From e7e0503f3eece81c24f5cf92b91cc34f0257493e Mon Sep 17 00:00:00 2001
From: Matthew Kienow <matthew_kienow@rapid7.com>
Date: Mon, 14 Jan 2019 23:26:00 -0500
Subject: [PATCH 1/3] Add Metasploit data web service rackup file

---
 msf-ws.ru | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 msf-ws.ru

diff --git a/msf-ws.ru b/msf-ws.ru
new file mode 100644
index 0000000000..df44bfbb29
--- /dev/null
+++ b/msf-ws.ru
@@ -0,0 +1,20 @@
+# msf-ws.ru
+# Metasploit data web service
+
+require 'pathname'
+@framework_path = '.'
+root = Pathname.new(@framework_path).expand_path
+@framework_lib_path = root.join('lib')
+$LOAD_PATH << @framework_lib_path unless $LOAD_PATH.include?(@framework_lib_path)
+
+require 'msfenv'
+
+if ENV['MSF_LOCAL_LIB']
+  $LOAD_PATH << ENV['MSF_LOCAL_LIB'] unless $LOAD_PATH.include?(ENV['MSF_LOCAL_LIB'])
+end
+
+# Note: setup Rails environment before calling require
+require 'msf/core/web_services/metasploit_api_app'
+
+# run Msf::WebServices::JsonRpcApp
+run MetasploitApiApp

From 7f20c75cb327d2c5a1b3a09c7db75253d11b2d10 Mon Sep 17 00:00:00 2001
From: Matthew Kienow <matthew_kienow@rapid7.com>
Date: Mon, 14 Jan 2019 23:27:17 -0500
Subject: [PATCH 2/3] Use static rackup file from framework directory

---
 msfdb | 53 +----------------------------------------------------
 1 file changed, 1 insertion(+), 52 deletions(-)

diff --git a/msfdb b/msfdb
index a711f8933f..c85d9c966f 100755
--- a/msfdb
+++ b/msfdb
@@ -32,7 +32,7 @@ require 'msf/util/helper'
 @db_conf = "#{@localconf}/database.yml"
 
 @ws_tag = 'msf-ws'
-@ws_conf = "#{@localconf}/#{@ws_tag}-config.ru"
+@ws_conf = File.join(@framework, "#{@ws_tag}.ru")
 @ws_ssl_key_default = "#{@localconf}/#{@ws_tag}-key.pem"
 @ws_ssl_cert_default = "#{@localconf}/#{@ws_tag}-cert.pem"
 @ws_log = "#{@localconf}/logs/#{@ws_tag}.log"
@@ -398,60 +398,12 @@ def status_web_service
 end
 
 def init_web_service
-  if File.file?(@ws_conf)
-    puts "Found web service config at #{@ws_conf}, checking to see if it is started"
-    start_web_service(expect_auth: true)
-    return
-  end
-
   if @options[:ws_user].nil?
     @msf_ws_user = ask_value('Initial MSF web service account username?', @msf_ws_user)
   else
     @msf_ws_user = @options[:ws_user]
   end
 
-  # Write a default Rack config file for the web service
-  Dir.mkdir(@localconf) unless File.directory?(@localconf)
-  # TODO: free the REST API from all of these requirements
-  File.open(@ws_conf, 'w') do |f|
-    f.puts <<~EOF
-      # #{File.basename(@ws_conf)}
-      # created on: #{Time.now.utc}
-
-      @framework_path = '#{@framework}'
-      $LOAD_PATH << @framework_path unless $LOAD_PATH.include?(@framework_path)
-
-      require File.expand_path('./config/boot', @framework_path)
-      require 'metasploit/framework/parsed_options/remote_db'
-      require 'msf/core/web_services/metasploit_api_app'
-
-      def require_environment!(parsed_options)
-        # RAILS_ENV must be set before requiring 'config/application.rb'
-        parsed_options.environment!
-        ARGV.replace(parsed_options.positional)
-
-        # allow other Rails::Applications to use this command
-        if !defined?(Rails) || Rails.application.nil?
-          # @see https://github.com/rails/rails/blob/v3.2.17/railties/lib/rails/commands.rb#L39-L40
-          require File.expand_path('./config/application', @framework_path)
-        end
-
-        # have to configure before requiring environment because
-        # config/environment.rb calls initialize! and the initializers will use
-        # the configuration from the parsed options.
-        parsed_options.configure(Rails.application)
-
-        Rails.application.require_environment!
-      end
-
-      parsed_options = Metasploit::Framework::ParsedOptions::RemoteDB.new
-      require_environment!(parsed_options)
-
-      run MetasploitApiApp
-    EOF
-  end
-  File.chmod(0640, @ws_conf)
-
   if @options[:ssl] && ((!File.file?(@options[:ssl_key]) || !File.file?(@options[:ssl_cert])) ||
       (@options[:ssl_key] == @ws_ssl_key_default && @options[:ssl_cert] == @ws_ssl_cert_default))
     generate_web_service_ssl(key: @options[:ssl_key], cert: @options[:ssl_cert])
@@ -541,9 +493,6 @@ end
 
 def delete_web_service
   stop_web_service
-  if File.file?(@ws_conf) && ask_yn("Delete MSF web service configuration at #{@ws_conf}?")
-    File.delete(@ws_conf)
-  end
 end
 
 def reinit_web_service

From c1fe3340062d783fcaf7ae8c76cfa8b1165b7a6e Mon Sep 17 00:00:00 2001
From: Matthew Kienow <matthew_kienow@rapid7.com>
Date: Mon, 14 Jan 2019 23:29:11 -0500
Subject: [PATCH 3/3] Remove unused code

---
 msfdb | 1 -
 1 file changed, 1 deletion(-)

diff --git a/msfdb b/msfdb
index c85d9c966f..9164f3a4c7 100755
--- a/msfdb
+++ b/msfdb
@@ -508,7 +508,6 @@ def generate_web_service_ssl(key:, cert:)
   end
 
   puts 'Generating SSL key and certificate for MSF web service'
-  # @ssl_cert = Rex::Socket::SslTcpServer.ssl_generate_certificate
   @ssl_key, @ssl_cert, @ssl_extra_chain_cert = Rex::Socket::Ssl.ssl_generate_certificate
 
   # write PEM format key and certificate