execute($sql);        #调用sql包中的execute函数，其参数为$sql
my $json = decode_utf8(encode_json \@array);
my $q = new CGI;
print $q->header(-charset=>'utf-8',-type=>'application/json');
print $json;

变量名约定

以下设置了比较常用的变量名命名方法：

$dsn    驱动程序对象的句柄
$dbh    一个数据库对象的句柄
$sth    一个语句或者一个查询对象的句柄
$h      通用的句柄 ($dbh, $sth, 或 $drh)，依赖于上下文
$rc     操作代码返回的布什值（true 或 false）
$rv     操作代码返回的整数值
@ary    查询返回的一行值的数组（列表）
$rows   操作代码返回的行数值
$fh     文件句柄
undef   NULL 值表示未定义
\%attr  引用属性的哈希值并传到方法上

数据库连接

#!/usr/bin/perl

use DBI;
use strict;

my $driver   = "Pg"; 
my $database = "testdb";
my $dsn = "DBI:$driver:dbname=$database;host=127.0.0.1;port=5432";  #这里要注意：；
my $userid = "admin";
my $password = "157359";
my $dbh = DBI->connect($dsn, $userid, $password) or die $DBI::errstr;

print "Opened database successfully\n";

DBI的API说明：

DBI->connect($data_source, "userid", "password", %attr)
建立数据库连接或会话，请求数据源。如果连接成功，则返回一个数据库句柄对象。

数据源的形式如 : DBI:Pg:dbname=$database;host=127.0.0.1;port=5432
PG是PostgreSQL驱动程序名称，testdb的数据库的名称。

在本机测试封装包的db_operate.pm:

#!/usr/bin/perl -w

use strict;
use DBI;

package sql;
sub execute {
        my $host = "localhost";
        my $driver = "Pg";
        my $database = "library";
        my $user = "admin";
        my $passwd = "157359";

        my $stmt = $_[0];
        my $dsn = "DBI:$driver:dbname=$database;host=127.0.0.1;port=5432";;
        my $dbh = DBI->connect($dsn,$user,$passwd) or die $DBI::errstr;
        my $sth = $dbh->prepare($stmt);
        $sth->execute();

        my @array;
        while ( my @row = $sth->fetchrow_array() ) {
                push(@array,[@row]);
        }

        return @array;

        $sth->finish();
        $dbh->disconnect;

}
1;

网页访问CGI文件时出现错误，错误如下

Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator at root@localhost to inform them of the time this error occurred, and the actions you performed just before this error.
More information about this error may be available in the server error log.

主要是引文CGI文件中没有输出header头文件：

#!/usr/bin/perl
use JSON;

my $q = new CGI;
my %rec_hash = ('a' => 1, 'b' => 2, 'c' => 3, 'd' => 4, 'e' => 5);
my $json = encode_json \%rec_hash;
print "$json";

添加以下几行即可解决：

use CGI;
my $q = new CGI;
print $q->header();

在终端会输出html的部分头：

[root@bogon cgi-bin]# perl test.cgi
Content-Type: application/json; charset=UTF-8

{"e":5,"c":3,"a":1,"b":2,"d":4}