Working with Task Chains

Task chains enable you to automate and schedule the execution of a series of repetitive tasks that you need to perform regularly, such as scans and bruteforce attacks. A task chain defines the tasks that will run, the settings for each task, and the conditions required for the execution of those tasks. You create a task chain by adding the tasks you want to it, configuring the settings you want the tasks to use, arranging the tasks in the order you want them to run, and defining the schedule that it should follow.

Creating a Task Chain

  1. From within a project, select Tasks > Chains from the Project tab bar. The task chains list appears.
  2. Click the New Task Chain button.

    New task chain
    The New Task Chain page appears.
  3. Enter a name for the task chain in the Task Chain Name field.

  4. Click the '+' button to add a task.



    The task list appears.
  5. Select a task from the list.


    A new task bubble appears on the task chain and the task configuration page displays below the task chain.

  6. Configure the task as you usually would.

After you configure the task, you can add additional tasks to the task chain. When you finish building the task chain, you can create a schedule for the task chain or you can save the task chain to run on demand.

Adding a Task to a Task Chain

To add a task to a task chain, click the '+' Add task button.

When you click the '+' button, the task list appears and shows you the tasks that can be added to the task chain.

After you add the task, a new task bubble appears on the task chain, and the task configuration form displays below the task chain.

The task bubble displays the tasks' position in the task chain. A task in the first position displays a number '1', a task in the second position displays a number '2', and so forth. You can click the task bubble and drag it to reposition it in the task chain.

Any task bubble highlighted in red indicates that the task has not been configured correctly and the task chain cannot be saved. You can click on the task to fix the issues on the task form.

Cloning a Task

When you clone a task, you are adding a copy of the task to the end of the task chain. You can move or modify the task as needed.

You should only clone tasks that are highlighted in blue, which indicate that there are no errors in the task configuration.

To clone a task, click the task you want to clone to select it.

Then, click the Clone button located in the task chain tool bar.

The cloned task will be added to the end of the task chain.

If you need to reposition the task in the task chain, click on the task and drag it to the position you want it to appear in the task chain.

Rearranging Tasks in a Task Chain

To move a task to a different position in the task chain, click the task bubble and drag it to reposition it in the task chain.

After you reposition the task, the position that displays in the task bubble is updated. A task in the first position displays a number '1', a task in the second position displays a number '2', and so forth.

Adding a Post-Exploitation Module to a Task Chain

Post-exploitation is the phase that occurs after the system successfully exploits the target. It is the process that you use to identify information that helps you gain further access to the target or to additional systems within the target’s internal networks.

When you manually run an attack against a target and get an active session, Metasploit Pro provides actions that you can take against the session. The actions are available on the session page and vary based on the session type, such as shell or Meterpreter, and system information. For example, if the system opens a shell on a target, the actions that you can take include opening a command shell that connects to the target and collecting system data. If the system opens a Meterpreter session, you can do things like set up a proxy pivot or access the file system.

Using the target system information, automatically displays the post-exploitation modules that are applicable to the target. This makes it easy for you to identify and choose the post-exploitation modules that you want to run against the target.

When you work with task chains, the post-exploitation process is completely manual. You must search for the post-exploitation modules that you want to use based on the information that you have about the target. For example, if you know the target is a Windows system, and you want to capture screenshots, you may want to add a module task to your task chain that runs post/Windows/gather/screenshot. Or if you know your target is a Linux system, and you want to collect hashes, you may want to run post/linux/gather/hashdump.

Removing a Task from a Task Chain

To remove a task from a task chain, click the task you want to delete to select it.

Then, click the Delete button located in the task chain toolbar.

A dialog window will appear and prompt you to confirm that you want to delete the task. Click OK to delete the task from the task chain.

You can only remove one task at a time. If you need to remove multiple tasks, please repeat the steps listed above or reset the task chain. For more information on resetting the task chain, see Resetting a Task Chain .

After you remove a task from the task chain, you will not be able to recover the task. You will need to rebuild the task.

Clearing the Project Data before a Task Chain Runs

If you want to clear the project data before the task chain runs, you can enable the Delete previous project data option.

Task Chain Scheduler

Any and all data stored in the project, including hosts, collected evidence, session information, reports, and credentials will be wiped from the project. Enable this option only if you want to start the task chain with an empty project. Data cannot be recovered after it has been cleared from the project.

Resetting a Task Chain

You can reset a task chain to clear all of the tasks from it. A task chain reset will remove all tasks and their configurations from the task chain. This action cannot be reverted.

To reset a task chain, click the Reset button located in the task chain toolbar.

A dialog window will appear and prompt you to confirm that you want to reset the task chain. Click OK to reset it.

Running a Task Chain

You can run task chains on demand or outside the scope of its schedule.

To run a task chain, select Tasks > Chains from the Project tab bar.

Select the task chain that you want to run.

Task chains list

Click the Run Now button.

A dialog window will appear and prompt you to confirm that you want to run the task chain. Click OK to run it.