To use other installed tools with the Metasploit, such as, Nmap, you will need to setup a SOCKS proxy for the installed tools to proxy through the compromised target and the new route have defined using either one of the two methods listed above.

To create the SOCKS proxy there is a fantastic Metasploit module that can easily spawn a SOCKS proxy server already associated with the network routes listed in Metasploit. Use the below module:

· "auxiliary/server/socks_proxy"

Once the module has been run and you have made note on what port you have set the SOCKS proxy to run on; we can look at the configuration of our local machine to correctly see the SOCKS proxy. Setting up a SOCKS proxy with Linux hosts is fairly simple, all we need to is navigate to the following file:

· "/etc/proxychains4.conf"

Within the above file we can make an entry to point to the proxy server we have just spun up in Metasploit, like so:

· "socks5 127.0.0.1 1080"

The entry should be made at the bottom of the file under the header "[ProxyList]" as shown in the above image. When completed you can use any local tool with the proxy via the command proxychains before the tool name, for example with nmap you would use the following:

· "proxychains nmap -sT <Target>"

‍